urlscan.io logo urlscan.io
SecurityTrails logo

www.phillyvoice.com Open in urlscan Pro
199.232.194.217  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Submission: On January 10 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 58 IPs in 6 countries across 37 domains to perform 341 HTTP transactions. The main IP is 199.232.194.217, located in United States and belongs to FASTLY, US. The main domain is www.phillyvoice.com. The Cisco Umbrella rank of the primary domain is 460176.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q2 on April 25th 2023. Valid for: a year.
This is the only time www.phillyvoice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
36 199.232.194.217 54113 (FASTLY)
6 18.239.36.101 16509 (AMAZON-02)
1 1 3.229.139.252 14618 (AMAZON-AES)
1 2600:9000:268... 16509 (AMAZON-02)
34 178.79.242.139 22822 (LLNW)
2 18.66.112.45 16509 (AMAZON-02)
17 2400:52e0:1e0... 200325 (BUNNYCDN)
8 18.239.36.15 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
8 199.232.198.217 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 108.138.1.25 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
19 52.45.134.225 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 199.232.192.134 54113 (FASTLY)
1 18.66.112.59 16509 (AMAZON-02)
4 18.66.122.80 16509 (AMAZON-02)
1 23.35.236.201 16625 (AKAMAI-AS)
4 2001:4860:480... 15169 (GOOGLE)
3 2600:9000:249... 16509 (AMAZON-02)
6 34.197.189.247 14618 (AMAZON-AES)
1 104.18.115.97 13335 (CLOUDFLAR...)
1 18.203.91.46 16509 (AMAZON-02)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.181.230 15169 (GOOGLE)
7 151.101.64.134 54113 (FASTLY)
1 52.216.93.187 16509 (AMAZON-02)
2 2600:9000:206... 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 18.239.69.94 16509 (AMAZON-02)
1 99.86.4.71 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
8 18.239.81.30 16509 (AMAZON-02)
4 13.227.219.113 16509 (AMAZON-02)
1 13.32.27.78 16509 (AMAZON-02)
4 13.32.99.122 16509 (AMAZON-02)
25 2600:9000:20b... 16509 (AMAZON-02)
3 2600:9000:244... 16509 (AMAZON-02)
1 18.239.36.11 16509 (AMAZON-02)
20 13.32.99.80 16509 (AMAZON-02)
10 18.239.83.35 16509 (AMAZON-02)
12 34.202.84.237 14618 (AMAZON-AES)
4 130.211.115.4 396982 (GOOGLE-CL...)
4 54.76.200.175 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 199.232.198.49 54113 (FASTLY)
1 15.197.193.217 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2800:3f0:4001... 15169 (GOOGLE)
1 52.57.206.170 16509 (AMAZON-02)
341 58
36    199.232.194.217 (United States)

ASN54113 (FASTLY, US)
www.phillyvoice.com
media.phillyvoice.com
6    18.239.36.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-101.ams58.r.cloudfront.net
assets.revcontent.com
1    3.229.139.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-139-252.compute-1.amazonaws.com
www.civicscience.com
1    2600:9000:2682:c200:f:c7b3:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2zqfs55y95cft.cloudfront.net
34    178.79.242.139 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-139.fra.llnw.net
player.anyclip.com
config.anyclip.com
assets.anyclip.com
cdn5.anyclip.com
2    18.66.112.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-45.fra56.r.cloudfront.net
cdn.bibblio.org
17    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
a.optmnstr.com
a.omappapi.com
8    18.239.36.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-15.ams58.r.cloudfront.net
ads.adthrive.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
11    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    199.232.198.217 (United States)

ASN54113 (FASTLY, US)
media.phillyvoice.com
1    2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
19    52.45.134.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-134-225.compute-1.amazonaws.com
pixel.anyclip.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
6    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
phillyvoice.disqus.com
referrer.disqus.com
1    18.66.112.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-59.fra56.r.cloudfront.net
api.omappapi.com
4    18.66.122.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-80.fra60.r.cloudfront.net
api.bibblio.org
1    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2600:9000:2491:3800:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr-wrapper.privacymanager.io
6    34.197.189.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-189-247.compute-1.amazonaws.com
trafficmanager.anyclip.com
1    104.18.115.97 (None, )

ASN13335 (CLOUDFLARENET, US)
ipv4.icanhazip.com
1    18.203.91.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-91-46.eu-west-1.compute.amazonaws.com
vid.springserve.com
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
7    151.101.64.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
1    52.216.93.187 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
anyclip-player.s3.amazonaws.com
2    2600:9000:206f:a000:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr.privacymanager.io
2    2606:4700:4400::6812:2b5a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    18.239.69.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-94.ams58.r.cloudfront.net
launchpad-wrapper.privacymanager.io
1    99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
8    18.239.81.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-81-30.ams58.r.cloudfront.net
aax.amazon-adsystem.com
4    13.227.219.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-113.ams54.r.cloudfront.net
trends.revcontent.com
1    13.32.27.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-78.fra56.r.cloudfront.net
launchpad.privacymanager.io
4    13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net
geo.privacymanager.io
25    2600:9000:20b4:2400:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.disquscdn.com
3    2600:9000:2447:4600:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.ad-score.com
1    18.239.36.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-11.ams58.r.cloudfront.net
img.revcontent.com
20    13.32.99.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-80.fra60.r.cloudfront.net
cmp-consent-tool.privacymanager.io
10    18.239.83.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-35.ams58.r.cloudfront.net
images.revcontent.com
12    34.202.84.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-84-237.compute-1.amazonaws.com
marketplace.anyclip.com
4    130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
4    54.76.200.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-200-175.eu-west-1.compute.amazonaws.com
yeet.revcontent.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    199.232.198.49 (United States)

ASN54113 (FASTLY, US)
a.disquscdn.com
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
8    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2800:3f0:4001:82c::2003 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    52.57.206.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-206-170.eu-central-1.compute.amazonaws.com
tlx.3lift.com
Apex Domain
Subdomains		 Transfer
71 anyclip.com
player.anyclip.com — Cisco Umbrella Rank: 16705
config.anyclip.com — Cisco Umbrella Rank: 23070
pixel.anyclip.com — Cisco Umbrella Rank: 15299
trafficmanager.anyclip.com — Cisco Umbrella Rank: 22062
assets.anyclip.com — Cisco Umbrella Rank: 22178
cdn5.anyclip.com — Cisco Umbrella Rank: 22173 Failed
marketplace.anyclip.com — Cisco Umbrella Rank: 16189
3 MB
44 phillyvoice.com
www.phillyvoice.com — Cisco Umbrella Rank: 460176
media.phillyvoice.com — Cisco Umbrella Rank: 255786
963 KB
31 privacymanager.io
gdpr-wrapper.privacymanager.io — Cisco Umbrella Rank: 20246
gdpr.privacymanager.io — Cisco Umbrella Rank: 28858
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3854
launchpad.privacymanager.io — Cisco Umbrella Rank: 3300
geo.privacymanager.io — Cisco Umbrella Rank: 2674
cmp-consent-tool.privacymanager.io — Cisco Umbrella Rank: 43384
765 KB
27 disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 5225
a.disquscdn.com — Cisco Umbrella Rank: 17297
704 KB
25 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 11092
trends.revcontent.com — Cisco Umbrella Rank: 3703
img.revcontent.com — Cisco Umbrella Rank: 15811
images.revcontent.com — Cisco Umbrella Rank: 13473
yeet.revcontent.com — Cisco Umbrella Rank: 13092
367 KB
16 optmnstr.com
a.optmnstr.com — Cisco Umbrella Rank: 79167
77 KB
15 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
22 KB
13 disqus.com
phillyvoice.disqus.com
disqus.com — Cisco Umbrella Rank: 1931
referrer.disqus.com — Cisco Umbrella Rank: 7213
112 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
79 KB
10 gstatic.com
fonts.gstatic.com
csi.gstatic.com
128 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
15 KB
8 adthrive.com
ads.adthrive.com — Cisco Umbrella Rank: 6779
405 KB
7 ad-score.com
js.ad-score.com — Cisco Umbrella Rank: 5038
data.ad-score.com — Cisco Umbrella Rank: 4832
184 KB
6 bibblio.org
cdn.bibblio.org — Cisco Umbrella Rank: 134138
api.bibblio.org — Cisco Umbrella Rank: 67302
25 KB
5 btloader.com
btloader.com — Cisco Umbrella Rank: 1738
api.btloader.com — Cisco Umbrella Rank: 1905
18 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
imasdk.googleapis.com — Cisco Umbrella Rank: 639
369 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
ad.doubleclick.net — Cisco Umbrella Rank: 199
167 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2295
140 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1774
1 KB
2 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 8442
api.omappapi.com — Cisco Umbrella Rank: 8671
5 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
162 KB
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 991
592 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
17 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
425 B
1 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1218
28 KB
1 amazonaws.com
anyclip-player.s3.amazonaws.com
39 KB
1 springserve.com
vid.springserve.com — Cisco Umbrella Rank: 10726
439 B
1 icanhazip.com
ipv4.icanhazip.com — Cisco Umbrella Rank: 11372
382 B
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 811
67 KB
1 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 2890
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 6
408 B
1 cloudfront.net
d2zqfs55y95cft.cloudfront.net
1 civicscience.com
www.civicscience.com — Cisco Umbrella Rank: 27831
113 B
0 casalemedia.com Failed
htlb.casalemedia.com Failed
0 sharethrough.com Failed
btlr.sharethrough.com Failed
0 unrulymedia.com Failed
targeting.unrulymedia.com Failed
0 acquireinsight.net Failed
p.acquireinsight.net Failed
341 37
Domain Requested by
43 media.phillyvoice.com www.phillyvoice.com
media.phillyvoice.com
25 c.disquscdn.com disqus.com
c.disquscdn.com
www.phillyvoice.com
20 cmp-consent-tool.privacymanager.io gdpr.privacymanager.io
cmp-consent-tool.privacymanager.io
19 pixel.anyclip.com www.phillyvoice.com
18 cdn5.anyclip.com www.phillyvoice.com
player.anyclip.com
16 a.optmnstr.com www.phillyvoice.com
a.optmnstr.com
12 marketplace.anyclip.com www.phillyvoice.com
player.anyclip.com
11 assets.anyclip.com player.anyclip.com
www.phillyvoice.com
11 www.google-analytics.com www.phillyvoice.com
www.google-analytics.com
10 images.revcontent.com www.phillyvoice.com
8 pagead2.googlesyndication.com imasdk.googleapis.com
8 fonts.gstatic.com fonts.googleapis.com
8 aax.amazon-adsystem.com c.amazon-adsystem.com
8 ads.adthrive.com www.phillyvoice.com
ads.adthrive.com
7 disqus.com phillyvoice.disqus.com
c.disquscdn.com
6 trafficmanager.anyclip.com player.anyclip.com
6 assets.revcontent.com www.phillyvoice.com
assets.revcontent.com
4 referrer.disqus.com c.disquscdn.com
www.phillyvoice.com
4 yeet.revcontent.com assets.revcontent.com
4 data.ad-score.com js.ad-score.com
4 geo.privacymanager.io gdpr.privacymanager.io
launchpad.privacymanager.io
4 trends.revcontent.com assets.revcontent.com
4 region1.google-analytics.com www.googletagmanager.com
4 api.bibblio.org cdn.bibblio.org
4 player.anyclip.com www.phillyvoice.com
player.anyclip.com
3 js.ad-score.com assets.revcontent.com
js.ad-score.com
3 api.btloader.com btloader.com
3 gdpr-wrapper.privacymanager.io ads.adthrive.com
gdpr.privacymanager.io
3 c.amazon-adsystem.com ads.adthrive.com
c.amazon-adsystem.com
2 csi.gstatic.com imasdk.googleapis.com
2 a.disquscdn.com www.phillyvoice.com
c.disquscdn.com
2 imasdk.googleapis.com player.anyclip.com
imasdk.googleapis.com
2 fonts.googleapis.com client
2 cdn.confiant-integrations.net ads.adthrive.com
cdn.confiant-integrations.net
2 gdpr.privacymanager.io gdpr-wrapper.privacymanager.io
cmp-consent-tool.privacymanager.io
2 ad-delivery.net www.phillyvoice.com
2 phillyvoice.disqus.com www.phillyvoice.com
phillyvoice.disqus.com
2 btloader.com 1 redirects www.phillyvoice.com
2 securepubads.g.doubleclick.net ads.adthrive.com
securepubads.g.doubleclick.net
2 www.googletagmanager.com www.phillyvoice.com
www.googletagmanager.com
2 cdn.bibblio.org www.phillyvoice.com
1 tlx.3lift.com player.anyclip.com
1 s0.2mdn.net imasdk.googleapis.com
1 match.adsrvr.org player.anyclip.com
1 img.revcontent.com www.phillyvoice.com
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 cdn.id5-sync.com www.phillyvoice.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 launchpad-wrapper.privacymanager.io ads.adthrive.com
1 anyclip-player.s3.amazonaws.com www.phillyvoice.com
1 ad.doubleclick.net www.phillyvoice.com
1 vid.springserve.com player.anyclip.com
1 ipv4.icanhazip.com player.anyclip.com
1 ads.pubmatic.com assets.revcontent.com
1 api.omappapi.com a.optmnstr.com
1 a.omappapi.com a.optmnstr.com
1 www.google.co.uk www.phillyvoice.com
1 www.google.com www.phillyvoice.com
1 config.anyclip.com player.anyclip.com
1 stats.g.doubleclick.net www.google-analytics.com
1 d2zqfs55y95cft.cloudfront.net www.phillyvoice.com
1 www.civicscience.com 1 redirects
1 www.phillyvoice.com
0 htlb.casalemedia.com Failed player.anyclip.com
0 btlr.sharethrough.com Failed player.anyclip.com
0 targeting.unrulymedia.com Failed player.anyclip.com
0 p.acquireinsight.net Failed www.phillyvoice.com
341 67
Subject Issuer Validity Valid
*.phillyvoice.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-25 -
2024-05-26		 a year crt.sh
revcontent.com
Amazon RSA 2048 M02		 2023-05-18 -
2024-06-16		 a year crt.sh
*.anyclip.com
Go Daddy Secure Certificate Authority - G2		 2023-05-15 -
2024-06-15		 a year crt.sh
cdn.bibblio.org
Amazon RSA 2048 M01		 2023-03-23 -
2024-04-20		 a year crt.sh
a.optmnstr.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.adthrive.com
Amazon RSA 2048 M01		 2023-05-06 -
2024-06-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-13 -
2024-04-20		 a year crt.sh
a.omappapi.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
api.opmnstr.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-07		 a year crt.sh
api.bibblio.org
Amazon RSA 2048 M02		 2023-07-11 -
2024-08-08		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-07 -
2024-04-06		 a year crt.sh
*.springserve.com
Amazon RSA 2048 M01		 2023-08-02 -
2024-08-30		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
a.disquscdn.com
Amazon RSA 2048 M01		 2023-08-31 -
2024-09-27		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2023-09-02 -
2024-10-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.disquscdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-07-11 -
2024-08-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh

This page contains 10 frames:

Primary Page: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Frame ID: 4B252F563491F35E7A2EAD68D38F4F2E
Requests: 230 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/8a23b6a/html/i.html
Frame ID: C3EC48B274C651CB1F0B3A3B153A73E9
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&s_o=default
Frame ID: 32CFB85D60AD8FFBC28CBAEDE5A2E614
Requests: 27 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice
Frame ID: 8DD05D163F94DD4A6D99222BE0903E03
Requests: 20 HTTP requests in this frame

Frame: https://cmp-consent-tool.privacymanager.io/latest/index.html
Frame ID: E9EE833E9AE9ABB816A8230C8FBECC86
Requests: 21 HTTP requests in this frame

Frame: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&imaw=0&wf=1
Frame ID: 9DE48C0301548A25D9604695E20D8B74
Requests: 20 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?v=762b2b3&pid=1000177
Frame ID: 26AA8E64ECE799FFFC6F51FC9A8E120F
Requests: 2 HTTP requests in this frame

Frame: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/sync.js?ts=1704892774376
Frame ID: C13361775F97EF003335111664789CA6
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: 8FDC5E4CF0A3D9459A31E0B00D471600
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A1F21DE2B4FF8D01D95BA9C07A291D20
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hershey Company data breach may have impacted 2,200 people | PhillyVoice

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • rx(?:\.\w+)?(?:\.compat|\.global)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • zip\.co
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Page Statistics

341
Requests

94 %
HTTPS

40 %
IPv6

37
Domains

67
Subdomains

58
IPs

6
Countries

7646 kB
Transfer

17387 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://www.civicscience.com/jspoll/4/civicscience-widget.js HTTP 302
  • https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Request Chain 61
  • https://btloader.com/tag?o=5698917485248512&upapi=true&domain=phillyvoice.com HTTP 302
  • https://btloader.com/tag?o=5698917485248512&domain=phillyvoice.com&upapi=true

341 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.phillyvoice.com/hershey-company-phishing-data-breach/ 		80 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3819d40ab57d6954801b68bc3fa8a7c1616ac4907416e09d92da4dc5cf2e89d5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-length
16633
content-type
text/html; charset=utf-8
date
Wed, 10 Jan 2024 13:19:33 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-frame-options
SAMEORIGIN
x-served-by
cache-lcy-eglc8600026-LCY
x-timer
S1704892773.095014,VS0,VE774
delivery.js
assets.revcontent.com/master/ 		162 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-101.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30e942decdbf47bf968e350c0cb9b3c53a7bd993f7fb6c72c3a026433a51cd6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:38:52 GMT
content-encoding
gzip
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 18:14:16 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
76559
x-amz-server-side-encryption
AES256
etag
W/"139e813e920abb2c744fef954882f626"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
tSoHIgaRh5qJ8xlKC4fz5jRzhsSvTTd2PsSzWCi3YzRlgZVD_MK5sg==
csw-polyfills.js
d2zqfs55y95cft.cloudfront.net/jspoll/5/
Redirect Chain
  • https://www.civicscience.com/jspoll/4/civicscience-widget.js
  • https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Server
2600:9000:2682:c200:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Redirect headers

location
https://d2zqfs55y95cft.cloudfront.net:443/jspoll/5/csw-polyfills.js
date
Wed, 10 Jan 2024 13:19:34 GMT
server
awselb/2.0
content-length
110
content-type
text/html
output.5c94b398586a.css
media.phillyvoice.com/static/CACHE/css/ 		252 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c94b398586a1c2dee4de8138cba5cef404d3670e33cc2e70277657fd88a5932

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:33 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
EH4JMWP8APCMWW55
age
129635
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
28916
x-amz-id-2
vTgFqcnKOoWRG1Os6Ekp2fIK4IinJaRuV9zhKpict9f3HkMcdt1yy8Bwg6kjYzZUE4uY81QLwrY=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Fri, 29 Sep 2023 00:07:17 GMT
server
AmazonS3
x-timer
S1704892774.926534,VS0,VE1
etag
"00bc12f25e583955bb05f873e28fe252"
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
WSFS_1818MarketOpening_SELECTS_034.2e16d0ba.fill-220x140.jpg
media.phillyvoice.com/media/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/WSFS_1818MarketOpening_SELECTS_034.2e16d0ba.fill-220x140.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d1cb15097af3162b11e00bc64f9769362cdfc4eeae7de33d8fd1de1e901c277

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:33 GMT
via
1.1 varnish
x-amz-request-id
7QG21YG4J92N3ZGX
age
44291
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
11116
x-amz-id-2
v5fRnRM8EOPwYwQFlOgpWKA6FIT8vX2iL/084/6fSzrth5QutOoli+5z1Yf6nKkBdGXm4G4WDmM=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Tue, 09 Jan 2024 21:59:48 GMT
server
AmazonS3
x-timer
S1704892774.926669,VS0,VE1
etag
"d21b40d186e2857a6eee65daff58b1f5"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
Building_Trades-Keyy_Ryan_Ross.2e16d0ba.fill-220x140.jpg
media.phillyvoice.com/media/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/Building_Trades-Keyy_Ryan_Ross.2e16d0ba.fill-220x140.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2667997051b9b0ff6723ccf1824a9a5aaea1096aed7e4364b9af548a663ca93c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:33 GMT
via
1.1 varnish
x-amz-request-id
YSDB9RXDDWNFHCX3
age
39181
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
10082
x-amz-id-2
YnQk7Bs9y7mhA3rFCYKObLw4NvAuGoJVAmQTU7wK3HlFD37ugL/3nptFZpvaFduHyCFEPnUfr94=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Fri, 05 Jan 2024 15:44:32 GMT
server
AmazonS3
x-timer
S1704892774.926532,VS0,VE1
etag
"0c567e7dec17ee073e1b9081cc13796d"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
iStock-598238288.2e16d0ba.fill-220x140.jpg
media.phillyvoice.com/media/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/iStock-598238288.2e16d0ba.fill-220x140.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
389fa65aa13e9d98968a0c8c72aa84c1b64041812371a51f670b1d3de191f155

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:33 GMT
via
1.1 varnish
x-amz-request-id
A8J28V7010BZGEQH
age
132832
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
6395
x-amz-id-2
ks1IU1+3vBFiSFHnnhbLkitN0xrGI/KqAmoRV/uV215Uw+kQj1OZr/mqfee7+2WpmQe/BeG5wSE=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Mon, 08 Jan 2024 15:27:26 GMT
server
AmazonS3
x-timer
S1704892774.960550,VS0,VE1
etag
"1a8d590febc32ae770ed2d0a1f056e88"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
iStock-499334271.2e16d0ba.fill-220x140.jpg
media.phillyvoice.com/media/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/iStock-499334271.2e16d0ba.fill-220x140.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4afa54a9d1c1c981cc8362a6b9c3c9c068128286d59959eee3eb7092663e6d6f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:33 GMT
via
1.1 varnish
x-amz-request-id
0V6B5G2PNW3JEZQN
age
132832
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
9376
x-amz-id-2
Pd3SH5LxSJj8pJrHuRrCZid2f4vbh02mhscKdD6NgdmtZw/NR938fmk1jdCqwOa7YLjTZF6m61Q=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Tue, 02 Jan 2024 18:18:10 GMT
server
AmazonS3
x-timer
S1704892774.984818,VS0,VE1
etag
"82ee2f256923317f8075cbb85a3aace0"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
John_Paul_Titlow.2e16d0ba.fill-54x45-c0.png
media.phillyvoice.com/media/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/John_Paul_Titlow.2e16d0ba.fill-54x45-c0.png
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ab10b3e87626322051812fe2b00503afa995e661bcdafd1198dffac97cb7529

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:33 GMT
via
1.1 varnish
x-amz-request-id
2EPGXENNRFFB20F2
age
124071
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3504
x-amz-id-2
pgbFGB1U1CGnOQAf064gpuoWFHQO+9ubnX/QlcOlabaLF+12y6U4yW8oKHC3uDOLKRiHeQDopAM=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Thu, 06 Jul 2023 16:30:10 GMT
server
AmazonS3
x-timer
S1704892774.994130,VS0,VE1
etag
"ab0227394cb5e4e3a416a490b74ad4aa"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
John_Paul_Titlow.2e16d0ba.fill-108x90-c0.png
media.phillyvoice.com/media/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/John_Paul_Titlow.2e16d0ba.fill-108x90-c0.png
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
829696d77292eb1050ed6359137e0ffde644e07d3b0427fb34bc13bef2fbb8ed

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:33 GMT
via
1.1 varnish
x-amz-request-id
2EPH7S5Y2X2X61R2
age
22489
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
10279
x-amz-id-2
Xsxpf7BnyUmsWUPv1xXNvwIikktUL95irLxJHScHbvYDlFpWncXq9AxxkLLrAY1KKCuXtQY3fl8=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Thu, 06 Jul 2023 16:30:10 GMT
server
AmazonS3
x-timer
S1704892774.994528,VS0,VE1
etag
"5cf18069d869615f299bf1d598a3f1c6"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
lre.js
player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/ 		1 MB
347 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
686546c8c4a3cd36e2af329852a8273310a63667490776837e58c8abac57907c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
bzOylD6bbyhZW03011zAtA2oRtuv7w2A
content-encoding
gzip
date
Wed, 10 Jan 2024 13:19:34 GMT
x-amz-request-id
WX71YTARGADEZDEN
age
7481
x-amz-server-side-encryption
AES256
content-length
354327
x-amz-id-2
+rYc+7gYJvDOxMefDpuUkpleDi5zunP0rKVP/vDXfn4V+BqrrdAne/I/ruHv9m2fYzkmSN80y38=
last-modified
Tue, 09 Jan 2024 09:30:46 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
x-llid
6c744c7fdd7625a4c8bada8998a5fc79
expires
Wed, 10 Jan 2024 11:15:53 GMT
Building_Trades-Keyy_Ryan_Ross.2e16d0ba.fill-265x140.jpg
media.phillyvoice.com/media/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/Building_Trades-Keyy_Ryan_Ross.2e16d0ba.fill-265x140.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83c7a3b97b11a14554d378995d6b2654dd97facebac7e7cb6526570039faf923

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:33 GMT
via
1.1 varnish
x-amz-request-id
MR4EJWQ2FF1GFVJZ
age
423136
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
11844
x-amz-id-2
HSOgYvMZ3lvSUbYes/9lYqAKTn2iKQYjVjMSl0jlRc9EoMsbX3g6MG71HQ4PnAek906Ptsbd95Y=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Fri, 05 Jan 2024 15:47:14 GMT
server
AmazonS3
x-timer
S1704892774.993780,VS0,VE1
etag
"9319bb2a736ab0664bf0ac283a845d29"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
NJSP.Winterjpg.2e16d0ba.fill-265x140.jpg
media.phillyvoice.com/media/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/NJSP.Winterjpg.2e16d0ba.fill-265x140.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e9554bb00cf7f136d7be0008850ce64972e0edce1c342217ac77d4626e9a0d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:33 GMT
via
1.1 varnish
x-amz-request-id
Y5PZ2BGARS8Q16ZY
age
39180
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
15560
x-amz-id-2
+Nqel6HhhJ1li/TuUS3/I3qOIdqnOFsBrIzMZJHwkatpIYhLAxZvcTv2i2oW20X4wUreZu/Jgmt1Eg315aQgSMOzQCt9Dh52
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Tue, 26 Dec 2023 13:56:05 GMT
server
AmazonS3
x-timer
S1704892774.994621,VS0,VE1
etag
"c8a7c8a43ec5631480eb7198dc5ee5cf"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
1824_william_penn_statue_welcome_D.2e16d0ba.fill-100x100.png
media.phillyvoice.com/media/images/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/1824_william_penn_statue_welcome_D.2e16d0ba.fill-100x100.png
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c921f811b232ea60c21f0d71bd9fa49d1fec0fbc3bbd521b1f7449c3c570e2ee

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
KWPPHRFBD8N03KAB
age
77053
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
31512
x-amz-id-2
TSf31JVzci2rx1okwEQOQYzcCTls5Rcku0X/p34hfo+SBlpIkjW70LVdLE/kXPrHuYCmwtcR2mw=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Tue, 09 Jan 2024 01:16:29 GMT
server
AmazonS3
x-timer
S1704892774.067116,VS0,VE1
etag
"eb495b956a4f996fb99d5ac6d9777af3"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
IBEW-Native-010424-AllStarClassicCharity.max-125x32.png
media.phillyvoice.com/media/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/IBEW-Native-010424-AllStarClassicCharity.max-125x32.png
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
919dfe657543000dd154fcca63c23e2586c785b9dc45208c8ac4263ddef8f359

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
KWTBJZA622DY4B8R
age
423084
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
4094
x-amz-id-2
ZcJboNsOAeI2WhHGmfbLSdr89Q323tj4ID2E+ZkKxO6QVSS24f4ApA0g937bGHI+3BruHsZMcG9c8bXUx1lkDAwEsHv5Q4pJI5D/MBN16WU=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Fri, 05 Jan 2024 15:42:43 GMT
server
AmazonS3
x-timer
S1704892774.068140,VS0,VE2
etag
"f7030c4bcdc7f04174f50eab89f817c4"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
Building_Trades-Keyy_Ryan_Ross.2e16d0ba.fill-100x100.jpg
media.phillyvoice.com/media/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/Building_Trades-Keyy_Ryan_Ross.2e16d0ba.fill-100x100.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ef15b4d96802277eab3d0f92afbb05709610c48df42c985bb9296dc373a58ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
KWTDNY1N8TTWZK4M
age
423085
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
4410
x-amz-id-2
xYDa9wPBoN0ODFRPeYG5aWLzRLKeTicDwjMlxpeX0kzvFv7BKY3rFn9q9BBJ8JOEnBaPIbDWW+k=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Fri, 05 Jan 2024 15:47:41 GMT
server
AmazonS3
x-timer
S1704892774.067914,VS0,VE3
etag
"db90aadc8ff42965ed8841e1e9c8c817"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
30-15-304217_IBC_LF_Logo_195x33_DB.focus-none.max-125x32.jpg
media.phillyvoice.com/media/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/30-15-304217_IBC_LF_Logo_195x33_DB.focus-none.max-125x32.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be28ece83c132cabc27db97101c66d744eb49f62ae9398d4960420e4fbffb788

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
ZXPAF4B9A2TAQ88E
age
39180
x-cache
HIT
content-length
1877
x-amz-id-2
0ka4YVjooLrpSM5eWoUeR9gRjPyt0cgAc1wr7rMZtUjHpJ+YNzMZbTUy/CfsG/ReOErjcZ3/gec/gHP2a9/wEY9avHicX7dm
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Tue, 14 Jan 2020 19:38:49 GMT
server
AmazonS3
x-timer
S1704892774.067927,VS0,VE1
etag
"7a9155ddec3ef2075489d14a8f1b6556"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
accept-ranges
bytes
x-cache-hits
1
010824-cyberbullying-social-media-.2e16d0ba.fill-100x100.jpg
media.phillyvoice.com/media/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/010824-cyberbullying-social-media-.2e16d0ba.fill-100x100.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e9e429943eb80b33a77fd7db1dfac28450d4193c2f85cdd1e14961ec75c00fc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
QFTWKBM9XB2X8HH4
age
77053
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3316
x-amz-id-2
Yol0qbYqc9iy4XXNgcMVL0E9fW/ApxQQtH7+Eh6mQ0K7674zq6DyqCqQapXf+1sTT38cy90KCLk=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Mon, 08 Jan 2024 22:29:26 GMT
server
AmazonS3
x-timer
S1704892774.067889,VS0,VE1
etag
"2f7e311a6b03bef434869964ccf81a2c"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
1824_Bastia_Clam.2e16d0ba.fill-100x100.jpg
media.phillyvoice.com/media/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/1824_Bastia_Clam.2e16d0ba.fill-100x100.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0121334152c00f6c20d9358ed821405a6a508590c162d1d3378aa7ae77c2fbd3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
QFTS2E0N2YRK5A4H
age
77053
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
4924
x-amz-id-2
QUO01r0rGUtxsEI8SAjlgONk3PvVtn8HT9lS76tP/Ph3E3dwpdxUJAh0En83E1Hwy0Rzl/nibfIs7Izmt5ZpKg==
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Tue, 09 Jan 2024 15:55:16 GMT
server
AmazonS3
x-timer
S1704892774.069297,VS0,VE1
etag
"abcb25d5f6fce48788bd080739d8700b"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
USATSI_18660410.19465ac5.fill-100x100.jpg
media.phillyvoice.com/media/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/USATSI_18660410.19465ac5.fill-100x100.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4142fde7575500ca365c1c635e9867b14717de85fef6c23edcb3f321d1a0dd3e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
7HP71J389H4ACF4P
age
33929
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
4260
x-amz-id-2
mlAHcRphO+wC7XCXbpmdQad1K2tmN3S27rck244tYtzuGt/oXG8+iUJVd8d31+1XogszUK7N5j0=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Tue, 09 Jan 2024 00:46:00 GMT
server
AmazonS3
x-timer
S1704892774.070279,VS0,VE1
etag
"abd30a6d06e886a422d665489ab2e1ef"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
010724-dancing-with-the-stars-tour.e4e3f263.fill-100x100.jpg
media.phillyvoice.com/media/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/010724-dancing-with-the-stars-tour.e4e3f263.fill-100x100.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20a6631c1e9c4cce3e6723c982d15d6e2a2eb8d0e46953470b87fa7d6fa34911

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
JH39SG23VCE5VGWN
age
166375
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
5394
x-amz-id-2
FfGCQzZfopJJGtbWuGPgcvB3Y3zokKyPF25UvPdvPIAlcd3j8WwjxeOJNCJmz3Mfa0yJfA2aG5Y=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Mon, 08 Jan 2024 15:06:33 GMT
server
AmazonS3
x-timer
S1704892774.069701,VS0,VE1
etag
"4b48999e712f01e08aeb625a603e7479"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
WSFS-Native-010824-WSFSBankingOffice_L7Rbksl.max-125x32.png
media.phillyvoice.com/media/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/WSFS-Native-010824-WSFSBankingOffice_L7Rbksl.max-125x32.png
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
483cba00344b6d06c2cd464bc5e4976d18f08d459670437d4c388de7a707ccbf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
M24J2Q6R3SVT26NB
age
55152
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
4736
x-amz-id-2
tVN4xvgn14vlvmBXfFrc0upnZjr5PiaFwsXSGagACXOANZLvTAIG2kQGkQJzIc8k4e3QFClezCMutYs+/+DMhg==
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Tue, 09 Jan 2024 22:00:10 GMT
server
AmazonS3
x-timer
S1704892774.069056,VS0,VE1
etag
"abae811eaa6ad2de098bf9e97c2c2275"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
WSFS_1818MarketOpening_SELECTS_034.2e16d0ba.fill-100x100.jpg
media.phillyvoice.com/media/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/WSFS_1818MarketOpening_SELECTS_034.2e16d0ba.fill-100x100.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee3290884ddb68ea67df3c6c9147f0331486d0a91b41e5a2b6788805a9b9c40c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
M24J7MECSYCX4F3X
age
55152
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
4313
x-amz-id-2
zkwu3AZg3oNl/SBLlNylBG8ovf3k8wxEF3RC5daMt7mLmM9Ov19Myv00Ltl7RxQ7oRa3YSLygy8=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Tue, 09 Jan 2024 22:00:11 GMT
server
AmazonS3
x-timer
S1704892774.070103,VS0,VE0
etag
"aafaf9891de69a2fcf1bb1fbb342a72b"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
2
Corolla195x33.max-125x32.png
media.phillyvoice.com/media/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/Corolla195x33.max-125x32.png
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23643c91acb4cc30c22720da5b351321198a2a688ed97f09fb1f242928ca307a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
BJNXJSWZY4D39M10
age
111903
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
2619
x-amz-id-2
/sGoUU5nytgQv7E0604jwIkeGGOe0DW8VrncH1IJVL1Eoqv7SRWnlllSbma0I51iZEr1xfoCizms3yhrJXxzdA==
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Wed, 01 Nov 2023 13:40:55 GMT
server
AmazonS3
x-timer
S1704892774.069068,VS0,VE1
etag
"5bf7bd3f2fdb7f88a319b01335f427fd"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
WildHorses_Beach_cobx.2e16d0ba.fill-100x100.jpg
media.phillyvoice.com/media/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/WildHorses_Beach_cobx.2e16d0ba.fill-100x100.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c53027d0d9e66f048642d2c82571b1e81269c5254d6636a6fa17fedf3a1de7a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
E70C7ASCAFGVGG0K
age
556231
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3925
x-amz-id-2
LMiQEk31ivCcPiCBKfoJxz5iV2lCbx254n78tlwiHNbRDqYg2LOlT/beYwi+TDj7U8GJ4kQzo7w=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Wed, 01 Nov 2023 13:40:55 GMT
server
AmazonS3
x-timer
S1704892774.069515,VS0,VE2
etag
"bb41e3cdfa32abff31270a2f16759f90"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
MidLanticUrology-Native-010424-MensHealth.max-125x32.png
media.phillyvoice.com/media/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/MidLanticUrology-Native-010424-MensHealth.max-125x32.png
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
997c96b846b89b38f7791f733a81241d74aacfeeb4b2a0b39783ddf93b524126

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
PR63S5GPGNXCBZ9G
age
138283
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
5062
x-amz-id-2
h0JRNvaDqKr/ExvmO4S32wB0hIxF5z5zykKHcra1VzZ3ZDg0Fh5FnAo1SzsnbyXwpxn1RaHl1sw=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Mon, 08 Jan 2024 15:41:47 GMT
server
AmazonS3
x-timer
S1704892774.069902,VS0,VE1
etag
"7f6df5e3c5d6652974217935471d55d5"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
iStock-598238288.2e16d0ba.fill-100x100.jpg
media.phillyvoice.com/media/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/iStock-598238288.2e16d0ba.fill-100x100.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab093739460cdb8e720f9ca177561ee8cbc84d481b0e29e5331f223b2197ac89

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
01X4PHBAAT8M7KKH
age
138283
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3131
x-amz-id-2
y+byPnqGsu6y+J2Yrh8LREsELS/eRXAniRMsKaw1asu0KRhc1BC7S1lRcIIMeQDSd0H7aGYWzsI=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Mon, 08 Jan 2024 22:54:39 GMT
server
AmazonS3
x-timer
S1704892774.069434,VS0,VE1
etag
"72e22af7c1cdab4027ab7a7750686591"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
a_k_home_list_bdg.focus-none.max-125x32.png
media.phillyvoice.com/media/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/a_k_home_list_bdg.focus-none.max-125x32.png
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ae3a5f0775491c796d593e1eb24f44d7c8b6fffa49e06311d4d839f8c589e03

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
MEQT1B49FXFR9YKT
age
0
x-cache
MISS
content-length
6368
x-amz-id-2
MRLG9avVAB6CtqbjQdZUmN4Oe5tE8k+vkeFLCqTbl30+BPn5X/HDXyODhtqcNI7Stmsor2oHgvY=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Tue, 14 Jan 2020 23:23:19 GMT
server
AmazonS3
x-timer
S1704892774.069068,VS0,VE346
etag
"ba0ff5be20f8b86d5b855cd330341e68"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://www.phillyvoice.com
accept-ranges
bytes
x-cache-hits
0
101renaissancedrive.2e16d0ba.fill-100x100.png
media.phillyvoice.com/media/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/101renaissancedrive.2e16d0ba.fill-100x100.png
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91bda20f16f3de281dc6158ff6f3c116748a357804f5d500e88f0ffc1b38b26e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
3BCWJ40PE6DE69TM
age
168673
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
30788
x-amz-id-2
BVdP2CRniSwgdAl6EINgo/X5d7/b/AFrl25ZIS5ZgOcEcXPNnAx+8MARfXOWapmHqleS0el5GYY=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Fri, 13 Oct 2023 20:15:58 GMT
server
AmazonS3
x-timer
S1704892774.069261,VS0,VE2
etag
"13177734b766b8de11f11ad5006518c0"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
IBC-Native-122623-FirePrevent.max-125x32.png
media.phillyvoice.com/media/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/IBC-Native-122623-FirePrevent.max-125x32.png
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
836ac34459527c5310b65b0235edfa389a838f1967367ef56e50cec8a0e61b4b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
A1D7TJ2851XPYFHV
age
35510
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3649
x-amz-id-2
MBVqgNnPDXLvjGuVBAl/diBqfZlNLmtZyNSa+hgdKINPMfs0IozxHlxLP8UBCtAtQFHgoThgYBs=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Tue, 26 Dec 2023 19:10:42 GMT
server
AmazonS3
x-timer
S1704892774.069110,VS0,VE1
etag
"c32e5819c0dc30d0e871effbf5ae4902"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
iStock-1366696075.2e16d0ba.fill-100x100.jpg
media.phillyvoice.com/media/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/iStock-1366696075.2e16d0ba.fill-100x100.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d4cf701c6a27087c5ecb7fee468e0bfd379a2fa962885fd2c05d45f8ed84f7f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
AMAGKRNAY50MHH13
age
114310
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3889
x-amz-id-2
s1wsGhcty4UBS6r6mLtlmGhiTjtgTwqOrCtdEtktnASQmt0rMjo6vgizWe5N9NN4m3aot+KQrmQ=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Tue, 26 Dec 2023 19:27:47 GMT
server
AmazonS3
x-timer
S1704892774.070512,VS0,VE1
etag
"1571ec4e4bd153cbd8dedff1f8602c1e"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
NJDOT-Native-122123-NJStatePolice.max-125x32.png
media.phillyvoice.com/media/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/NJDOT-Native-122123-NJStatePolice.max-125x32.png
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a37a9a008a78a5368b01d766beb019718b732fed454c11cafebc34dc33315853

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
AR52J65V3EH6HXDS
age
559783
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
4572
x-amz-id-2
7RNreWp9TbPceq5ZCjkquBMZXiM/5aXNEiIo1apeyRC2mhjDSopnNzsEMn7VH/QyE3m+xkhBO+2dQNS0nLPYIhPZVg55lU6DJsQTPAbMsp4=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Fri, 22 Dec 2023 14:09:39 GMT
server
AmazonS3
x-timer
S1704892774.068908,VS0,VE2
etag
"4a7b7b995be32f0ab26397fd49f40088"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
NJSP.Winterjpg.2e16d0ba.fill-100x100.jpg
media.phillyvoice.com/media/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/media/images/NJSP.Winterjpg.2e16d0ba.fill-100x100.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fd2294d4ce97d4f96df1a602aa0b230cf716b3978991081fbdbfa03960f74e7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
AR510JJ3JB3B75G5
age
42510
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
4914
x-amz-id-2
/q9qLLrOnytzBjAHIUXbRMcapZ34uGhmhIAr3s8RZosrf8rHTEm39pf0W0WcC/03PffmZS1mdjs=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Fri, 22 Dec 2023 14:09:39 GMT
server
AmazonS3
x-timer
S1704892774.068894,VS0,VE1
etag
"d263aba00fb4f460e9545cf9bb7a2e06"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
output.37d97397ed69.js
media.phillyvoice.com/static/CACHE/js/ 		155 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.phillyvoice.com/static/CACHE/js/output.37d97397ed69.js
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37d97397ed69dda8810dc5a88e36fed97ba0e0aedac0fb213a858788155646d4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:33 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
M4ZJHTE7W43DA9N6
age
482146
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
51925
x-amz-id-2
CDhh9no2ft8E8tGJAUZVDdu+osXglDXKPSsk5gZKTetGaD4Q+y5x0AcXItUJarZB39RpyJDxGFYGAwC2S+1wig==
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Tue, 10 Oct 2023 05:42:02 GMT
server
AmazonS3
x-timer
S1704892774.993847,VS0,VE1
etag
"0d24484f8cc72d216c81a6d24401215e"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
25
bib-related-content.min.css
cdn.bibblio.org/rcm/4.22/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.bibblio.org/rcm/4.22/bib-related-content.min.css
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-45.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b285fad82222aa0c37224c3092334f1142df37b585282c759b5e24e790b29d58

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 02:56:25 GMT
content-encoding
gzip
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jul 2021 11:56:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
3666190
etag
W/"1235dfee3854f21993ec298579e7241f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
NRfHYCd1GmAlwRse4UqLjvTb0UhHiEnZo9YNxBYEVjNClXBkJYFpHQ==
bib-related-content.min.js
cdn.bibblio.org/rcm/4.22/ 		66 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bibblio.org/rcm/4.22/bib-related-content.min.js
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-45.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d9d911c6954410ba7678cf34a4f24189e65e75e1862e470cb73ad7b9e0c36ca

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 22:43:57 GMT
content-encoding
gzip
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jul 2021 11:56:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
3681338
etag
W/"4123ef0690496604f9962d57d9f8cc88"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
tvR0VPfBkhc8uhiJKtx__KagzQeMh1p_qailSYUxMxhmHmrnBDG70g==
api.min.js
a.optmnstr.com/app/js/ 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.optmnstr.com/app/js/api.min.js
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
83c03c13ae512aeaf45b9a54c62dad09b5d833edae4f2459d3f71f2a3f2744aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
cdn-edgestorageid
1080
perma-cache
HIT
cdn-storageserver
DE-664
cdn-cachedat
01/08/2024 14:07:46
cdn-pullzone
293267
last-modified
Tue, 12 Dec 2023 19:57:29 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
383
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6578bb29-cb9a"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
8ee1832075ffc880b2c4ee940f2c7164
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ads.min.js
ads.adthrive.com/sites/60d494780560fb0f830b8bdc/ 		94 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/60d494780560fb0f830b8bdc/ads.min.js?referrer=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&cb=2
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-15.ams58.r.cloudfront.net
Software
CloudFront /
Resource Hash
ceefa6ab5a962fa3c47736906dfe1a37ef10597c2caae9e7c5d4b1b1c503e1e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

adthrive-bucket
prod
date
Wed, 10 Jan 2024 12:36:11 GMT
content-encoding
gzip
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
adthrive-deployment
stable
x-amz-cf-pop
AMS58-P2
age
2603
adthrive-commit
8a23b6a
x-cache
Hit from cloudfront
content-length
26185
adthrive-gdpr
true
pragma
no-cache
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, must-revalidate, s-maxage=28800
x-amz-cf-id
ZH8Tim5v0EKAEsGasFmwdA6TIQ37Aei5O7Y3SZishIqHF58C8i-XBg==
expires
0
gtm.js
www.googletagmanager.com/ 		231 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TMX5L69
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c45a16fbbc2a3d79845d55b65499f519884fabc669da40cebf8e51ec8cc6bbe2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77173
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Jan 2024 13:19:34 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 Jan 2024 11:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5477
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 10 Jan 2024 13:48:17 GMT
menu-button.png
media.phillyvoice.com/static/global/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/static/global/images/menu-button.png
Requested by
Host: media.phillyvoice.com
URL: https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b3619ba0f3f071878ec3ebbaa1bc319d42d4ad3460242b426c607467866441b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
523522KAETMMDVVF
age
103100
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1766
x-amz-id-2
MEwJhEuOZI5DOkzcp1rkQFe32Fk/ZYsT0UmLmL93wh0EXuOkBYDocG3+hpbdQvZjD0XvkAiIZx4=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Fri, 15 Sep 2023 14:08:18 GMT
server
AmazonS3
x-timer
S1704892774.009928,VS0,VE1
etag
"14bfd43ae5d4c7a4708534cc89b55a1a"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
philly-voice-logo.png
media.phillyvoice.com/static/global/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/static/global/images/philly-voice-logo.png
Requested by
Host: media.phillyvoice.com
URL: https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92fdc61d6ff37b6fe4139cd8dffcceceddfa4ec5c9f13b27ea08e489bd8f09b7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
YP7W9S643HFVVGG8
age
19242
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
5052
x-amz-id-2
0aIYdzDOYZgxxtes7/KJWBA46XKTHdIfDV7FaA7iaFae9rAUY+TZe2ePuFU2qBFjQgYxR1PDJlc=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Fri, 15 Sep 2023 14:08:20 GMT
server
AmazonS3
x-timer
S1704892774.009776,VS0,VE1
etag
"5ee3b30db194a480d2dad87215e4d108"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
truncated
/ 		554 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
491027f2b675c1856c257d93a5f556401a8e4d368190224157f5deafd335969f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
circleplus.png
media.phillyvoice.com/static/global/images/ 		267 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/static/global/images/circleplus.png
Requested by
Host: media.phillyvoice.com
URL: https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60c756504310b86bd48d4f2766ef440afa96b42258a772157638fbdb2816bd55

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
2J9JSNJKXE7CE1MJ
age
16427
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
267
x-amz-id-2
hnIaj8wqRrjN3XbJcziX1Q8j6nQdLFZvg/9eirS2xUwnT1d4gSWhfTpCp7f4WV0dEdIBWWjQJeXFP2tkTOhp32cgt1CA9pT2
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Fri, 15 Sep 2023 14:08:22 GMT
server
AmazonS3
x-timer
S1704892774.012722,VS0,VE1
etag
"cb80c8907b41bf68a51a4fb492bb5fff"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
lines-header.png
media.phillyvoice.com/static/global/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/static/global/images/lines-header.png
Requested by
Host: media.phillyvoice.com
URL: https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4b817b2c1ef5443a2dff03e8938f4ae3e74eb91bfd3af7d8257f871208fe1b7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
ZJV40S5EDSH75BN0
age
28685
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1937
x-amz-id-2
HMMtimTV2rPf9VKrQvBjrBhKfCwiy4CrcWH6GZG/FUMhi6ewmGxFIrh0VHCZpFEX727x7LQOczM=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Tue, 10 Oct 2023 05:38:31 GMT
server
AmazonS3
x-timer
S1704892774.068889,VS0,VE1
etag
"b2b0385e43d4f6c72e26a3df428c1afa"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
ClearSans-Regular.woff
media.phillyvoice.com/static/global/fonts/ 		128 KB
128 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.phillyvoice.com/static/global/fonts/ClearSans-Regular.woff
Requested by
Host: media.phillyvoice.com
URL: https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4fe9aaa99bae15c3c5a8f13ff68bfea4bb63c488962c4a0d4fdff717884553c

Request headers

Referer
https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Origin
https://www.phillyvoice.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
9Y55H021EM3TZW3P
age
27825
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
130846
x-amz-id-2
nOXG5McGyzHFi4s3H5MBhTdU8GNznvk2cMvc/lDbxp6Bu4NudqWCsXcZROTcrYciuxveal80Tjg=
x-served-by
cache-lcy-eglc8600030-LCY
last-modified
Fri, 15 Sep 2023 14:08:32 GMT
server
AmazonS3
x-timer
S1704892774.054932,VS0,VE3
etag
"2ea640a7b9802752b71fa6564b2d22ca"
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
DroidSerif.ttf
media.phillyvoice.com/static/global/fonts/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.phillyvoice.com/static/global/fonts/DroidSerif.ttf
Requested by
Host: media.phillyvoice.com
URL: https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41e65b30dd61b843736933e031f31393e9db4cdbabaeded0f541a2df4efcf2f8

Request headers

Referer
https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Origin
https://www.phillyvoice.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
161YW9V5W39JGYYN
age
39180
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
43648
x-amz-id-2
TlFjSOWXUG258RTabQJid32BFk7DTy//NHbEdznFCVBgKL4RTX9jWIzJ9ds1CVNZN5vgGRZ8VbI=
x-served-by
cache-lcy-eglc8600030-LCY
last-modified
Fri, 15 Sep 2023 14:08:35 GMT
server
AmazonS3
x-timer
S1704892774.055497,VS0,VE1
etag
"df20289f30fbc45183808a4fba6128e3"
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
ClearSans-Bold.woff
media.phillyvoice.com/static/global/fonts/ 		114 KB
114 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.phillyvoice.com/static/global/fonts/ClearSans-Bold.woff
Requested by
Host: media.phillyvoice.com
URL: https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11ebec2c6b408cc5c74f54ce352588752464a82e6322e9a209dcfe6e0dfef533

Request headers

Referer
https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Origin
https://www.phillyvoice.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
96XGYZ33MA8F6WEQ
age
39180
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
116584
x-amz-id-2
k8aB0hhd3iH+BKeBk05NQgkVt/asoyaK8PTs+if4I4G/j/M//SKtnqIGbudKDI/rFdxzTDan6s+q+H6rcjUIgg==
x-served-by
cache-lcy-eglc8600030-LCY
last-modified
Fri, 15 Sep 2023 14:08:32 GMT
server
AmazonS3
x-timer
S1704892774.054934,VS0,VE2
etag
"4cf6f681b05ddc6375e51c804a496fe2"
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
ClearSans-Thin.woff
media.phillyvoice.com/static/global/fonts/ 		117 KB
117 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.phillyvoice.com/static/global/fonts/ClearSans-Thin.woff
Requested by
Host: media.phillyvoice.com
URL: https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67957d46198640346a360e7ed8ebe6ded55a819ba1fda808216de43b07505e45

Request headers

Referer
https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Origin
https://www.phillyvoice.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
RGJS8QRRCN378GP2
age
558038
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
119542
x-amz-id-2
Xliom1nGVgAaKUUVtpck9EncDfZFUXsqxQCCHkmIblAfvieUL/MAtpwOmR6JRNokvnvskr1w5lk=
x-served-by
cache-lcy-eglc8600030-LCY
last-modified
Fri, 15 Sep 2023 14:08:32 GMT
server
AmazonS3
x-timer
S1704892774.055282,VS0,VE2
etag
"a493884b8da5e40a49761e45e26632b7"
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
DroidSerif-Italic.ttf
media.phillyvoice.com/static/global/fonts/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.phillyvoice.com/static/global/fonts/DroidSerif-Italic.ttf
Requested by
Host: media.phillyvoice.com
URL: https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40af94e599b6a6082cd5f571f4571e90eaafbeed148ab16384e268101f8d79af

Request headers

Referer
https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Origin
https://www.phillyvoice.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
K80463NG36027A1P
age
30021
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
40416
x-amz-id-2
gdBiZUusGen2d8eREwSYOlr2dhbmA136VOBEgKjgMFnvC+sJ7EcS8Rys3TZ5owj/uhuJvtitUc1PFkkBbX5wUgj5D6BCN0RekMbgWQ38rOs=
x-served-by
cache-lcy-eglc8600030-LCY
last-modified
Fri, 15 Sep 2023 14:08:34 GMT
server
AmazonS3
x-timer
S1704892774.055284,VS0,VE2
etag
"31682d25f82942b5e25f8959a3c80b45"
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
fontawesome-webfont.woff
media.phillyvoice.com/static/global/fonts/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.phillyvoice.com/static/global/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by
Host: media.phillyvoice.com
URL: https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer
https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Origin
https://www.phillyvoice.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
161VBZ1P1T3ZD0T3
age
39180
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
98024
x-amz-id-2
yHwAI5mr1iLYXmycD+9uNxFAGOZvkjgfF/RQP7dbFm4OhoLb/ptMgAIZWWJydryjw5rzk4SuvTo=
x-served-by
cache-lcy-eglc8600030-LCY
last-modified
Fri, 15 Sep 2023 14:08:31 GMT
server
AmazonS3
x-timer
S1704892774.055284,VS0,VE1
etag
"fee66e712a8a08eef5805a46892932ad"
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
DroidSerif-BoldItalic.ttf
media.phillyvoice.com/static/global/fonts/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.phillyvoice.com/static/global/fonts/DroidSerif-BoldItalic.ttf
Requested by
Host: media.phillyvoice.com
URL: https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f151bfa44aae2993d5d5a6754c1358ee143f94ff70fb45a6b785250feba45b14

Request headers

Referer
https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Origin
https://www.phillyvoice.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
158YQMBY6BDV4ERE
age
46264
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
45652
x-amz-id-2
ls3PIGncF20EW7WMoe8sZzTNEZNQTvDOM5/rTm2CaNj/f1wRokiojggvCplMDibM7ROojAdqrLw=
x-served-by
cache-lcy-eglc8600030-LCY
last-modified
Fri, 15 Sep 2023 14:08:31 GMT
server
AmazonS3
x-timer
S1704892774.055258,VS0,VE2
etag
"691c78dc10f929faebe0963fba8415eb"
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
collect
www.google-analytics.com/j/ 		3 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1234041965&t=pageview&_s=1&dl=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&ul=en-us&de=UTF-8&dt=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAACAAI~&jid=2032023284&gjid=2094656391&cid=1809648490.1704892774&tid=UA-56540822-1&_gid=350675143.1704892774&_slc=1&cd1=News&cd2=Technology&cd3=Data%20breach&cd4=Pennsylvania&cd5=John%20Paul%20Titlow&cd6=article%20page&cd7=PhillyVoice%20Staff&cd8=12052023&z=1439367246
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:19:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.phillyvoice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-56540822-1&cid=1809648490.1704892774&jid=2032023284&gjid=2094656391&_gid=350675143.1704892774&_u=YGBAgEABAAAAAGAAI~&z=1172203136
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 10 Jan 2024 13:19:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.phillyvoice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
marmalade
ads.adthrive.com/api/v1/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v1/marmalade?siteid=60d494780560fb0f830b8bdc&url=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&deliveryFeatures=rubiconFloors,recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr,prebidLoad,gptLoad,amazonLoad
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/60d494780560fb0f830b8bdc/ads.min.js?referrer=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&cb=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-15.ams58.r.cloudfront.net
Software
/
Resource Hash
d740e3cb2916af5bba823ac87c43d222f577e91190f56105be7117bed560e0fc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
adthrive-is-ios
0
content-encoding
br
via
1.1 2be97027a80b483d863e32bd7fe334e2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
x-amzn-requestid
ac00140f-34fd-4108-8007-c0da15b9a57e
x-amzn-trace-id
Root=1-659e9966-1d8522e679c2b5f40622bca4;Sampled=0;lineage=e948d84a:0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-apigw-id
RUzoCHFqoAMEtew=
x-amz-cf-id
PINSfPXNPRPrK7muEtWlNSIjTGeE1vEtvZHlA37p7vDuwS9GTf_LUg==
adthrive-is-chrome
1
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/60d494780560fb0f830b8bdc/ads.min.js?referrer=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&cb=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 12:34:25 GMT
content-encoding
gzip
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront), 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2710
x-amz-server-side-encryption
AES256
etag
W/"d6937d02acbbf691a008906e9d0617e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
G_Ui0LwjqYHxBawgXdAIKNfQ-6_JmP9cxCVG7MFoObMWVQL0wuMRWA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/60d494780560fb0f830b8bdc/ads.min.js?referrer=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&cb=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
402507faac6e0dadc0a53148c65bf03b89cb36393d668083a127a40505d35ee8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29408
x-xss-protection
0
server
cafe
etag
971 / 19732 / m202401030101 / config-hash: 4331443069357465881
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 13:19:34 GMT
prebid.min.js
ads.adthrive.com/builds/core/8a23b6a/gdpr/vendor/prebid/es2018/ 		597 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/8a23b6a/gdpr/vendor/prebid/es2018/prebid.min.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/60d494780560fb0f830b8bdc/ads.min.js?referrer=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&cb=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-15.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0228dce45d7d5ea9e48b802fd400ec73c1c34f3656ab0760e2951819ce21aaea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
0p6OfrZ5c5OcwRm0qzfJtXeCzG4oFmu1
content-encoding
gzip
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 13:00:31 GMT
last-modified
Tue, 09 Jan 2024 16:26:58 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
1145
x-amz-server-side-encryption
AES256
etag
W/"0d8c361d33c88a6b1455eb62b6b747c9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
VDj5vlqL478obN1urK8o19ZyyYb7zi9g83pxWzlqQNXScGZnrMXVCA==
60d494780560fb0f830b8bdc
ads.adthrive.com/api/v2/raptiveFloors/ 		21 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v2/raptiveFloors/60d494780560fb0f830b8bdc
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/60d494780560fb0f830b8bdc/ads.min.js?referrer=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&cb=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-15.ams58.r.cloudfront.net
Software
/
Resource Hash
8c2226a0954a75f20b36a46ad98f37b4346d7a57167dab2dbab6941f6b50ef74

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 11:43:00 GMT
content-encoding
br
via
1.1 2be97027a80b483d863e32bd7fe334e2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
5794
x-amzn-trace-id
Root=1-659e82c4-28d1fb7b69feeb2e56241921;Sampled=0;lineage=e7e36c41:0
x-amzn-requestid
bbe4a8ab-324f-4bfc-961b-e91ffadc5c20
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
RUlevEqcIAMEBiw=
x-amz-cf-id
gLKR8JMQs1R82_IdjiLy3aIwvCRYO3jduo7QRmqmAha8qSyVn1Zktg==
adthrive.min.js
ads.adthrive.com/builds/core/8a23b6a/es2018/js/ 		736 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/8a23b6a/es2018/js/adthrive.min.js?deployment=stable&bucket=prod&deliveryFeatures=rubiconFloors,recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr,prebidLoad,gptLoad,amazonLoad&siteid=60d494780560fb0f830b8bdc
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/60d494780560fb0f830b8bdc/ads.min.js?referrer=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&cb=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-15.ams58.r.cloudfront.net
Software
CloudFront /
Resource Hash
5ca745b90b5f16618ab4c24e4c6f7e7f488bdc6ba9951eb8dbc72c287cf16a3a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 01:00:26 GMT
content-encoding
gzip
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS58-P2
age
44348
etag
"02ba045957dc7e726b74a8529b7d387c"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600, s-maxage=86400
content-length
194097
x-amz-cf-id
iqiAGBoB-Pvdm0TyAkzNwUQvsSHCFL9kN1egP4Ou7zLM-D_KqN0iFw==
60d494780560fb0f830b8bdc.js
ads.adthrive.com/builds/customizations/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/customizations/60d494780560fb0f830b8bdc.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/60d494780560fb0f830b8bdc/ads.min.js?referrer=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&cb=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-15.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3ec1262654e922fcbfb60747723aa75757f197742549960b894f434740ea408

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
F3jOQbP0u2WkojXc8TdvYeNZYNFy1ePB
content-encoding
br
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 13:11:39 GMT
last-modified
Wed, 13 Dec 2023 18:59:47 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
476
x-amz-server-side-encryption
AES256
etag
W/"ebbd4da1378fb5e2179f7326f22b9a37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
y5EKNBrLFYkbXuiiNeG_YjEHnl97tkkhMk1wukpD4sYGnWqCYms1_Q==
js
www.googletagmanager.com/gtag/ 		250 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PREQSLLLMX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMX5L69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
feda7c1421861cbb76bd4200c1b6627109a92e665c8ef039adf000ffed701096
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87896
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Jan 2024 13:19:34 GMT
tag
btloader.com/
Redirect Chain
  • https://btloader.com/tag?o=5698917485248512&upapi=true&domain=phillyvoice.com
  • https://btloader.com/tag?o=5698917485248512&domain=phillyvoice.com&upapi=true
52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5698917485248512&domain=phillyvoice.com&upapi=true
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f630012a56a92b6f745c6992bb2b672381cdb89311d37c05bd5c6e5cc4c44507

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 12:41:10 GMT
server
cloudflare
age
2147
etag
"b2cd857930a1400a5b30526b22775a43"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
84353660bfe160ee-LHR
content-length
17984

Redirect headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
2000
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
location
/tag?o=5698917485248512&domain=phillyvoice.com&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
8435365fcecd60ee-LHR
conf.js
config.anyclip.com/anyclip-widget/config/phillyvoicecom/0011r00001qbFvJ_372/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://config.anyclip.com/anyclip-widget/config/phillyvoicecom/0011r00001qbFvJ_372/conf.js?cb=62623
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
40ed512e335292a9ee27d0c24fc509fea366d1f88e99c923f43ad7387c826f14

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
scMvxXDVCdcaYo6i7vb5_3XZ8WEHc9Uy
content-encoding
gzip
date
Wed, 10 Jan 2024 13:19:34 GMT
x-amz-request-id
ST1661KDGDREAP6P
age
478
x-amz-server-side-encryption
AES256
x-amz-meta-updatedby
ravid+ops@anyclip.com
content-length
2964
x-amz-id-2
BFVoIy/evd9lsGCsLoYefpponBJXOs7oM4yh2zu+eC/bg5s8hh6lvc8r2gh6M/5SneuWsw0fQrHUz6Pq1vgQqTPtoIweQ2XH
last-modified
Mon, 11 Dec 2023 14:34:00 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public,max-age=1800
accept-ranges
bytes
x-llid
73dd4d159c834fa81e40ff40d52a74cd
vmp.gif
pixel.anyclip.com/ 		35 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=53&val=vjs&wnx=0&abc=&ty=wlo&v=0&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?dom=www.phillyvoice.com&cke=true&lan=en-US&plat=Win32&net=-&ver=js4.1.20.1.1515&dev=desktop&os=Windows&bw=Chrome%2C120&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.216+Safari%2F537.36&url=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&ty=data&rt=98&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
e99cd1cb-ce48-47b9-b15d-e2198c36dbb2
https://www.phillyvoice.com/ 		417 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.phillyvoice.com/e99cd1cb-ce48-47b9-b15d-e2198c36dbb2
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aadceda6ac29f88fdd80f43e6630da80c6f863be565d2205f0c45b1a3066ee2b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
417
Content-Type
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-56540822-1&cid=1809648490.1704892774&jid=2032023284&_u=YGBAgEABAAAAAGAAI~&z=14388852
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:19:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-56540822-1&cid=1809648490.1704892774&jid=2032023284&_u=YGBAgEABAAAAAGAAI~&z=14388852
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:19:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
phillyvoice.disqus.com/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://phillyvoice.disqus.com/embed.js
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
c3d10a5b3b0ade7d9df4f6464c007c96067dde1376fa4a6b11eeeaffb4d36cdd
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
server
openresty
Age
0
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
x-service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
26122
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1234041965&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&ul=en-us&de=UTF-8&dt=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sponsor%20Imps&ea=Impression&el=IBEW-Native-010424-AllStarClassicCharity&_u=aGBAgEABAAAAAGAAI~&jid=&gjid=&cid=1809648490.1704892774&tid=UA-56540822-1&_gid=350675143.1704892774&cd1=News&cd2=Technology&cd3=Data%20breach&cd4=Pennsylvania&cd5=John%20Paul%20Titlow&cd6=article%20page&cd7=PhillyVoice%20Staff&cd8=12052023&z=851494451
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 19:17:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64912
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1234041965&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&ul=en-us&de=UTF-8&dt=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sponsor%20Imps&ea=Impression&el=IBC-Health-040915&_u=aGBAgEABAAAAAGAAI~&jid=&gjid=&cid=1809648490.1704892774&tid=UA-56540822-1&_gid=350675143.1704892774&cd1=News&cd2=Technology&cd3=Data%20breach&cd4=Pennsylvania&cd5=John%20Paul%20Titlow&cd6=article%20page&cd7=PhillyVoice%20Staff&cd8=12052023&z=979771722
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 19:17:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64912
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1234041965&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&ul=en-us&de=UTF-8&dt=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sponsor%20Imps&ea=Impression&el=WSFSBank-Native-010824-BankingOffice&_u=aGBAgEABAAAAAGAAI~&jid=&gjid=&cid=1809648490.1704892774&tid=UA-56540822-1&_gid=350675143.1704892774&cd1=News&cd2=Technology&cd3=Data%20breach&cd4=Pennsylvania&cd5=John%20Paul%20Titlow&cd6=article%20page&cd7=PhillyVoice%20Staff&cd8=12052023&z=147474268
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 19:17:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64912
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1234041965&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&ul=en-us&de=UTF-8&dt=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sponsor%20Imps&ea=Impression&el=CorollaOuterBanks-Native-110123-November&_u=aGBAgEABAAAAAGAAI~&jid=&gjid=&cid=1809648490.1704892774&tid=UA-56540822-1&_gid=350675143.1704892774&cd1=News&cd2=Technology&cd3=Data%20breach&cd4=Pennsylvania&cd5=John%20Paul%20Titlow&cd6=article%20page&cd7=PhillyVoice%20Staff&cd8=12052023&z=1202977763
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 19:17:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64912
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1234041965&t=event&ni=1&_s=6&dl=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&ul=en-us&de=UTF-8&dt=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sponsor%20Imps&ea=Impression&el=MidLanticUrology-Native-010324-MensHealth&_u=aGBAgEABAAAAAGAAI~&jid=&gjid=&cid=1809648490.1704892774&tid=UA-56540822-1&_gid=350675143.1704892774&cd1=News&cd2=Technology&cd3=Data%20breach&cd4=Pennsylvania&cd5=John%20Paul%20Titlow&cd6=article%20page&cd7=PhillyVoice%20Staff&cd8=12052023&z=767779560
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 19:17:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64912
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1234041965&t=event&ni=1&_s=7&dl=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&ul=en-us&de=UTF-8&dt=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sponsor%20Imps&ea=Impression&el=IBEW-Native-010424-AllStarClassicCharity&_u=aGBAgEABAAAAAGAAI~&jid=&gjid=&cid=1809648490.1704892774&tid=UA-56540822-1&_gid=350675143.1704892774&cd1=News&cd2=Technology&cd3=Data%20breach&cd4=Pennsylvania&cd5=John%20Paul%20Titlow&cd6=article%20page&cd7=PhillyVoice%20Staff&cd8=12052023&z=459064725
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 19:17:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64912
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1234041965&t=event&ni=1&_s=8&dl=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&ul=en-us&de=UTF-8&dt=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sponsor%20Imps&ea=Impression&el=AKoons-Native-031423-MoveSouthJersey&_u=aGBAgEABAAAAAGAAI~&jid=&gjid=&cid=1809648490.1704892774&tid=UA-56540822-1&_gid=350675143.1704892774&cd1=News&cd2=Technology&cd3=Data%20breach&cd4=Pennsylvania&cd5=John%20Paul%20Titlow&cd6=article%20page&cd7=PhillyVoice%20Staff&cd8=12052023&z=1757766845
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 19:17:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64912
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1234041965&t=event&ni=1&_s=9&dl=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&ul=en-us&de=UTF-8&dt=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sponsor%20Imps&ea=Impression&el=IBC-Native-122623-FirePrevent&_u=aGBAgEABAAAAAGAAI~&jid=&gjid=&cid=1809648490.1704892774&tid=UA-56540822-1&_gid=350675143.1704892774&cd1=News&cd2=Technology&cd3=Data%20breach&cd4=Pennsylvania&cd5=John%20Paul%20Titlow&cd6=article%20page&cd7=PhillyVoice%20Staff&cd8=12052023&z=1277768562
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 19:17:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64912
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1234041965&t=event&ni=1&_s=10&dl=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&ul=en-us&de=UTF-8&dt=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sponsor%20Imps&ea=Impression&el=NJDOT-Native-122123-NJStatePolice&_u=aGBAgEABAAAAAGAAI~&jid=&gjid=&cid=1809648490.1704892774&tid=UA-56540822-1&_gid=350675143.1704892774&cd1=News&cd2=Technology&cd3=Data%20breach&cd4=Pennsylvania&cd5=John%20Paul%20Titlow&cd6=article%20page&cd7=PhillyVoice%20Staff&cd8=12052023&z=2033657749
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 19:17:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64912
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
api.min.css
a.omappapi.com/app/js/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.css
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
428f350bd53281aeb92b949ccc048356f66823858401537ef57c712bf179fe3e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
cdn-edgestorageid
1082
perma-cache
HIT
cdn-storageserver
DE-599
cdn-cachedat
01/08/2024 14:07:46
cdn-pullzone
293267
last-modified
Tue, 12 Dec 2023 20:02:02 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
383
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6578bc3a-2644"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
09d25c5c32f281db2740ccc99c135923
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
51791
api.omappapi.com/v2/embed/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/51791?d=phillyvoice.com
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
897796055abfcbbd536d68951dfef923918e0e799d3776459994f9efe4cda833

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-cache-config
0 0
x-amz-cf-pop
FRA56-P5
x-cache-status
HIT
x-cache
Miss from cloudfront
x-optinmonster-account
58293
x-user-agent
standard--
last-modified
Fri, 25 Aug 2023 16:58:54 GMT
server
Pagely Gateway/1.5.1
etag
W/"41c815fa4c7f973eb0fe62b7659581d9"
vary
Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-OptinMonster-Account, X-User-Agent
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
x-amz-cf-id
-0lldHWvDijMZ4DrlBhrphO5aPkqRYfsXT-FJpQWYT3JNov9wa0biw==
expires
Wed, 10 Jan 2024 13:13:39 GMT
/
api.bibblio.org/v1/content-item-url-ingestions/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.bibblio.org/v1/content-item-url-ingestions/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-80.fra60.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.phillyvoice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 10 Jan 2024 13:19:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-apigw-id
RUzoFFJkjoEEjUA=
x-amz-cf-id
cGK4oxThh8SYzb60unKT7INnAL6gITVSHW-_QsAXHAU3fqNatwSlNg==
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
5eb94de3-1bdb-4ff7-9e7a-2cfd95a46fdb
x-cache
Miss from cloudfront
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 		222 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:25:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=74139
accept-ranges
bytes
content-length
68444
expires
Thu, 11 Jan 2024 09:55:13 GMT
cs.js
p.acquireinsight.net/1/e/ 		0
0
AHealthierPhillyWht.png
media.phillyvoice.com/static/global/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.phillyvoice.com/static/global/images/AHealthierPhillyWht.png
Requested by
Host: media.phillyvoice.com
URL: https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e64ff225b59b316556e3f729bc753783f2e47676581027adada9d989d9685bde

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 varnish
x-amz-request-id
JNX3P9TJKAH4Z3WF
age
558038
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
8115
x-amz-id-2
+o0c/T7haG4zQf5qjvNaY/44iBk1yf94pacj4iH9MFhjSZuxWmK6od/P+l1knI+47eLMlMLjuvQ=
x-served-by
cache-lcy-eglc8600026-LCY
last-modified
Fri, 15 Sep 2023 14:08:21 GMT
server
AmazonS3
x-timer
S1704892775.539612,VS0,VE4
etag
"27a4f4f16bc90f6c3a2de37bb31c08e9"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
/
api.bibblio.org/v1/content-item-url-ingestions/ 		175 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bibblio.org/v1/content-item-url-ingestions/
Requested by
Host: cdn.bibblio.org
URL: https://cdn.bibblio.org/rcm/4.22/bib-related-content.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-80.fra60.r.cloudfront.net
Software
/
Resource Hash
6daa62ec3812d8c4cc65448351cefcbe9a190ecec9c63cc261d28a851632d5fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
Authorization
Bearer 73233a89-346b-42a3-bda1-5e44337b96b8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amzn-trace-id
Root=1-659e9966-3e86079468b94ff15b3ac751;Sampled=0;lineage=dde96590:0
x-amzn-requestid
01c86839-348e-43dd-994a-1be1ac0d3412
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
RUzoGFDGDoEEieg=
content-length
175
x-amz-cf-id
_d13B3Tc_QPvDMpynk8jlm4fNL8gtjqDJHd53r6ZtVXB-qyI9Ie1gg==
collect
region1.google-analytics.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PREQSLLLMX&gtm=45je4180v870819655z877920174&_p=1704892773979&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10004&cid=1809648490.1704892774&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704892774&sct=1&seg=0&dl=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&dt=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&en=page_view&_fv=1&_ss=1&ep.Section=News&ep.Topic_Tag=Technology&ep.Arbitrary_Tag=Data%20breach&ep.Geographic_Tag=Pennsylvania&ep.Author=John%20Paul%20Titlow&ep.Page_Type=article%20page&ep.Source=PhillyVoice%20Staff&ep.Pub_Date=12052023&ep.Wordcount=327&ep.path_clean=%2Fhershey-company-phishing-data-breach%2F&tfd=1563
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PREQSLLLMX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:19:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.phillyvoice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.html
ads.adthrive.com/builds/core/8a23b6a/html/ Frame C3EC 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/8a23b6a/html/i.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/8a23b6a/es2018/js/adthrive.min.js?deployment=stable&bucket=prod&deliveryFeatures=rubiconFloors,recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr,prebidLoad,gptLoad,amazonLoad&siteid=60d494780560fb0f830b8bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-15.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50279807da7663e6143156926fd8ca89d7e6dfdc98320ae5a2751dcdb910e7dc

Request headers

Referer
https://www.phillyvoice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1146
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Wed, 10 Jan 2024 13:00:29 GMT
etag
W/"63c161ccf2bd2f7a6682bae21c10e5be"
last-modified
Tue, 09 Jan 2024 16:26:48 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
x-amz-cf-id
zmgQBjb3jRMX34KlFMaJUynVabgyzIZ88Kq1wO79AuCcYXh5UifePQ==
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
UB09eToJHClPyVwwKe4uTp11.qRE0oEM
x-cache
Hit from cloudfront
gdpr-liveramp.js
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ 		478 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/gdpr-liveramp.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/8a23b6a/es2018/js/adthrive.min.js?deployment=stable&bucket=prod&deliveryFeatures=rubiconFloors,recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr,prebidLoad,gptLoad,amazonLoad&siteid=60d494780560fb0f830b8bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3800:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27b416e3854827dc41c027f11d19fb046f72b2caf8fb46c15c4005bd4bdf213a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
aLYWHy7w69LTQKar5xDvzp3ry99AnD3k
content-encoding
gzip
via
1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 08:23:25 GMT
x-amz-cf-pop
FRA56-P7
age
17770
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="gdpr-liveramp.js"
last-modified
Wed, 22 Nov 2023 06:39:48 GMT
server
AmazonS3
etag
W/"818a3976677fcc127191fd0973b83d44"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
kDPwFm1R9hle4BvcUI-tYxMZ3su8rt6TOc_nne3DL3Jo2jFHLNdvXA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 06:48:44 GMT
x-amz-cf-pop
FRA56-P6
age
23451
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
diW3g4r2bIfVvXMV7TIPtoqblQmzq95uZCZoJTHXwjhxe2rGGu9lXg==
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PREQSLLLMX&gtm=45je4180v870819655z877920174&_p=1704892773979&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10004&cid=1809648490.1704892774&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1704892774&sct=1&seg=0&dl=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&dt=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&_s=2&tfd=1616
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PREQSLLLMX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:19:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.phillyvoice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PREQSLLLMX&gtm=45je4180v870819655&_p=1704892773979&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10004&cid=1809648490.1704892774&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=gA&sid=1704892774&sct=1&seg=0&dl=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&dt=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&_s=3&tfd=1629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PREQSLLLMX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:19:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.phillyvoice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 12:02:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
4653
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140053
x-xss-protection
0
server
cafe
etag
1469350900164882112
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 09 Jan 2025 12:02:01 GMT
popular
api.bibblio.org/v1/recommendations/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bibblio.org/v1/recommendations/popular?limit=6&page=1&fields=name,url,moduleImage,datePublished,author,description&customCatalogueIds=Health&moduleSettings=eyJzdHlsZVByZXNldCI6ImRlZmF1bHQiLCJzdHlsZUNsYXNzZXMiOiJiaWItLXR4dC02IGJpYi0tc2l6ZS0xNCIsInN1YnRpdGxlRmllbGQiOiJkZXNjcmlwdGlvbiIsImRhdGVGb3JtYXQiOiJETVkiLCJ0cnVuY2F0ZVRpdGxlIjpudWxsLCJoaWRkZW4iOmZhbHNlfQ==&moduleVersion=4.22.3&moduleId=bibblio-healthierphilly-textonly
Requested by
Host: cdn.bibblio.org
URL: https://cdn.bibblio.org/rcm/4.22/bib-related-content.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-80.fra60.r.cloudfront.net
Software
/
Resource Hash
5ae4e90beeb33af56f277f28e39f933b6fb564e009e3eb815ba9b265673ec32b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
Authorization
Bearer 73233a89-346b-42a3-bda1-5e44337b96b8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amzn-trace-id
Root=1-659e9966-7d5939a77283ad910e7779e8;Sampled=0;lineage=d19bbca3:0
x-amzn-requestid
82254c20-f7bf-4f6d-be69-1145876bfdf4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
RUzoGGysDoEEKTQ=
content-length
4565
x-amz-cf-id
32Q7kAtembQDgRRFdAvtA2xe8-PVEWNUa5I9cJYpbQk2lrIZB7mXvw==
popular
api.bibblio.org/v1/recommendations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.bibblio.org/v1/recommendations/popular?limit=6&page=1&fields=name,url,moduleImage,datePublished,author,description&customCatalogueIds=Health&moduleSettings=eyJzdHlsZVByZXNldCI6ImRlZmF1bHQiLCJzdHlsZUNsYXNzZXMiOiJiaWItLXR4dC02IGJpYi0tc2l6ZS0xNCIsInN1YnRpdGxlRmllbGQiOiJkZXNjcmlwdGlvbiIsImRhdGVGb3JtYXQiOiJETVkiLCJ0cnVuY2F0ZVRpdGxlIjpudWxsLCJoaWRkZW4iOmZhbHNlfQ==&moduleVersion=4.22.3&moduleId=bibblio-healthierphilly-textonly
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-80.fra60.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://www.phillyvoice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 10 Jan 2024 13:19:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-apigw-id
RUzoGGM_DoEEURQ=
x-amz-cf-id
LP75GQI80kcqS7HXF82TXUnOlGjjaB9R_nmcrsWIOayWLY9_mpsNWg==
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
6a7722c6-da0c-4850-be29-381ac14e43fc
x-cache
Miss from cloudfront
authorize
trafficmanager.anyclip.com/trafficmanager/api/authorization/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trafficmanager.anyclip.com/trafficmanager/api/authorization/authorize
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.189.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-189-247.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.phillyvoice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.phillyvoice.com
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Wed, 10 Jan 2024 13:19:34 GMT
authorize
trafficmanager.anyclip.com/trafficmanager/api/authorization/ 		428 B
627 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trafficmanager.anyclip.com/trafficmanager/api/authorization/authorize
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.189.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-189-247.compute-1.amazonaws.com
Software
/
Resource Hash
ddf8afb33438f2b873d9978b6258610284b72c3755cb4202a0bdd0865f3649bb

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.phillyvoice.com
date
Wed, 10 Jan 2024 13:19:35 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
428
access-control-allow-methods
GET,POST
content-type
text/plain
/
ipv4.icanhazip.com/ 		16 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv4.icanhazip.com/
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.115.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac522ed09f4eeb1c9791eb93555e09de9fd8d131bf11afc25ba13fb2bd028ca5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cf-ray
8435366228f04149-LHR
alt-svc
h3=":443"; ma=86400
content-length
16
adlib.min.js
assets.anyclip.com/anyclip-widget/lre-widget/assets/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/js/adlib.min.js
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 10 Jan 2024 15:18:48 GMT
x-amz-version-id
AK5RR4lgfZKexTiN0kaDvZ8qULWIxAax
date
Wed, 10 Jan 2024 13:19:34 GMT
x-amz-request-id
04C9S82ETP7VYRK0
age
7246
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
86c1382cc74663a9c05ce4172d438f252b16f01b82a20cfa0edb2da2778db462
content-length
32
x-amz-id-2
uZXPE522pddSHzfeNFj4YuateJzswJBqbia9shwp5IgK+durhzvBYHnlTrEOkDL1wRko15y2/IX2hhuxuVACbEf4SsftiCa8
last-modified
Mon, 18 Dec 2023 12:51:04 GMT
server
AmazonS3
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=14400
accept-ranges
bytes
x-llid
caaaf58f82891a7ced925e77997edbbf
x-amz-meta-s3b-last-modified
20181210T110233Z
362290
vid.springserve.com/vast/ 		22 B
439 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/362290
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.91.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-91-46.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
263b5c14ea0c8dba145eaa30a0e60b7f9e0d3cb3c8f2356f59832ff329fa6d38

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Jan 2024 13:19:34 GMT
access-control-allow-credentials
true
server
nginx
content-length
22
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=333&val=0&wnx=0&abc=&ty=blo&v=0&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5698917485248512&upapi=true&domain=phillyvoice.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19033
x-guploader-uploadid
ABPtcPre1u088olDEqisL4vqj4Y9CrIIxG4mj-xpWTpshSDFW8uWUxQz-ZFVXiQ1eyo1nTm4_Ps
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EY1hIVgY%2F7u4EOnn%2BDKrchPxEr%2FajvdOtcKgTsEZndwP%2BqofArBLoYj4AQBsEDjmy%2FmulPTKYy68O5SPvaIvljumYPu9dgmKR5Ww4tqLl%2FCQw6TeH2Bx3ybRbHiuQFApnT912dgP5gnZ06l9zw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
843536624e62653f-LHR
expires
Thu, 11 Jan 2024 13:19:34 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 04:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 04:01:09 GMT
px.gif
ad-delivery.net/ 		43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.903592593391626
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19033
x-guploader-uploadid
ABPtcPre1u088olDEqisL4vqj4Y9CrIIxG4mj-xpWTpshSDFW8uWUxQz-ZFVXiQ1eyo1nTm4_Ps
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2J%2BgAvZKAgCGbCydAZ0HH78GuUk0ou8ztKJ47O2orvdjCU6ozO2FqO64%2B6KTtHSJyVtj4dNU55I6LowiF857gsfoLruzXtexjKY4au4NsIHMX1AzWpeHCdT2J0BSq09kdL7ETRyeV3eo09vbjw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
843536624e64653f-LHR
expires
Thu, 11 Jan 2024 13:19:34 GMT
recommendations.js
phillyvoice.disqus.com/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://phillyvoice.disqus.com/recommendations.js
Requested by
Host: phillyvoice.disqus.com
URL: https://phillyvoice.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
ea0144946d00f7d987e58235e741544f457b957ea4bedd4c801ca162f84c649f
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
server
openresty
Age
0
Vary
Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
content-type
application/javascript; charset=utf-8
cache-control
stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
x-service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
21371
5.c3191d3c.min.js
a.optmnstr.com/app/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.optmnstr.com/app/js/5.c3191d3c.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
cdn-edgestorageid
1081
perma-cache
HIT
cdn-storageserver
DE-679
cdn-cachedat
01/08/2024 14:07:46
cdn-pullzone
293267
last-modified
Wed, 25 Oct 2023 17:45:58 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
709
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65395456-4146"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
811f604f18b51984bff47058cc75d89c
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
4.1dae6b4d.min.js
a.optmnstr.com/app/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.optmnstr.com/app/js/4.1dae6b4d.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
8d7293476de0d15a9417a6f896f642845e90a174c74455e095f5f9a69768b51c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
cdn-edgestorageid
1081
perma-cache
HIT
cdn-storageserver
DE-663
cdn-cachedat
01/08/2024 14:07:46
cdn-pullzone
293267
last-modified
Wed, 01 Nov 2023 17:12:10 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
599
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"654286ea-c029"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
3eb73bc87f6dfacbedc53018c5dfa738
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
/
disqus.com/embed/comments/ Frame 32CF 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&s_o=default
Requested by
Host: phillyvoice.disqus.com
URL: https://phillyvoice.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e415a16918e8bad5a8bb03706de04a415a792315166eee7e1f7c62e337e8fddb
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.phillyvoice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Age
0
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection
keep-alive
Content-Encoding
gzip
Content-Length
4048
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 10 Jan 2024 13:19:35 GMT
ETag
W/"lounge:view:9965131995.1e135f8ec3b3d8f7cf31882b8efca204.2"
Last-Modified
Wed, 13 Dec 2023 20:03:46 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=480&val=ac&wnx=0&abc=&ty=ami&v=0&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
play-big.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 		650 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/play-big.svg?hash=2f7343dd79
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
3cc9389c9cfdbc0fb7c282c3026c3cd9c11894913f4cf60cf9d1140a1415ad0a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 10 Jan 2024 14:21:27 GMT
x-amz-version-id
P54LBC7dA7.CKZKZL0usNEXn5r08cUmk
content-encoding
gzip
date
Wed, 10 Jan 2024 13:19:34 GMT
x-amz-request-id
MS1B7TDJN3WXSCGC
age
10687
content-length
405
x-amz-id-2
PLn3CaO0hkVwO+LL1stE+j46mI/k8wV0mWabqXb2AUFxOB182ll3pNBI1qQqtr18TY3jYqoZEYU=
last-modified
Tue, 06 Aug 2019 13:18:15 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=14400
accept-ranges
bytes
x-llid
63887e36b6ed3baec77118986e7809ce
x-amz-meta-s3b-last-modified
20190806T131201Z
X%20Button.svg
anyclip-player.s3.amazonaws.com/pub-assets/phillyvoicecom/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://anyclip-player.s3.amazonaws.com/pub-assets/phillyvoicecom/X%20Button.svg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.93.187 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
55dd5a36f8c9a1cc81b3b861508e41797c7e65abcd7ddb2f4e3967ee6d57b474

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 13:19:36 GMT
x-amz-version-id
agk7jSd82Nc3w8JO7ksvU1Vz2qOsAFOP
Last-Modified
Mon, 05 Oct 2020 16:23:51 GMT
Server
AmazonS3
x-amz-request-id
T85PBDBS27T9MPE2
ETag
"029dcc931307c4c152aa7cdb8b931464"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
39845
x-amz-id-2
OobcsnOtvy6Xgz1vNE4b6EmyhLA6v+G6X0Jm3SAVscm4xviE4KGSLdY/re4s2q4gcnTCoLAa8bE=
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=500&val=0&wnx=0&abc=&ty=wre&v=0&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
anyclip-logo-rb.png
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/anyclip-logo-rb.png
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
dd06d3cec78769e6dd11ac47b02d3cc2bdc0b8540d47ca3ba3749f2d28b32e58

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 10 Jan 2024 14:23:01 GMT
x-amz-version-id
6Mm86axJOVH4iqwqUr4fPD3X.sYDjZjH
date
Wed, 10 Jan 2024 13:19:34 GMT
x-amz-request-id
NH9PRDB47VWJZEEJ
age
10593
x-amz-meta-sha256
dd06d3cec78769e6dd11ac47b02d3cc2bdc0b8540d47ca3ba3749f2d28b32e58
content-length
2051
x-amz-id-2
pyD9SpK/BNqTVxRR23bAqMzdSgw8Sfhx+3VduuIi5k/Y1ditfUiSrfyfMGcr1WbbPf7LTzWpJFqmqMo5KJCoPt+WfmOafcsC
last-modified
Mon, 03 May 2021 12:15:28 GMT
server
AmazonS3
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=14400
accept-ranges
bytes
x-llid
5b097c44e6af252417b22ed1b4a0d302
x-amz-meta-s3b-last-modified
20210503T121448Z
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=507&val=400&wnx=0&abc=&ty=psw&v=0&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=507&val=225&wnx=0&abc=&ty=psh&v=0&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
gdpr.bundle.js
gdpr.privacymanager.io/latest/ 		136 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Requested by
Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/gdpr-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a000:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27f62274d9858073e8f3e5643a6bf652b6a1576e00dae337f8c7e12f6b91b97c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
Y_FI2tHwceecL4aCNm0w90ZTQwQBXlnf
content-encoding
gzip
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 12:53:37 GMT
last-modified
Wed, 03 Jan 2024 12:37:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1557
x-amz-server-side-encryption
AES256
etag
W/"97a8e6b3690e415e6982e057a4ec3a39"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
CBo9f9sUelOg7NA5DCiA3X_ZICfMdsxqeym0zGlDErQn8lqFjYWZlg==
config.js
cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/ 		302 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/8a23b6a/es2018/js/adthrive.min.js?deployment=stable&bucket=prod&deliveryFeatures=rubiconFloors,recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr,prebidLoad,gptLoad,amazonLoad&siteid=60d494780560fb0f830b8bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157639db9c57d5b2b885a5195e24dcea2ef46c41c07e1b23fc73b80545d69251

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 10:55:06 GMT
server
cloudflare
x-amz-request-id
YFQQQW14A23N8Y6E
age
570
etag
W/"c7fbc21dabdb785c8b6adc1e07d915f6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
843536637da053a0-LHR
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Nyo0FFgu0Ensduod/RksUC5ZaPoeE3lY1StqVIeBjXaWCo3wjHGb1fasj72kzK1/cG4gpCp2xeZ8roQcusLMaA==
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/ 		273 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/launchpad-liveramp.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/8a23b6a/es2018/js/adthrive.min.js?deployment=stable&bucket=prod&deliveryFeatures=rubiconFloors,recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr,prebidLoad,gptLoad,amazonLoad&siteid=60d494780560fb0f830b8bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-94.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f13cdbf91c29d4b2370068222179233633d7922313fbe315ff2ed2b0c1fc1e0e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
OqAxgyZ5SvrtTnWsEK5nr4rey5Kh.3hL
content-encoding
gzip
via
1.1 d419ac9a83ef724c262c5f07f9b5a8da.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 04:10:54 GMT
x-amz-cf-pop
AMS58-P4
age
32922
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Mon, 23 Oct 2023 20:37:41 GMT
server
AmazonS3
etag
W/"51e5766ceaa2422d0288fec39e4fde2a"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
YPRpoKgS7jmNLf8cidhBjT3M36PZMW5JZqkyga54R4YBUWOHF53tQA==
ads.min.css
ads.adthrive.com/sites/60d494780560fb0f830b8bdc/ 		643 B
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/60d494780560fb0f830b8bdc/ads.min.css
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/8a23b6a/es2018/js/adthrive.min.js?deployment=stable&bucket=prod&deliveryFeatures=rubiconFloors,recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr,prebidLoad,gptLoad,amazonLoad&siteid=60d494780560fb0f830b8bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-15.ams58.r.cloudfront.net
Software
CloudFront /
Resource Hash
0edb65f55550751e82757d0251c36ae1f95aab6f4ee651ec16b2cb6f2951c2ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 17:07:32 GMT
content-encoding
gzip
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS58-P2
age
72722
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600, s-maxage=86400
content-length
227
x-amz-cf-id
AWppoPn0G7Qcs9DtZiNzJikhkT5hTAY9Ni9Tfh_38gtxGIZujALzZg==
4fbba76f-7987-4fa2-9733-c27eb3a2170b
config.aps.amazon-adsystem.com/configs/ 		564 B
828 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-71.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
692d48fbaa185ced1c916c92d645d031595e90a5808d161c6191b00780c78406

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 12:35:55 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2619
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
BAAoIFKhpKss71tjV_XpeR2OYugLqjrsX52A1FnSVzuub-L6fzuN6g==
config
c.amazon-adsystem.com/cdn/prod/ 		762 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.phillyvoice.com&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
531197442133e35509840be3ccf5a772fcc0a2f974ab1b4fb9c6fcaf213196b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 12:18:59 GMT
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
3635
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
762
x-amz-cf-id
ybGJWl4fjPtRtNaAu9BUxloaB9FPzjcyrAnM3JiGLHW-DFfdteNZlA==
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=580&val=&wnx=0&abc=&ty=cuc&v=0&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
country
api.btloader.com/ 		16 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5698917485248512&upapi=true&domain=phillyvoice.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
4304ad9301017a03d77d588218c73d2b5fbc0a292138994c023a10aed3196740

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
17.24171f7e.min.js
a.optmnstr.com/app/js/ 		975 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.optmnstr.com/app/js/17.24171f7e.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
228739c5660b9818a95c3b2c13f6c65cf4364f871c0cde499446c985be07a682

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
cdn-edgestorageid
1080
perma-cache
HIT
cdn-storageserver
DE-164
cdn-cachedat
01/08/2024 14:07:47
cdn-pullzone
293267
last-modified
Tue, 12 Sep 2023 04:06:13 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
599
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64ffe3b5-3cf"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
4361877f020c9fedb8a175755cf09b0f
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
19.b93023b7.min.js
a.optmnstr.com/app/js/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.optmnstr.com/app/js/19.b93023b7.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
cdn-edgestorageid
1080
perma-cache
HIT
cdn-storageserver
DE-164
cdn-cachedat
01/08/2024 14:07:46
cdn-pullzone
293267
last-modified
Mon, 18 Sep 2023 16:47:40 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
587
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65087f2c-10b0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
d5430b89d64e23e1d1155a959ffa17f8
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
27.78393e5b.min.js
a.optmnstr.com/app/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.optmnstr.com/app/js/27.78393e5b.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
cdn-edgestorageid
1081
perma-cache
HIT
cdn-storageserver
DE-599
cdn-cachedat
01/08/2024 14:07:46
cdn-pullzone
293267
last-modified
Mon, 18 Sep 2023 16:47:43 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
587
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65087f2f-1973"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
e526a43b232cc215f3dc8ac6a7ac740c
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
32.b9065693.min.js
a.optmnstr.com/app/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.optmnstr.com/app/js/32.b9065693.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
cdn-edgestorageid
1080
perma-cache
HIT
cdn-storageserver
DE-662
cdn-cachedat
01/08/2024 14:07:46
cdn-pullzone
293267
last-modified
Mon, 18 Sep 2023 16:47:33 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
587
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65087f25-2c41"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
84146758aee957e43ae88925c6e64137
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
10.acdc9ced.min.js
a.optmnstr.com/app/js/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.optmnstr.com/app/js/10.acdc9ced.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
21111013521ce045115ade20ed1b0ac09b102688f010ecf84bb7f3f53574456c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
cdn-edgestorageid
1082
perma-cache
HIT
cdn-storageserver
DE-679
cdn-cachedat
01/08/2024 14:07:46
cdn-pullzone
293267
last-modified
Tue, 12 Dec 2023 19:57:31 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
383
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6578bb2b-8515"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
559ec74155e5bd6461944e327282a74b
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
0.514c5def.min.js
a.optmnstr.com/app/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.optmnstr.com/app/js/0.514c5def.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
a0746aee5a2b0032d3d664b8383d97bb3e1f0dce11ececfa1258072a704b1a72

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
cdn-edgestorageid
1081
perma-cache
HIT
cdn-storageserver
DE-679
cdn-cachedat
01/08/2024 14:07:46
cdn-pullzone
293267
last-modified
Mon, 18 Sep 2023 16:47:37 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
383
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65087f29-1d49"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
5f1339adf7a01ae57e6ba06d9fde7cf8
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
9.c66ab701.min.js
a.optmnstr.com/app/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.optmnstr.com/app/js/9.c66ab701.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
8ad9a6bcdc20b0bb29576b861332e7b11719bd11af68024d7676724574070f05

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
cdn-edgestorageid
1080
perma-cache
HIT
cdn-storageserver
DE-662
cdn-cachedat
01/08/2024 14:07:46
cdn-pullzone
293267
last-modified
Mon, 18 Sep 2023 18:28:00 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
599
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"650896b0-879"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
eda934452c559ca72a0514c977d89c75
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
11.38e902ad.min.js
a.optmnstr.com/app/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.optmnstr.com/app/js/11.38e902ad.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
cdn-edgestorageid
1081
perma-cache
HIT
cdn-storageserver
DE-599
cdn-cachedat
01/08/2024 14:07:46
cdn-pullzone
293267
last-modified
Mon, 18 Sep 2023 16:47:37 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
383
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65087f29-a40"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
bdddad9547b13b634a1a2bb59082b5ab
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
28.377be946.min.js
a.optmnstr.com/app/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.optmnstr.com/app/js/28.377be946.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
8f927cd54d7ef0ffd667f6537f9a9f3ef56fd8f86b32c8dfd534c29da2f2242a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
cdn-edgestorageid
1082
perma-cache
HIT
cdn-storageserver
DE-164
cdn-cachedat
01/08/2024 14:07:46
cdn-pullzone
293267
last-modified
Mon, 18 Sep 2023 16:47:51 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
383
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65087f37-d7b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
b692288ee5ba768ac45208c23ee78033
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
26.1898e425.min.js
a.optmnstr.com/app/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.optmnstr.com/app/js/26.1898e425.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
c6fd60d4ecfcac36ecdcb7456ecf170d8eef75c883a1e34a4dd7855d23966cd2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:34 GMT
content-encoding
br
cdn-edgestorageid
1081
perma-cache
HIT
cdn-storageserver
DE-587
cdn-cachedat
01/08/2024 14:07:46
cdn-pullzone
293267
last-modified
Mon, 18 Sep 2023 16:47:40 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
588
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65087f2c-6b6"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
d5fabcb2f27895558aab2a82327b8cbb
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
16.0e435a6f.min.js
a.optmnstr.com/app/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.optmnstr.com/app/js/16.0e435a6f.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
content-encoding
br
cdn-edgestorageid
1080
perma-cache
HIT
cdn-storageserver
DE-677
cdn-cachedat
01/08/2024 14:07:46
cdn-pullzone
293267
last-modified
Mon, 18 Sep 2023 16:47:35 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
383
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65087f27-51f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
fcad3942dcf0f7c96ca7346c800f6b97
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
1.ea963399.min.js
a.optmnstr.com/app/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.optmnstr.com/app/js/1.ea963399.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
content-encoding
br
cdn-edgestorageid
1080
perma-cache
HIT
cdn-storageserver
DE-661
cdn-cachedat
01/08/2024 14:07:46
cdn-pullzone
293267
last-modified
Mon, 18 Sep 2023 16:47:50 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
587
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65087f36-2abc"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
ba6d707f9aae8566d233edc6df9ee384
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
21.5aa698b1.min.js
a.optmnstr.com/app/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.optmnstr.com/app/js/21.5aa698b1.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
content-encoding
br
cdn-edgestorageid
1082
perma-cache
HIT
cdn-storageserver
DE-167
cdn-cachedat
01/08/2024 14:07:46
cdn-pullzone
293267
last-modified
Mon, 18 Sep 2023 16:47:35 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
599
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65087f27-81f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
e2254d2868fe0d6a869ee308445ebe31
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=aoEtgxyWml&w=5750537461956608&o=5698917485248512&cv=2.1.27-2-g1727909&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&sid=pB0Z9UYyJa&pm=false&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5698917485248512&upapi=true&domain=phillyvoice.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Jan 2024 13:19:35 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
id5-api.js
cdn.id5-sync.com/api/1.0/ 		113 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
DVTCX8J5ZFZXV02K
age
918
etag
W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
84353663fc1a60ee-LHR
x-amz-id-2
EJrX/VPqTPUb4t70lUT6V22pbqTyovPsfCC7Xjkxxbamnzht3uE1/GqjCL1Ob+spTjfbzFiXTGY=
scroll-left.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 		678 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/scroll-left.svg?hash=2f7343dd79
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
f6a567afe8646e0c672c414fa0b77557725ca3b8c80b79c6d64e48a2d2a10343

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 10 Jan 2024 13:47:45 GMT
x-amz-version-id
al4bnK8lz1wgwYhXBBgJuR7nRyJuY5po
content-encoding
gzip
date
Wed, 10 Jan 2024 13:19:34 GMT
x-amz-request-id
FE863XR8MQE68DRY
age
12709
content-length
472
x-amz-id-2
G2/JL3SP1bMoVulLzMjt2VY3muLEbP5GSJqnEIfRPVApKJ2R2eVcfs9nH+QytFrkjPN7ARCgX1w=
last-modified
Thu, 09 Aug 2018 13:37:36 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=14400
accept-ranges
bytes
x-llid
b8cde2b424b3578e916498009735f77e
x-amz-meta-s3b-last-modified
20180710T081757Z
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&pid=zwdmsWgfDzrEY&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Footer_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F60d494780560fb0f830b8bdc%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A71%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!cafemedia.com%2C60d494780560fb0f830b8bdc%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.81.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-81-30.ams58.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P5
x-amz-rid
BAQGGEP5K0Z5TCVX28KY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.phillyvoice.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
AxqCtdTfAE5ikuJX6qR3oWKkk-5VrLfnFhxQVsnzUHRegkcxBw72OQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&pid=zwdmsWgfDzrEY&cb=1&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Header_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Header_1%2F60d494780560fb0f830b8bdc%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A54%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!cafemedia.com%2C60d494780560fb0f830b8bdc%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.81.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-81-30.ams58.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P5
x-amz-rid
GMAADKQKWCCDSE0VPGFZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.phillyvoice.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
frLzW_u8Nm1naMCVe_86tM1gwWqx6x9-mFZw0XcEb2HIADZvhPfxiQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&pid=zwdmsWgfDzrEY&cb=2&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_1_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22250x250%22%2C%22120x240%22%2C%221x1%22%2C%22300x300%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_1%2F60d494780560fb0f830b8bdc%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A52%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!cafemedia.com%2C60d494780560fb0f830b8bdc%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.81.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-81-30.ams58.r.cloudfront.net
Software
Server /
Resource Hash
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P5
x-amz-rid
NXJ2T4VRRQFMNE6J1856
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.phillyvoice.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
q1AzCtTOzgYwekZo_vCzkWmuc9HAY_QJlGZ4GjxO-7_JcesMaGsDqA==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&pid=zwdmsWgfDzrEY&cb=3&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_2_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22250x250%22%2C%22120x240%22%2C%221x1%22%2C%22300x300%22%2C%22320x300%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F60d494780560fb0f830b8bdc%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A48%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!cafemedia.com%2C60d494780560fb0f830b8bdc%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.81.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-81-30.ams58.r.cloudfront.net
Software
Server /
Resource Hash
e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P5
x-amz-rid
QPXER15BRKZBG5447617
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.phillyvoice.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
2ZJGhCnDvDmFb3En5U55-AEzIW0G9JbIw35Dh37gwfP94OD80PEItQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&pid=zwdmsWgfDzrEY&cb=4&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_9_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22320x50%22%2C%22160x600%22%2C%22300x1050%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22250x250%22%2C%22120x240%22%2C%221x1%22%2C%22300x300%22%2C%22300x420%22%2C%22320x300%22%2C%22300x390%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_9%2F60d494780560fb0f830b8bdc%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A59%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!cafemedia.com%2C60d494780560fb0f830b8bdc%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.81.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-81-30.ams58.r.cloudfront.net
Software
Server /
Resource Hash
13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P5
x-amz-rid
PRVBKBFR52CC39VP32ET
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.phillyvoice.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
YGcnSTlQ5RfJGIufP9OV05AI-K2aTU0D-9Pm7aDuBlPy1yztqIQUww==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&pid=zwdmsWgfDzrEY&cb=5&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Content_1_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%22250x250%22%2C%22120x240%22%2C%221x1%22%2C%22300x300%22%2C%22552x334%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Content_1%2F60d494780560fb0f830b8bdc%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A54%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!cafemedia.com%2C60d494780560fb0f830b8bdc%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.81.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-81-30.ams58.r.cloudfront.net
Software
Server /
Resource Hash
0f790bdfb9c12c83da88b657a00be6b9aee3d14d167002faaa9562bc74404325
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P5
x-amz-rid
5AYAPBKY1PSY67RCV9HD
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.phillyvoice.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
orX0wgIMa6KJvEZsz4sCqTLEkmQtGJZyNOEHTnL-Nr1B1G502tZodA==
bid
aax.amazon-adsystem.com/e/dtb/ 		99 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&pid=zwdmsWgfDzrEY&cb=6&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Recipe_3_desktop%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Recipe_3%2F60d494780560fb0f830b8bdc%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A48%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!cafemedia.com%2C60d494780560fb0f830b8bdc%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.81.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-81-30.ams58.r.cloudfront.net
Software
Server /
Resource Hash
bf85618f26acc60418771e88b8b6700fd73f9069326b81f42a6310323a6afe46
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P5
x-amz-rid
W93B88X2HCP4MAZ8331Z
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.phillyvoice.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
99
x-amz-cf-id
N0QBD6_lvDxTilG2V3_w9oIPcjeK_0k7O9ql3GTqZHNI8YL9F534Bg==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&pid=zwdmsWgfDzrEY&cb=7&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Below_Post_1_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22320x100%22%2C%22468x60%22%2C%22250x250%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Below_Post_1%2F60d494780560fb0f830b8bdc%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A48%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!cafemedia.com%2C60d494780560fb0f830b8bdc%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.81.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-81-30.ams58.r.cloudfront.net
Software
Server /
Resource Hash
6ad64bf64d7ef760e814445e08d04619c0bf54ea696a75bfdd9cccc619a7e070
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P5
x-amz-rid
8560STY7950QPC1NAV0H
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.phillyvoice.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
6k68L_4FLnOjB42a_jhGS3S3jVnWOxtFWPzvbId0927MEiwq-qg_WQ==
/
trends.revcontent.com/api/demand/ 		54 B
493 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=267623
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-113.ams54.r.cloudfront.net
Software
envoy /
Resource Hash
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-rc-region
eu-west-1c
date
Wed, 10 Jan 2024 13:19:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 fe106b75368b4a44b0461d7e712cd360.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
AMS54-C1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.phillyvoice.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=86400
content-length
54
x-amz-cf-id
OJvFH-uiPPwy-lZe_kvzq0RBcZwg3_IcAKD2KwBQ4kb1EN7v7IOImQ==
sync
trends.revcontent.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-113.ams54.r.cloudfront.net
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-rc-region
eu-west-1c
date
Wed, 10 Jan 2024 13:19:35 GMT
via
1.1 fe106b75368b4a44b0461d7e712cd360.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
envoy
x-amz-cf-pop
AMS54-C1
vary
Access-Control-Request-Method,Access-Control-Request-Headers
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.phillyvoice.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
GcUpWOnxbTOGgSPAoyC8Z1KEWPBTA1ENSag2DgYIYpELU7KWL8mS7A==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202307190925/ 		251 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jul 2023 13:26:13 GMT
server
cloudflare
x-amz-request-id
F6P4BPVYHJXAZJNY
age
5131121
etag
W/"6c476793b39193c54a91ff561ef3a8e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
843536640f1953a0-LHR
alt-svc
h3=":443"; ma=86400
x-amz-id-2
+aoY2JnON5GwokQe6adQpSmSjB7c6ICCDB6w0l7F3kMfoK4i+4D3D/mqUDFql7BIKbKA2agl6Fo=
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		126 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-78.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
OYXhO0yAI32wYHLbaFkvb4YycLXHk8gH
content-encoding
gzip
via
1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 12:37:28 GMT
last-modified
Tue, 12 Dec 2023 13:01:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
2528
x-amz-server-side-encryption
AES256
etag
W/"6f5acc886b373331d622309f643f2f89"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
DlpDHcfTZeMpt-OSzEvkhmcG5vKxYrLB69S_btWH049n_RsHLGthdQ==
/
disqus.com/recommendations/ Frame 8DD0 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/recommendations/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice
Requested by
Host: phillyvoice.disqus.com
URL: https://phillyvoice.disqus.com/recommendations.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9033c4bbc3fc3f3cad57600499e6ea61e8749be0ca7463b73acac2674ba89a4d
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.phillyvoice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Age
0
Cache-Control
stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2488
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 10 Jan 2024 13:19:35 GMT
Last-Modified
Wed, 13 Dec 2023 20:03:46 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3800:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.phillyvoice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
age
9820
content-length
0
date
Wed, 10 Jan 2024 10:35:56 GMT
server
AmazonS3
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-id
o1K60AMoRspstDozwGjJijd5Jgz2Atrh3xqZzGCHcLue6SJ-8p374Q==
x-amz-cf-pop
FRA56-P7
x-cache
Hit from cloudfront
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.phillyvoice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 10 Jan 2024 13:19:35 GMT
via
1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront), 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-apigw-id
RUzoLFcPjoEEgoA=
x-amz-cf-id
QsfbcNOoi3ZA48OQ1BM1xslr2WvCtG04d_yjXeDG9kGS7E9kTiI8Tw==
x-amz-cf-pop
FRA56-P3 FRA60-P3
x-amzn-requestid
9db3aae4-b8c6-4361-89cd-04f228a75825
x-cache
Miss from cloudfront
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ 		110 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3800:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3315180967de43fa1600f1cc12f6de92a12458d2741ca654cbf2be5d4d0d37c3

Request headers

Accept
application/json
Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

x-amz-version-id
Hdl95q9xwMB.aFm.7GuxJNhGpcO65wRA
content-encoding
gzip
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 13:08:14 GMT
x-amz-cf-pop
FRA56-P7
age
682
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 09 Jan 2024 17:44:00 GMT
server
AmazonS3
etag
W/"2401af423c2a55a01cad896d205f804f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
c4xmtMJI3rLTNYADp2dKh8gG_9Sy2-0BZXnCiQ3Vc9y7__0hg7YR5A==
/
geo.privacymanager.io/ 		31 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
8a78cef0b7848d146a9983a7ec0e37c321eef8a01d5847caa7483e5ecb86be04

Request headers

Accept
application/json
Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Jan 2024 17:26:51 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront), 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
71564
x-amzn-requestid
6b65da4a-a559-4a8a-bfd2-f6238e446bf5
x-amzn-trace-id
Root=1-659d81db-57f8052108b14ca246e7af71;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
RSE6SGHLDoEEh6g=
content-length
31
x-amz-cf-id
Bmf2D-lX6y4Bdl5UFs9TFOAx2TJcfs8i47__zbVSq1NMHXSvgji5pw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
playlist
trafficmanager.anyclip.com/trafficmanager/api/v2/player/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trafficmanager.anyclip.com/trafficmanager/api/v2/player/playlist?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.189.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-189-247.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.phillyvoice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.phillyvoice.com
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Wed, 10 Jan 2024 13:19:35 GMT
playlist
trafficmanager.anyclip.com/trafficmanager/api/v2/player/ 		14 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trafficmanager.anyclip.com/trafficmanager/api/v2/player/playlist?
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.189.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-189-247.compute-1.amazonaws.com
Software
/
Resource Hash
fa7e555cf23d09904af0c637b94fd7654edb0d6b8dcdc5aac5711043669e40a9

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
content-encoding
gzip
vary
accept-encoding
access-control-allow-methods
GET,POST
content-type
application/json
access-control-allow-origin
https://www.phillyvoice.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=792&val=0&wnx=0&abc=&ty=prq&v=1&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
lounge.load.cb3f36bfade5c758ef967a494d077f95.js
c.disquscdn.com/next/embed/ Frame 32CF 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.load.cb3f36bfade5c758ef967a494d077f95.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
76e2eb5e5e17ae7c75ded230b7e5f8d0c7c0e1ae63e9014f7bb9e58617dc852f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&s_o=default
Origin
https://disqus.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 04 Jan 2024 17:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2837e32f921e7e7517dd6f5461c37dfa.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
501580
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
630
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Thu, 04 Jan 2024 17:51:50 GMT
server
nginx
etag
"6596f036-276"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
4KiBwpLiyNUIiEIlcQTLL2bWkRlfSaOcpHEMyEt9teRRrdscjeSY_Q==
expires
Fri, 03 Jan 2025 17:59:55 GMT
/
trends.revcontent.com/api/delivery/ 		23 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=267623&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&icr_url=&va=0&time=1704892775139&up=pc&bn=chrome&bv=120&widget_width=720&style_id=0&an=false
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-113.ams54.r.cloudfront.net
Software
envoy /
Resource Hash
d8d3f72313b51806778a5e898501341ce11130abe15866871caa71d1fdfcfacc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-rc-region
eu-west-1c
date
Wed, 10 Jan 2024 13:19:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
via
1.1 fe106b75368b4a44b0461d7e712cd360.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
AMS54-C1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.phillyvoice.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
64
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
hxA3IiIp9h-lPe5_iXuGbXcvD9qPLIPBXDQ82EBVxYhcqPFMeNZi4g==
/
geo.privacymanager.io/ 		31 B
609 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
8a78cef0b7848d146a9983a7ec0e37c321eef8a01d5847caa7483e5ecb86be04

Request headers

Accept
application/json
Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Jan 2024 17:26:51 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront), 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
71564
x-amzn-requestid
6b65da4a-a559-4a8a-bfd2-f6238e446bf5
x-amzn-trace-id
Root=1-659d81db-57f8052108b14ca246e7af71;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
RSE6SGHLDoEEh6g=
content-length
31
x-amz-cf-id
hIN-D_K20W5c2Tk8sotU0iCkoayy9pTkIECOfj6sndBC6L6SfEmp5w==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.phillyvoice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 10 Jan 2024 13:19:35 GMT
via
1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront), 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-apigw-id
RUzoLFNhDoEEmHQ=
x-amz-cf-id
lscP8tJK5i-sbGSjM3YQJ97pvVHYvpCsAY-36-sgfF0B7aHLgByIMw==
x-amz-cf-pop
FRA56-P3 FRA60-P3
x-amzn-requestid
48b82874-9856-47f8-9daf-36878a1c0455
x-cache
Miss from cloudfront
recommendations.load.951a38b2848de5e250e80346106bc490.js
c.disquscdn.com/next/recommendations/ Frame 8DD0 		923 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.load.951a38b2848de5e250e80346106bc490.js
Requested by
Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
59e3774d3b30422dd735c7dba618d86de1069cd77ebfc4a784548fdfbfcb226a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
Origin
https://disqus.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 18 Dec 2023 17:28:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2837e32f921e7e7517dd6f5461c37dfa.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
1972246
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
449
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Mon, 18 Dec 2023 16:49:31 GMT
server
nginx
etag
"6580781b-1c1"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
Bf_l4gb9zIrTTtKIieP-nLfSC0c7QGpVDwTvFW0-DaLztDhG7V_rng==
expires
Tue, 17 Dec 2024 17:28:49 GMT
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.227.219.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-113.ams54.r.cloudfront.net
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region
eu-west-1c
date
Wed, 10 Jan 2024 13:19:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 3af85c3075e12aff72b9e148b99d6622.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
AMS54-C1
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.phillyvoice.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Ajn4fNfX9VnwbZhNdYBxIqP2rBkCaPAVYfhGMMMvJvDd0X-faZdJ-g==
brandWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 		65 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/brandWidget~feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-101.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fef9335830c820ead126343577fdb316736a825c5f5bf3e7b9217a5e42bdfe95

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 03:27:29 GMT
content-encoding
gzip
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 18:14:16 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
85111
x-amz-server-side-encryption
AES256
etag
W/"8fe8bc08493f26deff2debf8e8203363"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
mzBCtHEbe2McreTmaSssdCza55WV0XQvrciIVhiDG9hTA7nZoFWFBw==
defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-101.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
703dd3e688e7899681a6392e30559611bc0bd9ed7d09e27208192b4806ba6d03

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 11:15:48 GMT
content-encoding
br
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 18:14:17 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
7428
x-amz-server-side-encryption
AES256
etag
W/"5e684ec32476aededa83d80069c00cef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
zAmPlH7ldnB3dQOZgXZNJ2C0fuJeqocF_rccC5LGjHH2t2gVA0cXEA==
feedWidget.delivery.js
assets.revcontent.com/master/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-101.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b3f6d5dea878b8cae8f540dba8085f4c078d32e6db5db1de2a3f50c39b9a70a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 10:46:40 GMT
content-encoding
br
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 18:14:16 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
9175
x-amz-server-side-encryption
AES256
etag
W/"00814c190d1bf503b29555a765f99820"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
kUTTzk1puaCcxGSk6QEH4eZO9okFbuWOzj_DWrFFm_JfKdA4u33F9g==
score.min.js
js.ad-score.com/ 		506 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2447:4600:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0e370225abf600f988eb1a0a39e34fb1da8ccd839c9b771a70a815e0ab494181

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 19:39:02 GMT
Content-Encoding
br
Via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P5
Age
63633
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 09 Jan 2024 19:39:02 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
_vrTzfQ8MXXkm2-8ahGUpTMoYwv6Rn1DKhyo0Y2a9BIusfBQOl66Ug==
Expires
Wed, 10 Jan 2024 19:39:02 GMT
/
img.revcontent.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-11.ams58.r.cloudfront.net
Software
envoy /
Resource Hash
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 04 Oct 2023 06:35:00 GMT
via
1.1 58b391c0bc32913049841b1b8cd9053a.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 15:43:57 GMT
server
envoy
x-amz-cf-pop
AMS58-P2
age
8491475
etag
"a798d6ed9b193888fbc8a4a5bd7b51c236f8aa33"
x-cache
Hit from cloudfront
content-type
image/png
x-envoy-upstream-service-time
60
alt-svc
h3=":443"; ma=86400
content-length
1351
x-amz-cf-id
PqTZlHYKerJjpV_H_gQd_cWTNnKvAlTQtz23L8bY1NG_9_T0Grf7nA==
common.bundle.38c5aabc45d4259965d7e2fa23a41f7b.js
c.disquscdn.com/next/embed/ Frame 32CF 		280 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.38c5aabc45d4259965d7e2fa23a41f7b.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.cb3f36bfade5c758ef967a494d077f95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a12ed1612f455158732f858b4cf1395777f2a53584d46bf9cd8530ed9f53e4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 18 Dec 2023 17:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
1972251
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94199
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Mon, 18 Dec 2023 16:49:31 GMT
server
nginx
etag
"6580781b-16ff7"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
OaEuZ0Ai9eyT2lFUZ_ZnQpDR8afvne3kzW1FU-99Xpfyt-6lU6E8gQ==
expires
Tue, 17 Dec 2024 17:28:44 GMT
common.bundle.946a10c95150e29f6221320c88b3a429.js
c.disquscdn.com/next/recommendations/ Frame 8DD0 		262 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.946a10c95150e29f6221320c88b3a429.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.951a38b2848de5e250e80346106bc490.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4b45fc782ab0fa351474257093b4ae68442a4adfebc35b23aaa72f2c74d147a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 18 Dec 2023 17:28:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
1972246
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
88874
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Mon, 18 Dec 2023 16:49:31 GMT
server
nginx
etag
"6580781b-15b2a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
KO9DnsrBjHcjOKrVKw1hy__6Dsqit_hp7R_mjkrs5AqHxbAHckd52w==
expires
Tue, 17 Dec 2024 17:28:49 GMT
index.html
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		2 KB
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/index.html
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd4b226598cc41701660f6a23258e866a976cbe7714359b3656e6f1017b1fd27

Request headers

Referer
https://www.phillyvoice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
183415
cache-control
must-revalidate,public,max-age=604800
content-encoding
br
content-type
text/html
date
Mon, 08 Jan 2024 10:22:41 GMT
etag
W/"75610cde1541054da56aaac17da27360"
last-modified
Mon, 20 Nov 2023 09:32:51 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-id
PCVuYslwKuARKoxgYyXt7FFgMDpRGXKQHvrwTrZk04Ex2JuLD07eAw==
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
.t5aPfxCiC3dcMaLwZ0jl5ylX_nghvVJ
x-cache
Hit from cloudfront
2a18ea9297b58052ab2f9c7d71e9db08.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/2a18ea9297b58052ab2f9c7d71e9db08.jpeg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-35.ams58.r.cloudfront.net
Software
Cloudinary /
Resource Hash
46d83bd31ae64e25ec20eb10834b6120eb1e5e1b23a0fb76292a1a09a2fd8494
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sat, 06 Jan 2024 08:03:31 GMT
x-content-type-options
nosniff
via
1.1 8bb90d44758ce70476efdf577c8bd268.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
age
534414
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11914
last-modified
Fri, 01 Sep 2023 16:12:56 GMT
server
Cloudinary
etag
"75a5cfc9dffdc4ef66e20d391c56e815"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
QI6_B59KDHChZXivHY0Kj2iaDXKdo1XYiQf6TuQG1U2vEEn78xIzgw==
DroidSerif-Bold.ttf
media.phillyvoice.com/static/global/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.phillyvoice.com/static/global/fonts/DroidSerif-Bold.ttf
Requested by
Host: media.phillyvoice.com
URL: https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bb98486a75a0ee4d7b223b374de24fc22ef0cfe4d1a9344b6b6583d0459c1b0

Request headers

Referer
https://media.phillyvoice.com/static/CACHE/css/output.5c94b398586a.css
Origin
https://www.phillyvoice.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
via
1.1 varnish
x-amz-request-id
K804K01E78NFVQ9J
age
27827
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
48880
x-amz-id-2
1hSjd83//I6DgXGddjdSq6HtclDPpYyxtvR3pJv1ULgftUMYyjtZvr8yc4A8InWEPwynFvdk4JM=
x-served-by
cache-lcy-eglc8600030-LCY
last-modified
Fri, 15 Sep 2023 14:08:35 GMT
server
AmazonS3
x-timer
S1704892775.386537,VS0,VE1
etag
"41f991ed8f547d20821bef28215e5e76"
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
https://www.phillyvoice.com
cache-control
max-age=604800
accept-ranges
bytes
x-cache-hits
1
658c159b4f7b09-58397117.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/658c159b4f7b09-58397117.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-35.ams58.r.cloudfront.net
Software
cloudflare /
Resource Hash
2635ab2594ceca8cbcc50d1c5e9a96729cca6b0a996b69327d014770a31b72b3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Wed, 03 Jan 2024 21:47:48 GMT
x-content-type-options
nosniff
via
1.1 8bb90d44758ce70476efdf577c8bd268.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
age
574442
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
10659
last-modified
Wed, 27 Dec 2023 21:29:53 GMT
server
cloudflare
etag
"85d4a112f74b525370ec3e3eec357ffc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
83c4c04f5da35b5f-IAD
timing-allow-origin
*
x-amz-cf-id
x-NzccLifxAbP1qzCp2t9l_KD_3ORL9CWPxcbSFAgUEdPZLZnbyn4g==
65946d783e7b14-40406519.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/65946d783e7b14-40406519.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-35.ams58.r.cloudfront.net
Software
Cloudinary /
Resource Hash
61117fc1e56c61f8ec9244082f480513e560dea9d4e21ae58f4455db815d16af
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Tue, 09 Jan 2024 23:08:22 GMT
x-content-type-options
nosniff
via
1.1 8bb90d44758ce70476efdf577c8bd268.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
age
51075
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
14673
x-request-id
1cb3fed4214a83495cefc23e92697d11
last-modified
Tue, 02 Jan 2024 21:17:12 GMT
server
Cloudinary
etag
"1122774e949f22de0d27c8b9dc73933b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
m3N41xdrvzCF0okoPK3FU-sM7eJfRySc9Hzz4j0-T24WlH_TR7jS0A==
ae9d45463c6d5abea500b564a73b30c8.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ae9d45463c6d5abea500b564a73b30c8.jpeg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-35.ams58.r.cloudfront.net
Software
cloudflare /
Resource Hash
2c4d8da9fedbe5e69dc55f59712d2332b3a16e670e4ce981a1ad0263f257a025
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sat, 06 Jan 2024 03:35:23 GMT
x-content-type-options
nosniff
via
1.1 8bb90d44758ce70476efdf577c8bd268.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
age
380652
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
16018
last-modified
Sun, 10 Dec 2023 18:15:48 GMT
server
cloudflare
etag
"2f9078df294b6b86c8e105d2cb4f9691"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
83d73b218dec8f11-IAD
timing-allow-origin
*
x-amz-cf-id
3gqPvWIBonlzP-lVys3T3SVRAEONc4IHBeMrShviGQW8tKNpuj1L9Q==
5ef45048738d68-16066710.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/5ef45048738d68-16066710.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-35.ams58.r.cloudfront.net
Software
cloudflare /
Resource Hash
a3d1267b7290087f6dbba3967fbc83f5e856983e229fbe19c4bc21bb0895422a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sat, 06 Jan 2024 06:58:39 GMT
x-content-type-options
nosniff
via
1.1 8bb90d44758ce70476efdf577c8bd268.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
age
368456
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13044
last-modified
Thu, 08 Jun 2023 15:32:16 GMT
server
cloudflare
etag
"4b93c6622bdca2b61df372c7f6aa1e9c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
83d865459f722036-IAD
timing-allow-origin
*
x-amz-cf-id
m9bheJuGgiLFJJ4RRPLisjVegs8Ok-ijrrH7P-zRQJYXRAMXumZGpg==
e5d8fe6655fe6e654cce2d3480d3179a.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/e5d8fe6655fe6e654cce2d3480d3179a.png
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-35.ams58.r.cloudfront.net
Software
cloudflare /
Resource Hash
2ba67e5892a9f4a3333907831ce6f3b00361d4094584499f3833a4a758f11486
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Thu, 04 Jan 2024 20:18:08 GMT
x-content-type-options
nosniff
via
1.1 8bb90d44758ce70476efdf577c8bd268.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
age
493287
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13828
last-modified
Thu, 26 Oct 2023 08:40:27 GMT
server
cloudflare
etag
"0e2c77287bf83e67196814ba632b66d5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
83cc7d1dcd2f0617-IAD
timing-allow-origin
*
x-amz-cf-id
9tdjXTGo6xdQUpUVmmrK6oTRHx3foGGVadVNVq9LE_udeinrTnMbAA==
6cbbbda430db78e815a9c0d7d1b1b1c6.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6cbbbda430db78e815a9c0d7d1b1b1c6.jpeg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-35.ams58.r.cloudfront.net
Software
cloudflare /
Resource Hash
89a9aa4006cb20666a49f7a49921348d5207edb1fe8f289fa49b95c68c790504
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 15:39:27 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 8bb90d44758ce70476efdf577c8bd268.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
age
596408
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13021
last-modified
Thu, 05 Oct 2023 11:33:15 GMT
server
cloudflare
etag
"687627924edb136ff23890d472a72075"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
83fc55aaeffd38fe-IAD
timing-allow-origin
*
x-amz-cf-id
n9TRE9FYgLF3-EY7eYbzAg6jAY4GXCRGP2AinfuD-4qboGlN1sCWtQ==
5ef18a292a3a91-28406113.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/5ef18a292a3a91-28406113.png
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-35.ams58.r.cloudfront.net
Software
cloudflare /
Resource Hash
fb934c735f4156a7129e58c4bbbd46dadce36f0495aad61a7fbffb33d8d4eafb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 13:08:51 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 8bb90d44758ce70476efdf577c8bd268.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
age
173444
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
27932
last-modified
Thu, 08 Jun 2023 15:27:24 GMT
server
cloudflare
etag
"ceeb54d11c20594b6eac32b11d514388"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8424abec1f6f05a3-IAD
timing-allow-origin
*
x-amz-cf-id
bPxz8Kp0NG-rRnLJbfgC-MXrWS3Iu0-wooD0wELFLyHDdUHKMGU-bg==
78cb2ebb4875444199bf4fd694f988cc.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_600,w_800,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_600,w_800,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/78cb2ebb4875444199bf4fd694f988cc.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-35.ams58.r.cloudfront.net
Software
cloudflare /
Resource Hash
fc039dba20e5501bfceceb4ed6e91af7ba3bac044693fe69fbbcb772cce60cc6
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Wed, 10 Jan 2024 13:11:57 GMT
x-content-type-options
nosniff
via
1.1 8bb90d44758ce70476efdf577c8bd268.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
age
680
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
52534
last-modified
Sun, 31 Dec 2023 02:02:29 GMT
server
cloudflare
etag
"9c854132b4d6e037ac1942b593dfa8d0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
private, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
840eaf6cdca22d14-IAD
timing-allow-origin
*
x-amz-cf-id
KlC8SghEvOFK_9gv6ar_PO1pwbRfMojnh2TlaqCK3YoeSwoVpvrU2Q==
15e868a6007e4015b3fe146d983fb65d.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_600,w_800,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_600,w_800,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15e868a6007e4015b3fe146d983fb65d.jpg
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-35.ams58.r.cloudfront.net
Software
cloudflare /
Resource Hash
f9ab1bb185f10e7135b6294f220eb38b0dbbc053b97378ba2095f5ace5049595
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Wed, 10 Jan 2024 13:19:35 GMT
x-content-type-options
nosniff
via
1.1 8bb90d44758ce70476efdf577c8bd268.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
age
507
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
44840
last-modified
Fri, 29 Dec 2023 06:05:21 GMT
server
cloudflare
etag
"8c8affce9f1b7a416841b21edf310eee"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
private, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
84204122ee21083d-IAD
timing-allow-origin
*
x-amz-cf-id
96OxsmpvQvE6_46PGXr37opgEeyPVC_0THf_WHipmwo4XclLBJlZuA==
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1082&val=%7B%22userAgent%22%3A%7B%22allow%22%3Atrue%2C%22software%22%3Anull%2C%22os%22%3Anull%2C%22hw%22%3Anull%7D%7D&wnx=0&abc=&ty=prs&v=1&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1083&val=0&wnx=0&abc=&ty=pll&v=1&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
1704761921015_416x234_thumbnail.jpg
cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/ 		0
0
1704761920875_248x140_thumbnail.jpg
cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/1704761920875_248x140_thumbnail.jpg?wid=0011r00001qbFvJ_372
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
7cb155bd3101578d9a8c43505080dbd106336e9320392d57f0cfd512773c6ad4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
last-modified
Tue, 09 Jan 2024 00:58:41 GMT
server
AmazonS3
x-amz-request-id
E8QKKWHXN6T7N0BA
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
10519
x-amz-id-2
Gmfk4mrO/o+z8UKdzqxuTnoCYhMDxfJp592IXyb3O7H/kiW9YE37KYw5MrsEzsQ54y+s8yvNMn8=
x-llid
c7591a03a80eaa5c8edb401dfe376a70
1623441754084_248x140_thumbnail.jpg
cdn5.anyclip.com/S2yp_HkBFTT9HIU1qH4r/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn5.anyclip.com/S2yp_HkBFTT9HIU1qH4r/1623441754084_248x140_thumbnail.jpg?wid=0011r00001qbFvJ_372
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
4dfa9cc0068143142a36df2d48d199a90bfff0b4d27a3fbd80bd85a5e9a6951a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
last-modified
Fri, 11 Jun 2021 20:02:35 GMT
server
AmazonS3
x-amz-request-id
W4BRZ2WCVTVK1G7N
age
71120
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
8947
x-amz-id-2
rL6PGILMz5iI30S1G1YRyWMy9Ngs4PhWnQmURQyp3f1kGUNl2PB+dq1/85EjipIsecMZ8o9XZgI=
x-llid
2a0cb9e6800d543b97954e04e3d003a8
1543954151030_thumbnail.jpg
cdn5.anyclip.com/AWd61nCCZEpPi9i_tG6p/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn5.anyclip.com/AWd61nCCZEpPi9i_tG6p/1543954151030_thumbnail.jpg?wid=0011r00001qbFvJ_372
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
47ba7507a0962e386d9be62301df17cb08070580dbd2795ce9c0f3b7cf7bfccf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
last-modified
Tue, 04 Dec 2018 20:09:13 GMT
server
AmazonS3
x-amz-request-id
MW0450CG3Z9BR5RF
age
55987
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
13077
x-amz-id-2
NcKlQSVPs7p46Eol58uFaBEl5HeATGr0hVdmfyIAX6hOSKx3cwDOBE+MbdSpxxzWWZLb0j1tkzM=
x-llid
be80bb5ade1846da0d70ef01d646d062
1656972084015_248x140_thumbnail.jpg
cdn5.anyclip.com/m2A6y4EBZ9bqfta_uHcO/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn5.anyclip.com/m2A6y4EBZ9bqfta_uHcO/1656972084015_248x140_thumbnail.jpg?wid=0011r00001qbFvJ_372
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
65b545c65916e46eaee73d7c8d6bdeadedf1cef47965de2cb405fff88aeca6a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:37 GMT
last-modified
Mon, 04 Jul 2022 22:01:25 GMT
server
AmazonS3
x-amz-request-id
J2S28QR9CF3H0NYY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
21233
x-amz-id-2
kl7Vc9Ye7NVWL1DEf4keLDCuOM38JXa8dAZSjFL2zvkfoKGT1Ky0Mb0+x3F/BRhX1wYm9AgT9uE=
x-llid
65cc80099341919a624c11fde604d95a
1703292893944_248x140_thumbnail.jpg
cdn5.anyclip.com/5QMnlIwBUnMoGB57zyzr/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn5.anyclip.com/5QMnlIwBUnMoGB57zyzr/1703292893944_248x140_thumbnail.jpg?wid=0011r00001qbFvJ_372
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
f7694e00ae4f4c19942ddf5d93b22f3a6b42b682c01e84eebf0d7fd61718785d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:36 GMT
last-modified
Sat, 23 Dec 2023 00:54:54 GMT
server
AmazonS3
x-amz-request-id
WKJ4Q64VYF12E16V
age
55988
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
7518
x-amz-id-2
ZCI0mTJFNED8lI21H3dCevhWWXAp17vBhUkAJNkxW6F8DCgNdi8sbMItTdyHGVy160h3vE0ks+g=
x-llid
fa409ae9d84d93149f7e62e675b4ffbb
1704761921015_416x234_thumbnail.jpg
cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/1704761921015_416x234_thumbnail.jpg?wid=0011r00001qbFvJ_372
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
56336b045520f48d49e0b09205eb4be7d773a696afcff55d51254d22ff7800f5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
last-modified
Tue, 09 Jan 2024 00:58:42 GMT
server
AmazonS3
x-amz-request-id
MW0FY0VZEHC16M8N
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
18872
x-amz-id-2
SYXgaIXj/Ix69iQGGuD5a9NH2iYglQgSQYTtJm7or+3nUtND2QKkP0JykPB0VIkePacx6GsIweo=
x-llid
eaf54540419b517cb1d24ee0f5081083
1704761921015_416x234_thumbnail.jpg
cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/1704761921015_416x234_thumbnail.jpg?wid=0011r00001qbFvJ_372
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
56336b045520f48d49e0b09205eb4be7d773a696afcff55d51254d22ff7800f5

Request headers

Referer
https://www.phillyvoice.com/
Origin
https://www.phillyvoice.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
last-modified
Tue, 09 Jan 2024 00:58:42 GMT
server
AmazonS3
x-amz-request-id
MW0FY0VZEHC16M8N
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
18872
x-amz-id-2
SYXgaIXj/Ix69iQGGuD5a9NH2iYglQgSQYTtJm7or+3nUtND2QKkP0JykPB0VIkePacx6GsIweo=
x-llid
ecee1a3bdaceb18eea08947586395b5a
watch.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 		364 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/watch.svg?hash=2f7343dd79
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
67386f7f6c11079518c59fdca44b5a6c5b17f4b8cda8ead4e993f3b2dfda0e5d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 10 Jan 2024 14:22:18 GMT
x-amz-version-id
jJ7plitpaP9q57Aey2ETnqu6JQKZQWu3
content-encoding
gzip
date
Wed, 10 Jan 2024 13:19:35 GMT
x-amz-request-id
107VJ0GZWH0BRNFN
age
10637
x-amz-meta-sha256
67386f7f6c11079518c59fdca44b5a6c5b17f4b8cda8ead4e993f3b2dfda0e5d
content-length
250
x-amz-id-2
BJ3KUJKZW1dHzIZc3UzFi1oORPnGHyOUpKNLBCgfjg9qgoEceSZ9gQNBixGEd+L585a6t+yJ5OU=
last-modified
Tue, 04 Aug 2020 10:39:53 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=14400
accept-ranges
bytes
x-llid
ad4d12fdfb53c77f7abcc38662edd407
x-amz-meta-s3b-last-modified
20200804T103752Z
like.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 		401 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/like.svg?hash=2f7343dd79
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
453e9cc6fc295196d8914da9858a388ce58a1dcb9b033aab9037aa2badbbc0d9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 10 Jan 2024 14:22:15 GMT
x-amz-version-id
AgMuGLHw2p4hvvpUt5__8K6ZhGhprdTJ
content-encoding
gzip
date
Wed, 10 Jan 2024 13:19:35 GMT
x-amz-request-id
Z067Z0FDDWEBBS0M
age
10640
x-amz-meta-sha256
453e9cc6fc295196d8914da9858a388ce58a1dcb9b033aab9037aa2badbbc0d9
content-length
286
x-amz-id-2
DXeFxUDc4EmIPGW2jcBxzKRk7gRfNhkgLQJqxEwzqdkTts6fe9S5FtTnvJK2cnM5PlCH56blu70=
last-modified
Tue, 04 Aug 2020 10:39:58 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=14400
accept-ranges
bytes
x-llid
139e79692b1e5f52c2abcbbf7840d47a
x-amz-meta-s3b-last-modified
20200804T103803Z
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&inx=0&rt=1103&val=&wnx=1&abc=&ty=pli&v=1&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
c4e52983-c5f9-4b60-b57b-8a17cae1a6b3
https://www.phillyvoice.com/ 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.phillyvoice.com/c4e52983-c5f9-4b60-b57b-8a17cae1a6b3
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9c21f73e5781b07e9ae478497472051a87ee326e95761bb2d82387b07cbbcf6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
5905
Content-Type
application/javascript
1cd13367-f692-406f-ac8c-bd46c8217166
https://www.phillyvoice.com/ 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.phillyvoice.com/1cd13367-f692-406f-ac8c-bd46c8217166
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58d539f0f19b99e064d6e0a60b27471031ad1a01a4e53baebc5fa26bd64acd0d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
80204
Content-Type
application/javascript
3640b5f5-dccb-4c6d-966a-4eaf93192429
https://www.phillyvoice.com/ 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.phillyvoice.com/3640b5f5-dccb-4c6d-966a-4eaf93192429
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58d539f0f19b99e064d6e0a60b27471031ad1a01a4e53baebc5fa26bd64acd0d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
80204
Content-Type
application/javascript
1704761921015_416x234_thumbnail.jpg
cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/1704761921015_416x234_thumbnail.jpg?wid=0011r00001qbFvJ_372
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
56336b045520f48d49e0b09205eb4be7d773a696afcff55d51254d22ff7800f5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
last-modified
Tue, 09 Jan 2024 00:58:42 GMT
server
AmazonS3
x-amz-request-id
MW0FY0VZEHC16M8N
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
18872
x-amz-id-2
SYXgaIXj/Ix69iQGGuD5a9NH2iYglQgSQYTtJm7or+3nUtND2QKkP0JykPB0VIkePacx6GsIweo=
x-llid
779f6682fce6a82d9301e92693363615
expires
Thu, 11 Jan 2024 13:19:35 GMT
master.m3u8
cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/ 		561 B
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/master.m3u8?wid=0011r00001qbFvJ_372
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
7a873efa02bfa12df5aeeca90577d802d84659e81ecdd6a8d4358a8fa4795308

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
last-modified
Tue, 09 Jan 2024 00:56:55 GMT
server
AmazonS3
x-amz-request-id
1GV1MAGCYTV8HVD9
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
561
x-amz-id-2
pXJdmzUsbjNHBA66aZJbmCP18IKDPG/40wh5EydYcy3uF12/bEgpdHJ5LLeb5dOwz4ukanUYWHw=
x-llid
6409c44c21f0ad81464bd7c0e33627c9
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&inx=0&rt=1125&val=1&wnx=1&abc=&ty=cla&v=1&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
volume-off.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 		901 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/volume-off.svg?hash=2f7343dd79
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
2bf4b5202559dbe01d8188a3adb26d68755a69064f233ef63f284b08efaed6ad

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 10 Jan 2024 14:21:30 GMT
x-amz-version-id
LD1v9d__0LhgJzdvbwPuMTNvxNdup1gK
content-encoding
gzip
date
Wed, 10 Jan 2024 13:19:35 GMT
x-amz-request-id
4RMR572GPDGTHVZD
age
10685
content-length
527
x-amz-id-2
881T+GJoyANizpaZrF1GRrCidGRLLV8oEj+no1+vgyTK2eFtmUdaiDR4/rBkvZqyGVRgfLuONAM=
last-modified
Sun, 12 Aug 2018 11:52:27 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=14400
accept-ranges
bytes
x-llid
1342e3510986945ef258c89b8bad3798
x-amz-meta-s3b-last-modified
20180812T115113Z
fullscreen.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 		1 KB
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/fullscreen.svg?hash=2f7343dd79
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
0b7b74a139779fba8e1d17d597aa7cbffa27bd33d2b5c43d8039264c2a627412

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 10 Jan 2024 14:21:30 GMT
x-amz-version-id
U03j5muVk7AbvhQemSaiRqevJSRY_Dma
content-encoding
gzip
date
Wed, 10 Jan 2024 13:19:35 GMT
x-amz-request-id
4RMJ7SZF7446J7SH
age
10685
content-length
531
x-amz-id-2
jBiti7xtw6RhJK5nLSNey9oYxbc4dAIoxv3tJBX9HKVpERzpdOvhWeWV4nVlH8CZrPtNapSwLrk=
last-modified
Thu, 09 Aug 2018 13:37:33 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=14400
accept-ranges
bytes
x-llid
ee6fa81034bc5fe127585c54c754a5f0
x-amz-meta-s3b-last-modified
20180704T113429Z
pause.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 		758 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/pause.svg?hash=2f7343dd79
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
d544eae637d61ee786c0a45bb0a7f250f9280bcd2ea1576655a761f1d397b8df

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 10 Jan 2024 14:21:30 GMT
x-amz-version-id
COllNS2vUDfTYhxXvQJ57jWZVnnMficH
content-encoding
gzip
date
Wed, 10 Jan 2024 13:19:35 GMT
x-amz-request-id
4RMKVMHJD12XDVA5
age
10685
content-length
430
x-amz-id-2
5o/OEiqHitYsMgr6jY0LSNsnHB8kDo7BrbgOKHsCMNMTx1IK55yETuNYv6SDRRES8h6ecTjd6gk=
last-modified
Thu, 09 Aug 2018 13:37:34 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=14400
accept-ranges
bytes
x-llid
765bb08f3bbe86535ac82155c9a3e605
x-amz-meta-s3b-last-modified
20180704T113405Z
next.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 		729 B
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/next.svg?hash=2f7343dd79
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
55775baf70d2f1d40bac3a60de82e8e42b7e34687802f73671f25f2f60fdc6d4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 10 Jan 2024 14:21:30 GMT
x-amz-version-id
9oEyfyolAdum9dgyt9Cw6qZIm50OH1cD
content-encoding
gzip
date
Wed, 10 Jan 2024 13:19:35 GMT
x-amz-request-id
4RMZ1C1ZAS4ZM4K4
age
10685
content-length
469
x-amz-id-2
FS24iuBkMKVWwOjKvKtzEGB4ewbZApIiPpMmO9KPA3siZLXROkWShe0f8uRg3J9QZyq/SysxYDE=
last-modified
Thu, 09 Aug 2018 13:37:34 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=14400
accept-ranges
bytes
x-llid
48c31e7b311ef763159bf97ae06782a3
x-amz-meta-s3b-last-modified
20180704T113415Z
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.phillyvoice.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
lounge.f7ae30d42a8946a9460cc262732d4da8.css
c.disquscdn.com/next/embed/styles/ Frame 32CF 		233 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.38c5aabc45d4259965d7e2fa23a41f7b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f17fa1d863ade20f6e8af77a09d3ea79b694c4cea7a50f11aa2d65b5d4755d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 18 Dec 2023 17:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
1972250
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
33312
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Mon, 18 Dec 2023 16:49:31 GMT
server
nginx
etag
"6580781b-8220"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
g88nICfcCOaUulTobLFLIm4rmdtNnLLXUlUo_7NkKA4_SYy2eWIhow==
expires
Tue, 17 Dec 2024 17:28:45 GMT
lounge.bundle.2f86b371c469b373967566d21bc76e78.js
c.disquscdn.com/next/embed/ Frame 32CF 		513 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.2f86b371c469b373967566d21bc76e78.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.38c5aabc45d4259965d7e2fa23a41f7b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
343cc2ae21bbaf76ed55ccd75441f693b5ed63a18f1d2ce7bf4195ef0d8a7b63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 04 Jan 2024 17:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
501579
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
131052
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 04 Jan 2024 17:51:50 GMT
server
nginx
etag
"6596f036-1ffec"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
72pkkwywH8ynji3Bu4Mo1PSMwSY0VXH0xU855FHMvBkX996XGNPySQ==
expires
Fri, 03 Jan 2025 17:59:56 GMT
config.js
disqus.com/next/ Frame 32CF 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.38c5aabc45d4259965d7e2fa23a41f7b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9ceb8c5a50f77198918306fecc63c1a9a6089b02e741ac58c7028bbc84c66b3e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 13:19:35 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
15
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
19291
X-XSS-Protection
1; mode=block
styles.css
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/styles.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e44f20ad1e0415f23d5cebd0f4c329f7c6b6ede0e628781ae82c392d6b09626d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 10:22:42 GMT
x-amz-version-id
l9Yxetfnn_7CQGJLWsPPCEiJskCfJpcn
content-encoding
br
last-modified
Mon, 20 Nov 2023 09:32:56 GMT
server
AmazonS3
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"0ed4578b4ace412be12dcff192aae7f1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
must-revalidate,public,max-age=604800
age
183413
x-amz-cf-id
7i-neLqf_PHh58ZGwByb9cLcFUW2Sn9IzyfCyIDNvy3o2o3D43F78A==
openSans.css
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		32 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53f0d3ec31993f75aa6a5135d73e4c138da6eb0bf61c437b26a7acf4b9f61949

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
03kwdFjMWhpCAbz3VXW0f9903WDBjZsl
content-encoding
br
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 07:55:09 GMT
last-modified
Mon, 20 Nov 2023 09:32:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
19467
x-amz-server-side-encryption
AES256
etag
W/"d3d135bb6189c884e579b5c9d18247cf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-id
UY_acH-AQ_xe_izUxKRgfXE6CmzqlhzKDGKBFCwQUY1w-3tzQgBJOg==
runtime.js
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
998a5669295e7b46d6cbbff71584d9c72dd91fddd8be6183f45b7b5affaa038d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
8JBUrCZTQh_UJAXOCQ9O0WbxP6TapRUy
content-encoding
br
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
date
Sat, 06 Jan 2024 01:47:07 GMT
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
387149
x-amz-server-side-encryption
AES256
etag
W/"baa561d4c829977602712d4f71384ad3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-id
k45lrjTAC_rAZBSI4JQDBJu8Fm7tR0mt-EE-cC0u-d3OmQrzrVN17g==
polyfills.js
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/polyfills.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
333bcf8037746f5d9af71a19dcc2ddcc7b4bace7c7888f66752acc7cb840a8ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
z3ZS18Neszg2pse7rhQkwnqT46yuw84p
content-encoding
br
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
date
Thu, 04 Jan 2024 04:09:51 GMT
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
551385
x-amz-server-side-encryption
AES256
etag
W/"18ff9b671ebe4f0582ea1dad523d6914"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-id
WtJ_pJDY90oQ5U6lv0qc3-iQBVbPpsSEay5fNNxMobsQa3fQCZ_Rww==
vendor.js
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		646 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/vendor.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
612ef9770b16e45767bc83794a0a89703c143c205243662636463e9b56c916c1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
BBXdtb3GKnM1.v4opwJnHrUUyOrkdEtB
content-encoding
br
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 06:01:42 GMT
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
26274
x-amz-server-side-encryption
AES256
etag
W/"c0dacd8e88f53909cb796490cf70c0f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-id
VCmp9akP0PATf9cf4yzowx05Yzi9KTyPSGhPyxGIiiJf_EJdnvehKA==
main.js
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/main.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e87a8facbeec483528a20a654e8737ead5b65be2861c38e19c966cb6f50bfb8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
0sBd6Y84hLYt91YVoxR12Yx6fykYIyLQ
content-encoding
br
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
date
Thu, 04 Jan 2024 20:52:07 GMT
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
565003
x-amz-server-side-encryption
AES256
etag
W/"71550097c2c628648cbfb7d1fb15618d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-id
qutKT6bw7KE3k-c4ZGj1RFPsGnekyjrI-tq2BhSCq4YY-Ib2Z5ra5A==
defaultTheme.css
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/defaultTheme.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:56:17 GMT
x-amz-version-id
C.Ak6kBXVIedEWgfFPis.li0mrcjHfYr
content-encoding
br
last-modified
Mon, 20 Nov 2023 09:32:51 GMT
server
AmazonS3
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"eba68fd1d6e00f025c7b6c5b7584d159"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
must-revalidate,public,max-age=604800
age
541399
x-amz-cf-id
beOTbGRkiiP68riWr9_WGJHNa5dOsboAPa0ljs5dmAWom7VQ0Os6lQ==
runtime.js
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
998a5669295e7b46d6cbbff71584d9c72dd91fddd8be6183f45b7b5affaa038d

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
8JBUrCZTQh_UJAXOCQ9O0WbxP6TapRUy
content-encoding
br
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
date
Sat, 06 Jan 2024 01:47:07 GMT
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
387149
x-amz-server-side-encryption
AES256
etag
W/"baa561d4c829977602712d4f71384ad3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-id
GFgtzkKEv69sQFs4H8edTAWiYW1YyNVQJCW2xHhwMvnsSfCxdMt42A==
polyfills.js
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/polyfills.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
333bcf8037746f5d9af71a19dcc2ddcc7b4bace7c7888f66752acc7cb840a8ea

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
z3ZS18Neszg2pse7rhQkwnqT46yuw84p
content-encoding
br
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
date
Thu, 04 Jan 2024 04:09:51 GMT
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
551385
x-amz-server-side-encryption
AES256
etag
W/"18ff9b671ebe4f0582ea1dad523d6914"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-id
WtvGl16qyO-bCrEsKySAkJJlgLw-725wP1qkhDmh_gqVCkalpN22ww==
vendor.js
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		646 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/vendor.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
612ef9770b16e45767bc83794a0a89703c143c205243662636463e9b56c916c1

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
BBXdtb3GKnM1.v4opwJnHrUUyOrkdEtB
content-encoding
br
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 06:01:42 GMT
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
26274
x-amz-server-side-encryption
AES256
etag
W/"c0dacd8e88f53909cb796490cf70c0f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-id
5qWX3D-rgXmVP5-sJOgBCOaX9U8D_p72PX8eUbKIUn2gQRmite9RHg==
main.js
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/main.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e87a8facbeec483528a20a654e8737ead5b65be2861c38e19c966cb6f50bfb8

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
0sBd6Y84hLYt91YVoxR12Yx6fykYIyLQ
content-encoding
br
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
date
Thu, 04 Jan 2024 20:52:07 GMT
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
565003
x-amz-server-side-encryption
AES256
etag
W/"71550097c2c628648cbfb7d1fb15618d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-id
W4VgX8ZYYabPL5HK7Z9Ve2ZCYv7pjSI6biObPGXjQHqIU0gNmFthWQ==
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&inx=0&rt=1210&val=ad%3Dhttps%253A%252F%252Fmarketplace.anyclip.com%252Fv1%252Fwaterfall%253Fsti%253DiocbQ4EBlB2wT2eMy_kY%2526w%253D400%2526h%253D225%2526v%253D1%2526cb%253D329553103%2526pid%253Dphillyvoicecom%2526sid%253DRUWOgIxYyRt62aRScIUhM5uHlxdrOiAy%2526cid%253Dijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx%2526wid%253D0011r00001qbFvJ_372%2526dom%253Dphillyvoice.com%2526abc%253D%2526geo%253DGB%2526dev%253D1%2526bw%253D%2526os%253D%2526ip%253D217.138.196.105%2526url%253Dhttps%25253A%25252F%25252Fwww.phillyvoice.com%25252Fhershey-company-phishing-data-breach%25252F%2526gdpr%253D%2526consent%253D%2526schain%253D1.0%252C1%2521anyclip.com%252C0011r00001qbFvJAAU%252C1%252C%252C%252C%2526us_privacy%253D%2526utm%253D%2526pl%253Da%2526ima%253D%2524%255Bsps_ima_mode%255D%2526clipPlayCounter%253D1%2526tid%253D%2524%255Btid%255D%2526amznbid%253D%2526amzniid%253D%2526ua%253DMozilla%25252F5.0%252520%2528Windows%252520NT%25252010.0%25253B%252520Win64%25253B%252520x64%2529%252520AppleWebKit%25252F537.36%252520%2528KHTML%25252C%252520like%252520Gecko%2529%252520Chrome%25252F120.0.6099.216%252520Safari%25252F537.36%2526domain%253Dphillyvoice.com%2526page%253D%2524%255Bpage%255D%2526itemid%253D%2524%255Bitemid%255D%2526zone%253D%2524%255Bzone%255D%2526permutive%253D%2524%255Bpermutive%255D%2526dxseg%253D%2524%255Bdxseg%255D%2526key_custom3%253D%2524%255Bcma1%255D%2526gpt%253D%2524%255Bgpt%255D%26mavs%3D0%26rqcm%3D1%26m%3D1%26ast%3D-1%26smb%3D1%26sid%3DRUWOgIxYyRt62aRScIUhM5uHlxdrOiAy%26imaw%3D0%26amd%3D1%26sf%3D0%26page_url%3Dhttps%253A%252F%252Fwww.phillyvoice.com%252Fhershey-company-phishing-data-breach%252F%26wf%3D1%26act%3D200%26hap%3D1%26hap_mc%3D-1%26uids%3D1%26af%3D1%26af_dp%3D0.1%26af_am%3Ddynamic%26af_mf%3D0.55%26omid%3D%257B%2522GOOGLE%2522%253A%2522FULL%2522%252C%2522MOAT%2522%253A%2522FULL%2522%257D%26pb_t%3D20000%26gpid%3D0%26spb%3D0%26vid_d%3D82004&wnx=1&abc=&ty=arq&v=1&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid&sti=iocbQ4EBlB2wT2eMy_kY
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:35 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
events
marketplace.anyclip.com/v1/ 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&inx=0&rt=1210&val=&wnx=1&abc=&ty=frq&v=1&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid&sti=iocbQ4EBlB2wT2eMy_kY
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.84.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-84-237.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:36 GMT
content-length
0
events
marketplace.anyclip.com/v1/ 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&inx=0&rt=1210&val=&wnx=1&abc=&ty=wfr&v=1&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid&sti=iocbQ4EBlB2wT2eMy_kY
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.84.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-84-237.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:36 GMT
content-length
0
lreprx.js
player.anyclip.com/lreprx/js/v1/src/ Frame 9DE4 		215 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&imaw=0&wf=1
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
78e4ffc82d12c28b0ae7bfbdd302f656b9933b8b88fb3c781d9d48c43929a76e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
nKFHt0_0u5FvFwbK7VvDPzu.Iao64tjK
content-encoding
gzip
date
Wed, 10 Jan 2024 13:19:35 GMT
x-amz-request-id
4M88G3GE4DF6AHWW
age
72302
x-amz-server-side-encryption
AES256
content-length
51720
x-amz-id-2
b+UdOnT84ZEj+b2lt7C6LSotD+IQ2U11ch30SFfG7sEAlMdg/FEqJ4ZXH3MwglzSwOQdQzhwAfk=
last-modified
Thu, 21 Dec 2023 09:30:32 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
x-llid
d3f650f683e43023be1055d29b57a62c
expires
Tue, 09 Jan 2024 17:15:33 GMT
recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame 8DD0 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.946a10c95150e29f6221320c88b3a429.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ad59b3c437a380375b4205e22d9bf50856690b094d2fa425ae90971f5b58758e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 23 Jul 2023 23:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
14739103
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2968
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 12 Jul 2023 14:04:56 GMT
server
nginx
etag
"64aeb308-b98"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
5kAJpZlddaxbUn_KwL8LOu2lQWucrJM_xInhcfwOX7dbl1elIJmggA==
expires
Mon, 22 Jul 2024 23:07:52 GMT
recommendations.bundle.b1d305f840327c58f4ac9b236b8cd735.js
c.disquscdn.com/next/recommendations/ Frame 8DD0 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.b1d305f840327c58f4ac9b236b8cd735.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.946a10c95150e29f6221320c88b3a429.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
47d4cc8f41a50c8835c9f83a13ab174866b9f82a24ea590b854574a6773a071a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 31 Oct 2023 14:00:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
6131917
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
20373
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 31 Oct 2023 13:53:35 GMT
server
nginx
etag
"654106df-4f95"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
lXYLpNlXbfzpmjy1zRDmWLVMQXxTNIHiAfKCd8vOxQZi1IkVxJPmBA==
expires
Wed, 30 Oct 2024 14:00:58 GMT
config.js
disqus.com/next/ Frame 8DD0 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.946a10c95150e29f6221320c88b3a429.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9ceb8c5a50f77198918306fecc63c1a9a6089b02e741ac58c7028bbc84c66b3e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/recommendations/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 13:19:35 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
15
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
19291
X-XSS-Protection
1; mode=block
details
disqus.com/api/3.0/forums/ Frame 32CF 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=phillyvoice&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.38c5aabc45d4259965d7e2fa23a41f7b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
988088a9a17554d16bc3c202568b4a87ae34d7fd8a0107994f49d4f1c666d0b4
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&s_o=default
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 13:19:35 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Origin, Cookie
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
3358
X-XSS-Protection
1; mode=block
cors
data.ad-score.com/data/ 		50 B
600 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=TDCleGZnigoFnFsksOJscNoQzLkAxQfs-FE7fPshldVrqKDwZ2nLLEUPFOA==-E03BOMVlYlPmNA==&pm_ct=74dc908d5f2500a0135180d0&pm_pl=1704892775638&pm_td=9&pid=1000177&en=1.1&callback=__pm_glbl_59zMCkt2nX8eIyZQlbtWY8Af._gc1&tt=opt&v=762b2b3
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
38950857b6f83c5b833e4d09c0277294457abaada13ad71924c06a251b578c8b

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Jan 2024 13:19:36 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://www.phillyvoice.com
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
50
x.html
js.ad-score.com/ Frame 26AA 		76 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?v=762b2b3&pid=1000177
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2447:4600:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
94e222778eff975883ccf43658b9d447de2a7175a0cc1b626326f4a6a4e85448

Request headers

Referer
https://www.phillyvoice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
63634
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Jan 2024 19:39:02 GMT
Last-Modified
Tue, 09 Jan 2024 18:32:18 GMT
Transfer-Encoding
chunked
Via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
X-Amz-Cf-Id
1vr8PhgPk7XPhIU1CZKlwNeVKunWDFqVdKwwHsBsC4wkAj5ZONaBQQ==
X-Amz-Cf-Pop
AMS58-P5
X-Cache
Hit from cloudfront
index.m3u8
cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/ 		827 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/index.m3u8?wid=0011r00001qbFvJ_372
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
83598eaabb96b3574919f0665553c833ac10d3a858b82c3296e075abe4d64795

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:36 GMT
last-modified
Tue, 09 Jan 2024 00:56:53 GMT
server
AmazonS3
x-amz-request-id
0XAZ0NN3RAAA36KP
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
827
x-amz-id-2
5kHifxJx2lw3W2Qj46gW7R83yE0+seHD142UKnDizpxSZkC20JaKm6xFEBy3Wnx9B5OE82pTrmXmEDSMn7Lmsw==
x-llid
be0ac7d5f436b669c9e92c97239725c4
fb8bdf54-97de-429b-8269-a83fb9d0e874
https://www.phillyvoice.com/ 		725 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.phillyvoice.com/fb8bdf54-97de-429b-8269-a83fb9d0e874
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
725
Content-Type
text/javascript
sync.js
player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/ Frame C133 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/sync.js?ts=1704892774376
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
4c545cbf0801ffc734bd05fda75b01d4c22f3bd7c5984665be341d23ea2e7e1b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
VEGqNqbPC.5iKEso_GlYAuIxnEna8j_X
content-encoding
gzip
date
Wed, 10 Jan 2024 13:19:36 GMT
x-amz-request-id
WX7C2WSKHFTZ14Q6
age
8558
x-amz-server-side-encryption
AES256
content-length
2372
x-amz-id-2
p9PgiY+Zv8oHrFiCzZT2e+ur7DIttSnp2qpu5LnYJesKvfPHpWuiWRPGqpSlxWnDKL7FD/yVB6KSNEE1Y0X1eZ9fSfssE/5rqiwHRPKD208=
last-modified
Tue, 09 Jan 2024 09:30:46 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
x-llid
0ff79e5527988156ec735bb44778b990
expires
Wed, 10 Jan 2024 10:57:58 GMT
page-view
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.76.200.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-200-175.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.phillyvoice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.phillyvoice.com
content-length
0
date
Wed, 10 Jan 2024 13:19:36 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
eu-west-1c
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.76.200.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-200-175.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.phillyvoice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.phillyvoice.com
content-length
0
date
Wed, 10 Jan 2024 13:19:36 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
eu-west-1c
dbc.js
assets.revcontent.com/master/ 		143 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/dbc.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.36.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-101.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ef3bf18994e09356dfb0f0e9aca831010d53792358d80bb2cfaa1d2af6b1f1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:12:58 GMT
content-encoding
gzip
via
1.1 e71625290a8b18b90edbfcbc81303596.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 18:14:16 GMT
server
AmazonS3
age
14799
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
etag
W/"6a7ba60b3faa6223a4edc1ce376fca1f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
I13YQA_LUHbKINQSIhgiq4yEX6CP2tma5X8_s8BeymAfpnLLgRr3wg==
dbc.css
assets.revcontent.com/master/ 		20 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/dbc.css
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.36.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-101.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df5bb57668506d7e274a2a73f94769eaa8557fea9fcd627f027d4c0302c7cc22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 14:22:34 GMT
content-encoding
gzip
via
1.1 e71625290a8b18b90edbfcbc81303596.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 18:14:17 GMT
server
AmazonS3
age
84382
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
etag
W/"db5414caa298df0d267de911685db74f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
uFtHk2zVj0gjpuuYEXay98BFJo8kOtm31HK4WHjxadgEct_tT9CrOA==
page-view
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.76.200.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-200-175.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
eu-west-1c
access-control-allow-origin
https://www.phillyvoice.com
date
Wed, 10 Jan 2024 13:19:36 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.76.200.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-200-175.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
eu-west-1c
access-control-allow-origin
https://www.phillyvoice.com
date
Wed, 10 Jan 2024 13:19:36 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
css2
fonts.googleapis.com/ Frame 32CF 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 13:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 12:42:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 13:19:36 GMT
event.js
referrer.disqus.com/juggler/ Frame 32CF 		40 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://referrer.disqus.com/juggler/event.js?experiment=default&variant=control&page_referrer=https%3A%2F%2Fwww.phillyvoice.com%2F&product=embed&thread=9965131995&thread_id=9965131995&forum=phillyvoice&forum_id=3359912&zone=thread&verb=load&object_type=section&object_id=email_subscriptions&section=email_subscriptions&extra_data=%7B%22user_verified%22%3Afalse%2C%22email_subscription_prompt%22%3A%7B%22title%22%3A%22We+have+awesome+news+for+you!%22%2C%22description_copy%22%3A%22Get+Sports+%26+News+from+PhillyVoice+sent+directly+to+your+inbox+daily.%22%2C%22confirmation_copy%22%3A%22Thanks+for+subscribing+to+the+daily+newsletter+from+PhillyVoice!+If+you%27d+like+to+unsubscribe%2C+there+will+be+a+link+in+emails+you+receive+from+PhillyVoice.%22%7D%7D&event=activity&imp=4gcavhv1u07eq1&area=n%2Fa
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.38c5aabc45d4259965d7e2fa23a41f7b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 13:19:36 GMT
x-content-type-options
nosniff
server
nginx
transfer-encoding
chunked
content-type
application/javascript
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-xss-protection
1; mode=block
truncated
/ Frame 32CF 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&inx=0&rt=1922&val=%221.1.53_296_prod%22&wnx=1&abc=&ty=xlo&v=1&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a&sti=iocbQ4EBlB2wT2eMy_kY
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:36 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 9DE4 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&imaw=0&wf=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Wed, 10 Jan 2024 13:19:36 GMT
waterfall
marketplace.anyclip.com/v1/ Frame 9DE4 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://marketplace.anyclip.com/v1/waterfall?sti=iocbQ4EBlB2wT2eMy_kY&w=400&h=225&v=1&cb=329553103&pid=phillyvoicecom&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&wid=0011r00001qbFvJ_372&dom=phillyvoice.com&abc=&geo=GB&dev=1&bw=&os=&ip=217.138.196.105&url=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&amznbid=&amzniid=
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&imaw=0&wf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.84.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-84-237.compute-1.amazonaws.com
Software
/
Resource Hash
9e71236c31a866e24b03cb44cc8de71e2d70fc3fa069defc7dae717678b115c6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
https://www.phillyvoice.com
date
Wed, 10 Jan 2024 13:19:36 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
1217
access-control-allow-methods
GET, POST
content-type
application/json
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 32CF 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 23 Jul 2023 02:22:37 GMT
via
1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
14813819
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 12 Jul 2023 14:04:56 GMT
server
nginx
etag
"64aeb308-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
yPtiIM3udxvHhEO4eFUqtH4Tk7WaEO9HXGteSOys76aUJkn48Sc9kw==
expires
Mon, 22 Jul 2024 02:22:37 GMT
loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 32CF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 20 Aug 2023 12:05:10 GMT
via
1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
12359666
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2971
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 02 Aug 2023 23:18:56 GMT
server
nginx
etag
"64cae460-b9b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
qFuoWekkqqIEaYfj7b9RrscuY7Vr9xoRcp5VxsdVxbFhRwqA4fqzXg==
expires
Mon, 19 Aug 2024 12:05:10 GMT
email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame 32CF 		840 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 18 Jul 2023 06:46:45 GMT
via
1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
15229971
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
840
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 12 Jul 2023 14:04:56 GMT
server
nginx
etag
"64aeb308-348"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
oMk1cZWC1kaJtLxrEp7fNtkXyF7ux_DudmvFO1vCzfeyPCx6SC1KXg==
expires
Wed, 17 Jul 2024 06:46:45 GMT
privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame 32CF 		891 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 26 Jul 2023 18:48:11 GMT
via
1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
14495485
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
891
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 26 Jul 2023 16:31:55 GMT
server
nginx
etag
"64c14a7b-37b"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
mzQ38lo7rF2TrH29HYqH4qyd6O5GifVUF2EHKMw4CLlj7oKyhkQeOw==
expires
Thu, 25 Jul 2024 18:48:11 GMT
warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame 32CF 		605 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 19 Aug 2023 03:55:20 GMT
via
1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
12475456
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
605
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 02 Aug 2023 23:18:56 GMT
server
nginx
etag
"64cae460-25d"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
tgBr2rS1PCTrTCSJ-B833B5ZLzPLCm7K5hgsGmbqtV3nmPVZUSKEeA==
expires
Sun, 18 Aug 2024 03:55:20 GMT
icons.79e576f9489bae308388e5b8e250aa86.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 32CF 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/assets/font/icons.79e576f9489bae308388e5b8e250aa86.woff2
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8dc675da542f629aca965669b35900a5ed0685f4d87dce9eac4660baf4493687
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Origin
https://disqus.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 06 Dec 2023 19:49:42 GMT
via
1.1 2837e32f921e7e7517dd6f5461c37dfa.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
3000594
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
8216
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 06 Dec 2023 19:40:12 GMT
server
nginx
etag
"6570ce1c-2018"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
-2Fa4C-_M2xNyRkWmWcxY4PylYFsWaLOkTXYwYmltlyXroXCX8OIUg==
expires
Thu, 05 Dec 2024 19:49:42 GMT
stat.gif
referrer.disqus.com/juggler/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/stat.gif?event=cmp.present
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 13:19:36 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
x-xss-protection
1; mode=block
stat.gif
referrer.disqus.com/juggler/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/stat.gif?event=cmp.no_consent
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 13:19:36 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
x-xss-protection
1; mode=block
noavatar92.png
a.disquscdn.com/1702943467/images/ Frame 32CF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.disquscdn.com/1702943467/images/noavatar92.png
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:36 GMT
strict-transport-security
max-age=300; includeSubdomains
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
x-amz-cf-pop
LHR3-C2
age
1888337
etag
"60395f01-66c"
content-type
image/png
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
content-length
1644
x-amz-cf-id
YN-FfMF_wwTxJFUU_-oClEgaomP7hIkkM-zK1OuyeqSmOjXQmB0sXw==
x-xss-protection
1; mode=block
expires
Thu, 18 Jan 2024 16:47:19 GMT
details
disqus.com/api/3.0/forums/ Frame 8DD0 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=phillyvoice&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.946a10c95150e29f6221320c88b3a429.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
988088a9a17554d16bc3c202568b4a87ae34d7fd8a0107994f49d4f1c666d0b4
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/recommendations/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 13:19:36 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
1
X-Frame-Options
SAMEORIGIN
Vary
Origin, Cookie
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
3358
X-XSS-Protection
1; mode=block
659.js
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		59 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/659.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4eccca0ba4ffedeaae12c42d64844c35669f4a28229afbfbb3d3aa6a119069cb

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
jBHtzbeJqjSuMaHtFJVvOMw4uVoRGB7v
content-encoding
br
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
date
Thu, 04 Jan 2024 08:43:00 GMT
x-amz-cf-pop
FRA60-P3
age
551325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
etag
W/"011cca850160e763b30d9c07a3865030"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-id
IRdYeeMmX7y1esHwEYb0o5H5o9MBalLPzz1JKuUCS5_HwjLZoMQzTg==
173.js
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/173.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5808d2fc291af8ea4438e34c55c6f4f1e48223a33e460b2fa16dea500b77a7da

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/index.html
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
dCmHEuVH.7T16O9QvYrg9QgAqjpXAQD_
content-encoding
br
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
date
Wed, 10 Jan 2024 07:55:09 GMT
x-amz-cf-pop
FRA60-P3
age
19468
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
etag
W/"130a82a32f7f95bb0eeb61987656a24a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-id
1yq82vO4aYxpeOTRQXxIpQYZdyGOjKqhoufr5FyikIaCzFnxNbFzaA==
016349eb-5473-4d1c-8210-2ad6577c45b6
https://www.phillyvoice.com/ 		288 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.phillyvoice.com/016349eb-5473-4d1c-8210-2ad6577c45b6
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
288
Content-Type
text/javascript
rid
match.adsrvr.org/track/ Frame C133 		63 B
425 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/sync.js?ts=1704892774376
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
5e0726869d67be34cd2c73e4f380fce6b374c4d046101d92b88a075bc4a05238

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:36 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.phillyvoice.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 09 Feb 2024 13:19:36 GMT
noavatar92.png
a.disquscdn.com/1702943467/images/ Frame 32CF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.disquscdn.com/1702943467/images/noavatar92.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.2f86b371c469b373967566d21bc76e78.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:36 GMT
strict-transport-security
max-age=300; includeSubdomains
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
x-amz-cf-pop
LHR3-C2
age
1888337
etag
"60395f01-66c"
content-type
image/png
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
content-length
1644
x-amz-cf-id
YN-FfMF_wwTxJFUU_-oClEgaomP7hIkkM-zK1OuyeqSmOjXQmB0sXw==
x-xss-protection
1; mode=block
expires
Thu, 18 Jan 2024 16:47:19 GMT
like.855606fb4e3a7a6448e6c782f3f54e5a.svg
c.disquscdn.com/next/embed/assets/img/ Frame 32CF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/like.855606fb4e3a7a6448e6c782f3f54e5a.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3b8a8d998dd7dc014bdb52a01adea8ec1be82193e7e7c6e0c7067a58435b7c28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Origin
https://disqus.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 25 Jul 2023 16:20:59 GMT
via
1.1 2837e32f921e7e7517dd6f5461c37dfa.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
14590717
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1655
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Mon, 24 Jul 2023 13:43:23 GMT
server
nginx
etag
"64be7ffb-677"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
91_QnmkMOKqJmlmfBlJYwI7D6vvE2SO9ArFFcp1MSjoCSrDqLEbyLg==
expires
Wed, 24 Jul 2024 16:20:59 GMT
dislike.612d8ba98928c381e4c789c1b309cda1.svg
c.disquscdn.com/next/embed/assets/img/ Frame 32CF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/dislike.612d8ba98928c381e4c789c1b309cda1.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8bd3068a31f037d3d198e40d59ae6acf610e3550c11ebff7b6c66bdf8e8b2e3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Origin
https://disqus.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 26 Jul 2023 21:11:15 GMT
via
1.1 2837e32f921e7e7517dd6f5461c37dfa.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
14486901
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1796
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 26 Jul 2023 16:31:55 GMT
server
nginx
etag
"64c14a7b-704"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
81V86JHmxF7bTpSPk_Ss16ugKr70SN1F_Yx6FCsJrTgRQ9kz9fhXaw==
expires
Thu, 25 Jul 2024 21:11:15 GMT
follow-v2.411b1215980cdde315e43cc006cfbea6.svg
c.disquscdn.com/next/embed/assets/img/ Frame 32CF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/follow-v2.411b1215980cdde315e43cc006cfbea6.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ab9af97734b7a1b76e65a6aff767898e4dd763725c46ee56d340a5fd116e6a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Origin
https://disqus.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 26 Jul 2023 00:34:16 GMT
via
1.1 2837e32f921e7e7517dd6f5461c37dfa.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
14561120
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1557
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 25 Jul 2023 21:40:14 GMT
server
nginx
etag
"64c0413e-615"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
C3pyM3blZ1qE0s2QvxeIGhgigQwqn1mjMCz9NrgeDlezujqN51F_6Q==
expires
Thu, 25 Jul 2024 00:34:16 GMT
event.gif
referrer.disqus.com/juggler/ Frame 32CF 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=918&event=init_embed&thread=9965131995&forum=phillyvoice&forum_id=3359912&imp=4gcavhv1u07eq1&thread_slug=hershey_company_hit_with_data_breach_after_phishing_attack_phillyvoice&user_type=anon&referrer=https%3A%2F%2Fwww.phillyvoice.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=prebidbidisrequired_hidden&variant=active&service=dynamic&promoted_enabled=false&max_enabled=false
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 13:19:36 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
x-xss-protection
1; mode=block
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 32CF 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 22:56:09 GMT
x-content-type-options
nosniff
age
51807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 22:56:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 32CF 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 17:28:03 GMT
x-content-type-options
nosniff
age
157893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 17:28:03 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 32CF 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 12:16:48 GMT
x-content-type-options
nosniff
age
176568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 12:16:48 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 32CF 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:10:14 GMT
x-content-type-options
nosniff
age
101362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 09:10:14 GMT
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 32CF 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:47:01 GMT
x-content-type-options
nosniff
age
102755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17032
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 08:47:01 GMT
x.html
js.ad-score.com/ Frame 26AA 		0
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?v=762b2b3&pid=1000177
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?v=762b2b3&pid=1000177
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2447:4600:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.ad-score.com/x.html?v=762b2b3&pid=1000177
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 19:39:02 GMT
Content-Encoding
gzip
Via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P5
Age
63634
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
23
Last-Modified
Tue, 09 Jan 2024 18:32:18 GMT
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
X-Amz-Cf-Id
cVyd9Q1OsZCXsqN74TLrb9-pq6CWijzMQdhIEjCxkn3UE7VIwfuiMQ==
css2
fonts.googleapis.com/ Frame 8DD0 		11 KB
947 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 13:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 11:31:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 13:19:36 GMT
listRecommendations.json
disqus.com/api/3.0/discovery/ Frame 8DD0 		7 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=phillyvoice&thread=url%3Ahttps%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.946a10c95150e29f6221320c88b3a429.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cad6d22f928c169ed54c92948f08b1a788dee80ea1fc31c7121ea918518d8ec1
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://disqus.com/recommendations/?base=default&f=phillyvoice&t_u=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&t_d=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&t_t=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Wed, 10 Jan 2024 13:19:36 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Origin
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cache-Control
stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
7364
X-XSS-Protection
1; mode=block
cors
data.ad-score.com/data/ 		1 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=TDCleGZnigoFnFsksOJscNoQzLkAxQfs-FE7fPshldVrqKDwZ2nLLEUPFOA==-E03BOMVlYlPmNA==&pm_ct=74dc908d5f2500a0135180d0&pm_pl=1704892775638&pm_td=1032&pid=1000177&en=1.1&callback=__pm_glbl_59zMCkt2nX8eIyZQlbtWY8Af._gc2&tt=opt&v=762b2b3
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.phillyvoice.com
Date
Wed, 10 Jan 2024 13:19:36 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
0000_segment.ts
cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/ 		284 KB
284 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/0000_segment.ts?wid=0011r00001qbFvJ_372
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
f2de406f11b7f8be2f8fd776774701817fbdf6c5f36f7b25a92d0385ae0d6c72

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:37 GMT
last-modified
Tue, 09 Jan 2024 00:56:53 GMT
server
AmazonS3
x-amz-request-id
X3P1DK6V8PDB5D4K
age
1
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
290460
x-amz-id-2
Hwk8oUlVlJClBgMBgTiomVwghAdIsbbWb9E6VvX5xM/PbH+TMLvaImryGWO8BbolpSX1xA/+Nk4=
x-llid
5ec37e2fd61c66428d767f29424068f9
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame 8FDC 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.phillyvoice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
167192
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Jan 2024 14:53:04 GMT
expires
Tue, 07 Jan 2025 14:53:04 GMT
last-modified
Mon, 18 Dec 2023 19:42:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 9DE4 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 13:19:36 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A1F2 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 12:45:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 10 Jan 2024 13:45:41 GMT
blueLagoon.css
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/blueLagoon.css
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c45f10f558faeb046cc31b7a8564c58baef88465bc7fcbfa4a25db3ce0a1d171

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/latest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 13:27:34 GMT
x-amz-version-id
9LCObCJI4d.YnlM9oglYbBz9tY.rHT1i
content-encoding
br
last-modified
Mon, 20 Nov 2023 09:32:51 GMT
server
AmazonS3
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"5dff5292e6c42830d3e2023e382e18a9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
must-revalidate,public,max-age=604800
age
172323
x-amz-cf-id
5YaT9vQE1VM_UAvtly_GYlaKOxAaZ_5HbmYrcWNo4Y703Kivoh-a4g==
175.js
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		138 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/175.js
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a2425e8a1c28da595ca2691e04b33f4bd044372dad6abd3ac5caf6b4c8c106e

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
XkzBT7FQp.mKxlzEaE5LjnWZDcs4.dKo
content-encoding
br
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
date
Thu, 04 Jan 2024 08:43:01 GMT
x-amz-cf-pop
FRA60-P3
age
534996
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 20 Nov 2023 09:32:29 GMT
server
AmazonS3
etag
W/"9354dc5fa94d45c75b5d59d23e2111bf"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
x-amz-cf-id
spXjzM_JDZzFdQwbefES8lXg4dA1MwJqudRLY2M0RUN7o_p2iXQ8-A==
open-sans-latin-400-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-400-normal.woff2
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
3DigQa1vzROt94D2mp1Lr6POLKzOaWcb
date
Wed, 03 Jan 2024 16:48:07 GMT
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
592290
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
18664
last-modified
Mon, 20 Nov 2023 09:32:54 GMT
server
AmazonS3
etag
"8d1c44b2bf75a4e6f1bd141f9a965f4f"
vary
Accept-Encoding
content-type
font/woff2
cache-control
must-revalidate,public,max-age=604800
accept-ranges
bytes
x-amz-cf-id
Sa_ahfiemH7vk_EIXiN6-l9w40bUEDTG_AUOu8uA56PJn26AH0iUNg==
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
events
marketplace.anyclip.com/v1/ Frame 9DE4 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=iocbQ4EBlB2wT2eMy_kY&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&v=1&cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&abc=&dev=1&dom=phillyvoice.com&bw=undefined&os=undefined&dti=LOgon4sB5G13OqYcr7Vk&floor=1
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.84.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-84-237.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:36 GMT
content-length
0
events
marketplace.anyclip.com/v1/ Frame 9DE4 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=iocbQ4EBlB2wT2eMy_kY&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&v=1&cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&abc=&dev=1&dom=phillyvoice.com&bw=undefined&os=undefined&dti=QPei3IcBkdeQFN4kTmX8&floor=1
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.84.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-84-237.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:36 GMT
content-length
0
events
marketplace.anyclip.com/v1/ Frame 9DE4 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=iocbQ4EBlB2wT2eMy_kY&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&v=1&cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&abc=&dev=1&dom=phillyvoice.com&bw=undefined&os=undefined&dti=vUqH3IcBL4jzyOrEHOgd&floor=1
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.84.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-84-237.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:36 GMT
content-length
0
events
marketplace.anyclip.com/v1/ Frame 9DE4 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=iocbQ4EBlB2wT2eMy_kY&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&v=1&cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&abc=&dev=1&dom=phillyvoice.com&bw=undefined&os=undefined&dti=wkqK3IcBL4jzyOrEauiG&floor=1.5
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.84.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-84-237.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:36 GMT
content-length
0
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&inx=0&rt=2460&val=&wnx=1&abc=&ty=alo&v=1&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid&sti=iocbQ4EBlB2wT2eMy_kY
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:36 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&inx=0&rt=2465&val=&wnx=1&abc=&ty=xil&v=1&ext=&ta=1&lnx=0&us=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:36 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
fingerprint-logo.png
gdpr.privacymanager.io/1/ Frame E9EE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdpr.privacymanager.io/1/fingerprint-logo.png
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a000:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48307114877d5b07454707dd9e225619dc2b438b76558e29748f1f9aee0bbf5a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cmp-consent-tool.privacymanager.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
nQi4QEX9FdCPUWZOeNPvTWwrfHhMh7mb
date
Wed, 10 Jan 2024 12:52:00 GMT
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
1675
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2962
last-modified
Wed, 03 Jan 2024 12:37:06 GMT
server
AmazonS3
etag
"b7cdca038062eecdc45c7351c6a539ad"
vary
Accept-Encoding
content-type
image/png
cache-control
must-revalidate,public,max-age=3600
accept-ranges
bytes
x-amz-cf-id
vOYtwtIVKaSIOuPRZ28TNU_4SyygftrN7ixjJ-O0grGkB24AOKQsmw==
icon-chevron-left.svg
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		441 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmp-consent-tool.privacymanager.io/latest/icon-chevron-left.svg
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/blueLagoon.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/blueLagoon.css
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
3U91SDDOq8Cf.727QbuMTVPsAcKvknif
date
Thu, 04 Jan 2024 08:43:01 GMT
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
534996
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
441
last-modified
Mon, 20 Nov 2023 09:32:51 GMT
server
AmazonS3
etag
"e2760515a843a0256b4b810489b5426b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=604800
accept-ranges
bytes
x-amz-cf-id
n70le_foMjv9dVq6OXSf2Io21eZ0TRfihSeyKIJVs4KOSaMfSQy-sA==
open-sans-latin-700-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-700-normal.woff2
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
M7opExTSLWlEJDysS1xjmTVvQdusxhkH
date
Wed, 03 Jan 2024 16:48:07 GMT
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
592289
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
18232
last-modified
Mon, 20 Nov 2023 09:32:54 GMT
server
AmazonS3
etag
"7271325623351f3cad9877d4dd9b2bf7"
vary
Accept-Encoding
content-type
font/woff2
cache-control
must-revalidate,public,max-age=604800
accept-ranges
bytes
x-amz-cf-id
Ln8M6v1xTpCAFKEcQYdcV_LoeCLWi0V6T8RYJiKRdQwxMaYAFOteUA==
open-sans-latin-600-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame E9EE 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-600-normal.woff2
Requested by
Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e

Request headers

Referer
https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin
https://cmp-consent-tool.privacymanager.io
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
OJ5u16t5674TeXgmGo73npMuCSOHRom0
date
Sun, 07 Jan 2024 09:37:32 GMT
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
425129
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
18628
last-modified
Mon, 20 Nov 2023 09:32:54 GMT
server
AmazonS3
etag
"d9dba5ac184a0a14655560abe5c4aa9b"
vary
Accept-Encoding
content-type
font/woff2
cache-control
must-revalidate,public,max-age=604800
accept-ranges
bytes
x-amz-cf-id
NTURgCgrt1BQz65HOl00nFyQe0DMzaWx1Z0XHcaoICuoTi9O_a2VNg==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8DD0 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 22:56:09 GMT
x-content-type-options
nosniff
age
51807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 22:56:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8DD0 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:10:14 GMT
x-content-type-options
nosniff
age
101362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 09:10:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8DD0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 17:28:03 GMT
x-content-type-options
nosniff
age
157893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 17:28:03 GMT
get
c.disquscdn.com/ Frame 8DD0 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmedia.phillyvoice.com%2Fmedia%2Fimages%2F010924-mean-girls-movie-musica.2e16d0ba.fill-1200x630-c0.jpg&key=lWrkit8mor_iWs9Kkl_UpA&h=200
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4c57a66ca46180edc1515e91bc1feafb6c045d47e7bf12155fc6ce0c13d94125
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 09 Jan 2024 23:41:10 GMT
via
1.1 varnish, 1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
51560
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
18752
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
wFETPHpvy_xACtu7-IDEegf29oZ0aGyxUgboB1liSsTlvt9ue6C3lQ==
expires
Thu, 08 Feb 2024 23:41:10 GMT
get
c.disquscdn.com/ Frame 8DD0 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmedia.phillyvoice.com%2Fmedia%2Fimages%2FUSATSI_22244347.6fa2d03c.fill-1200x630-c0.jpg&key=nlDSzRqxTMQC5V2CXVo1hA&h=200
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bb80b29e1ab500026806e8e575b4380004900d52714d2ee73cd9e22c7cd82215
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 08 Jan 2024 19:29:38 GMT
via
1.1 varnish, 1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
153646
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
8308
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
iUDHeul9OsK8H9fTkdyAN-zDpFzU_UIEKEwjqYGStCORvOSQQOELvA==
expires
Wed, 07 Feb 2024 19:29:38 GMT
get
c.disquscdn.com/ Frame 8DD0 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmedia.phillyvoice.com%2Fmedia%2Fimages%2FUSATSI_21503893.71c46c95.fill-1200x630-c0.jpg&key=vkNOpRCrD6FwLMU5KfEsAw&h=200
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
333bec099b9e98a26c2a8bd3cb80b58acfb426cd331937ee89ad443f166836ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 08 Jan 2024 03:54:10 GMT
via
1.1 varnish, 1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
209390
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
17257
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
2MpznC6Pg0vcEuit99Ir80Ctk0o6qtOQEOJ8XUGzzluAuCZuci0Xyw==
expires
Wed, 07 Feb 2024 03:54:10 GMT
get
c.disquscdn.com/ Frame 8DD0 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmedia.phillyvoice.com%2Fmedia%2Fimages%2FUSATSI_22244392.92611e1c.fill-1200x630-c0.jpg&key=9d3lFKKbHp69dIPnIXgu1A&h=200
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8820b1e379926094a3d9e9f9e63324820b122aa57e928cd0ec02598269f3b0f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 08 Jan 2024 14:39:52 GMT
via
1.1 varnish, 1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
169955
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
14668
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
FJF2y915nrP3rPDqGUw4vYv8cSExmD1Z-QfnWRnW6I8Tlf53H4hbKw==
expires
Wed, 07 Feb 2024 14:39:52 GMT
get
c.disquscdn.com/ Frame 8DD0 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmedia.phillyvoice.com%2Fmedia%2Fimages%2F1824_william_penn_statue_welco.2e16d0ba.fill-1200x630-c0.png&key=zX-jBqQGNPPnKVILcVhoPw&h=200
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
107037539fe83fea84fb7d17859200d24a2625fa8514a5cc6f32604bdb2d3a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 09 Jan 2024 01:53:03 GMT
via
1.1 varnish, 1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
131946
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
197124
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
oYwYXiDLPj-aO5sTQjnhw8Jgm8g_0M8JCCs6I_583GZOWubqjTD-bQ==
expires
Thu, 08 Feb 2024 01:53:03 GMT
get
c.disquscdn.com/ Frame 8DD0 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmedia.phillyvoice.com%2Fmedia%2Fimages%2FUSATSI_22244347_ijWLjcq.78ec6269.fill-1200x630-c0.jpg&key=wPSr2nD8Ja4Ze7L9ZJ_kFw&h=200
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c6dec66320c44fa7ca656297525145857239361a42e259cb0793d85aa9c7a007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 09 Jan 2024 18:07:07 GMT
via
1.1 varnish, 1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
73863
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
8343
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
VOxZwa9CTQGz0l9TPPW3U81huhuGFSYl2qUgezM14P7iWQKWXHomqg==
expires
Thu, 08 Feb 2024 18:07:07 GMT
get
c.disquscdn.com/ Frame 8DD0 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmedia.phillyvoice.com%2Fmedia%2Fimages%2FUSATSI_18660340.fc7d6dd7.fill-1200x630-c0.jpg&key=4TuTIab8iAdey3WYF7Q2Cw&h=200
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6255125dc2047503ac380e649a91759fe706896b55ee5f648cfae270b0f2d65b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 09 Jan 2024 19:28:16 GMT
via
1.1 varnish, 1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
66422
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
22661
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
bcxIudVUylVQTFrKTuB4z0VejCx1MBFrp8tQ0monlarun9_QMHijJw==
expires
Thu, 08 Feb 2024 19:28:16 GMT
get
c.disquscdn.com/ Frame 8DD0 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmedia.phillyvoice.com%2Fmedia%2Fimages%2F010824-cyberbullying-social-me.2e16d0ba.fill-1200x630-c0.jpg&key=YZYf5CvBBH0HXIGz5r4Jaw&h=200
Requested by
Host: www.phillyvoice.com
URL: https://www.phillyvoice.com/hershey-company-phishing-data-breach/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:2400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7cae1c9dfac524e90982711124572117d10bb6f911b562c7e47e49db7d35f7e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 08 Jan 2024 23:37:00 GMT
via
1.1 varnish, 1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
139293
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
11244
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
AZA6g64PqCubPLVwRl6uZU5hckrJC7e-b9vPYwSWKsyKwn9DBcqAjw==
expires
Wed, 07 Feb 2024 23:37:00 GMT
cors
data.ad-score.com/data/ 		1 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=TDCleGZnigoFnFsksOJscNoQzLkAxQfs-FE7fPshldVrqKDwZ2nLLEUPFOA==-E03BOMVlYlPmNA==&pm_ct=74dc908d5f2500a0135180d0&pm_pl=1704892775638&pm_td=1392&pid=1000177&en=1.1&callback=__pm_glbl_59zMCkt2nX8eIyZQlbtWY8Af._gc3&tt=opt&v=762b2b3
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.phillyvoice.com
Date
Wed, 10 Jan 2024 13:19:37 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
0001_segment.ts
cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/ 		290 KB
291 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/0001_segment.ts?wid=0011r00001qbFvJ_372
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
2c71f8132e2772c7836b5f888138484f1f2b31b93cb4d76a77decef3b3b9434a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:37 GMT
last-modified
Tue, 09 Jan 2024 00:56:53 GMT
server
AmazonS3
x-amz-request-id
ARBQDG76F5YNJN7F
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
297228
x-amz-id-2
YufHUB74BGII/12xaFrGDZPLoV+yv0RBUFhYtodilgXbD6D4Zl6rFUA6PvA+PcItaCNTSiqoGFIW+lZ5cDNKlwBQ/9lTYqdnGWOkwIXH0bA=
x-llid
77d48baadd0d352a6e60e94a13daf2b4
ads
pagead2.googlesyndication.com/gampad/ Frame 8FDC 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7047%2C22647169314%2C22688736%2Fapl%2Fac1984%2Fkeyvaluevast&description_url=http%3A%2F%2Fphillyvoice.com&tfcd=0&npa=0&sz=400x300&cust_params=okingzfloors%3D1.00&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=247419441792999&vpa=auto&vpmute=0&sdkv=h.3.609.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=3582224452&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=F9263814-5CBC-4E35-B458-CF64B0D94DDA&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291&ref=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&url=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&top=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&loc=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&dlt=1704892775547&idt=1469&dt=1704892777312&scor=884673704859495&ged=ve4_td1_tt0_pd1_la1000_er853.1180.1008.1480_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
icon-gear.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 		992 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/icon-gear.svg?hash=2f7343dd79
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
e2ffbe9668df9a29783b6f8e7cad3e763e788c37228c9b7e9498bbd2d36d0fb3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 10 Jan 2024 14:21:29 GMT
x-amz-version-id
s6Lf45IkRPfJc7QY9oz9DGiod1e2bICp
content-encoding
gzip
date
Wed, 10 Jan 2024 13:19:37 GMT
x-amz-request-id
57NVE1NJWSK1WR69
age
10688
x-amz-meta-sha256
e2ffbe9668df9a29783b6f8e7cad3e763e788c37228c9b7e9498bbd2d36d0fb3
content-length
450
x-amz-id-2
d0fl389klvIxMG9WIDLH2y9M24uVGKuPfxuLFVXVCXu2LDNpY5PwXYP2MDx0zPAJeNKSg6zN1bF5oQCQIS5qVA==
last-modified
Wed, 04 Aug 2021 07:28:27 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=14400
accept-ranges
bytes
x-llid
c571e95575dc2d40c57acd3283d4d055
x-amz-meta-s3b-last-modified
20210802T135007Z
cors
data.ad-score.com/data/ 		1 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=TDCleGZnigoFnFsksOJscNoQzLkAxQfs-FE7fPshldVrqKDwZ2nLLEUPFOA==-E03BOMVlYlPmNA==&pm_ct=74dc908d5f2500a0135180d0&pm_pl=1704892775638&pm_td=1708&pid=1000177&en=1.1&callback=__pm_glbl_59zMCkt2nX8eIyZQlbtWY8Af._gc4&tt=opt&v=762b2b3
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.phillyvoice.com
Date
Wed, 10 Jan 2024 13:19:37 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
csi
csi.gstatic.com/ Frame 8FDC 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lr7t51y1&c=8366714306408&slotId=4183357153204&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:82c::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:19:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
623c99fe-157f-4652-bddc-2aed205c6a2b
https://www.phillyvoice.com/ 		489 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.phillyvoice.com/623c99fe-157f-4652-bddc-2aed205c6a2b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc9798fd5ebb8d163418a4a8088b226a9678532426493550e4f03261bef3739f

Request headers

Referer
Origin
https://www.phillyvoice.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
489
Content-Type
image/png
0002_segment.ts
cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/ 		201 KB
201 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/0002_segment.ts?wid=0011r00001qbFvJ_372
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
b06b78cd04a6f1f53b3f8c17315081cf9eb1b28f54c7b18c33c313292d606beb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:38 GMT
last-modified
Tue, 09 Jan 2024 00:56:53 GMT
server
AmazonS3
x-amz-request-id
9D46Z8R22DQHHDXK
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
205484
x-amz-id-2
sq4jbTyRmuRWrBQW0eswz31a1hheCsdPof45RpE9VM2ZLqZbbXM4HdO/ERj+iD7ty15kbeiQ1KPhaRxBUTyHGyFz1CgUPqbH1mD16Hhiy2k=
x-llid
0e7f6b368c3867c15085826e6ad6f1cc
ads
pagead2.googlesyndication.com/gampad/ Frame 8FDC 		0
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F127641337%2C22688736%2FAdpoddingphillyvoice.comKV&description_url=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&env=vp&tfcd=0&correlator=420886039326096&gdfp_req=1&output=xml_vmap1&sz=640x480&unviewed_position_start=1&ad_rule=1&npa=0&gdpr_consent=_755&gdpr=1&cust_params=domainname%3Dphillyvoice.com%26clipid%3Dijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx%26sid%3DRUWOgIxYyRt62aRScIUhM5uHlxdrOiAy%26tid%3D%24%5Btid%5D%26sti%3DiocbQ4EBlB2wT2eMy_kY%26dti%3DvUqH3IcBL4jzyOrEHOgd%26viewability%3D1%26sspblockurl%3D%26hb_pb%3D1.00&vpa=auto&vpmute=0&sdkv=h.3.609.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=3582224452&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=F9263814-5CBC-4E35-B458-CF64B0D94DDA&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291&ref=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&url=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&top=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&loc=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&dlt=1704892775547&idt=1469&dt=1704892777971&scor=398777842674591&ged=ve4_td2_tt1_pd2_la2000_er853.1180.1008.1480_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:38 GMT
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
action
trafficmanager.anyclip.com/trafficmanager/api/videos/video/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trafficmanager.anyclip.com/trafficmanager/api/videos/video/action
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.189.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-189-247.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.phillyvoice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.phillyvoice.com
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Wed, 10 Jan 2024 13:19:38 GMT
lre-events
marketplace.anyclip.com/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://marketplace.anyclip.com/v1/lre-events?cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&inx=0&rt=3753&val=&wnx=1&abc=&ty=cmp&v=1&ext=hls&ta=1&lnx=0&us=&trid=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.84.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-84-237.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:38 GMT
cache-control
no-cache
content-length
0
action
trafficmanager.anyclip.com/trafficmanager/api/videos/video/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trafficmanager.anyclip.com/trafficmanager/api/videos/video/action
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.189.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-189-247.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.phillyvoice.com
date
Wed, 10 Jan 2024 13:19:38 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
access-control-allow-methods
GET,POST
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&inx=0&rt=3753&val=&wnx=1&abc=&ty=cmp&v=1&ext=hls&ta=1&lnx=0&us=&trid=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:38 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
csi
csi.gstatic.com/ Frame 8FDC 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lr7t52b6&c=8366714306408&slotId=4183357153204&ghmsh_eids=44772139%2C44777649%2C44781409%2C44804291&vast_v=not_specified
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:82c::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:19:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0003_segment.ts
cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/ 		172 KB
173 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/0003_segment.ts?wid=0011r00001qbFvJ_372
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
7f0f80f01e895d5913006755f5886fc60fba1863e2164467c30cfb0a3bb139f6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:38 GMT
last-modified
Tue, 09 Jan 2024 00:56:53 GMT
server
AmazonS3
x-amz-request-id
F6ATVBDBTVV1RRSQ
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
176156
x-amz-id-2
2XycIg1IPk7OcChXZkwf6dl5bON64FfjVBJdmz3wKNWh3KR1JXQdgQOZKjgM3R2tsn9J6/vsvOc=
x-llid
fced285dc5dd8b4c8bec858b92077f7b
ads
pagead2.googlesyndication.com/gampad/ Frame 8FDC 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2C22647169314%2C22688736%2FSMG_AnyClip%2Fpreroll%2Fphillyvoice&description_url=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3429893100258171&cust_params=hb_pb_anyclip%3D1.00&vpa=auto&vpmute=0&sdkv=h.3.609.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=3582224452&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=F9263814-5CBC-4E35-B458-CF64B0D94DDA&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291&ref=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&url=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&top=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&loc=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&dlt=1704892775547&idt=1469&dt=1704892778539&scor=1613466979126182&ged=ve4_td3_tt2_pd3_la3000_er853.1180.1008.1480_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
0004_segment.ts
cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/ 		303 KB
304 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/0004_segment.ts?wid=0011r00001qbFvJ_372
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
ccea2934f7001978ab43c2cc184df1be1d7cce0dd9c5df72f052298e859dcac9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:39 GMT
last-modified
Tue, 09 Jan 2024 00:56:53 GMT
server
AmazonS3
x-amz-request-id
9D4E6X0QBKYW1BKX
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
310388
x-amz-id-2
3e6MqdoU1Eg3Jpj+PYOd6GX0yEUKhQy3ZJg5x4lnKuiB0y5YfEggL1WiTGFQE1Kw6DaK+V85cxI=
x-llid
bf88bfe5d9f0e2e1073ae057adb192eb
ads
pagead2.googlesyndication.com/gampad/ Frame 8FDC 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F127641337%2C22688736%2Fphillyvoice.comNonUSKV&description_url=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&env=vp&correlator=4343168908953846&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x480&unviewed_position_start=1&cust_params=domainname%3Dphillyvoice.com%26dti%3DwkqK3IcBL4jzyOrEauiG%26clipid%3Dijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx%26sid%3DRUWOgIxYyRt62aRScIUhM5uHlxdrOiAy%26tid%3D%24%5Btid%5D%26sti%3DiocbQ4EBlB2wT2eMy_kY%26viewability%3D1%26sspblockurl%3DB%26hb_pb%3D1.50&gdpr_consent=_755&gdpr=1&url=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&vpa=auto&vpmute=0&sdkv=h.3.609.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=3582224452&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=F9263814-5CBC-4E35-B458-CF64B0D94DDA&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291&ref=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&top=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&loc=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&dlt=1704892775547&idt=1469&dt=1704892779102&scor=3154173893668435&ged=ve4_td3_tt2_pd3_la3000_er853.1180.1008.1480_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid.js
player.anyclip.com/lreprx/js/v1/src/ Frame 9DE4 		495 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.anyclip.com/lreprx/js/v1/src/prebid.js
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&imaw=0&wf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
099c190efe61667b7379dfacbd0f258778c23525f0d97bf91754e4221c2e3827

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
9WP28dRAvOuj1Zqd7fyS1g0ENbeue0or
content-encoding
gzip
date
Wed, 10 Jan 2024 13:19:39 GMT
x-amz-request-id
YEG13TDJG3BCMYXM
age
72305
x-amz-server-side-encryption
AES256
content-length
160479
x-amz-id-2
EVvFr39RtDycrcR+DUT0V1u186Kps+KA4suLO0W4tZYBO4cy4JgeFqrDpdHtr7rb+MSW0MmjLYI=
last-modified
Thu, 21 Dec 2023 09:30:32 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
x-llid
d0c2297d1a7f60b217b5f804ef9a8533
expires
Tue, 09 Jan 2024 17:15:34 GMT
auction
tlx.3lift.com/header/ Frame 9DE4 		19 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&tmax=20000
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.57.206.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-206-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:19:39 GMT
accept-ch
sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.phillyvoice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
events
marketplace.anyclip.com/v1/ Frame 9DE4 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=iocbQ4EBlB2wT2eMy_kY&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&v=1&cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&abc=&dev=1&dom=phillyvoice.com&bw=undefined&os=undefined&dti=pKVzwocBv7fbU5_uItTH&floor=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.84.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-84-237.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:39 GMT
content-length
0
0005_segment.ts
cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/ 		310 KB
310 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/0005_segment.ts?wid=0011r00001qbFvJ_372
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
1bb445379aecb7e62a81986d09b95cdc4f42e2c584d655d19c427315f80f006d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:39 GMT
last-modified
Tue, 09 Jan 2024 00:56:53 GMT
server
AmazonS3
x-amz-request-id
ARBY7NYD0N819XDY
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
317156
x-amz-id-2
JHrFqc+Sj+NadKlAQouqORnpp6M/5CAQp8bPnf/A2G9kw4q1Iy1kEegN1mbYK5EBaJg7pl4fDPQ=
x-llid
cd67b835ece83b3bf52ead7fde451359
events
marketplace.anyclip.com/v1/ Frame 9DE4 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=iocbQ4EBlB2wT2eMy_kY&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&v=1&cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&abc=&dev=1&dom=phillyvoice.com&bw=undefined&os=undefined&dti=aGKj3IcBqWM3ztnyDUFX&floor=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.84.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-84-237.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:39 GMT
content-length
0
events
marketplace.anyclip.com/v1/ Frame 9DE4 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=iocbQ4EBlB2wT2eMy_kY&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&v=1&cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&abc=&dev=1&dom=phillyvoice.com&bw=undefined&os=undefined&dti=jVWd5YcB5Vjs-dm6nIHj&floor=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.84.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-84-237.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:39 GMT
content-length
0
events
marketplace.anyclip.com/v1/ Frame 9DE4 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=iocbQ4EBlB2wT2eMy_kY&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&v=1&cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&abc=&dev=1&dom=phillyvoice.com&bw=undefined&os=undefined&dti=w-e2FokB5G13OqYc7xDX&floor=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.84.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-84-237.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:39 GMT
content-length
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PREQSLLLMX&gtm=45je4180v870819655z877920174&_p=1704892773979&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10004&cid=1809648490.1704892774&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1704892774&sct=1&seg=0&dl=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&dt=Hershey%20Company%20data%20breach%20may%20have%20impacted%202%2C200%20people%20%7C%20PhillyVoice&_s=4&tfd=6629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PREQSLLLMX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.phillyvoice.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 13:19:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.phillyvoice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 8FDC 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21939239661%2C22647169314%2C22688736%2Fapl%2Fac1984%2Fkeyvaluevast&description_url=http%3A%2F%2Fphillyvoice.com&tfcd=0&npa=0&sz=400x300&cust_params=okingzfloors%3D2.00&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3037737007317975&vpa=auto&vpmute=0&sdkv=h.3.609.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=3582224452&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=F9263814-5CBC-4E35-B458-CF64B0D94DDA&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291&ref=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&url=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&top=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&loc=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&dlt=1704892775547&idt=1469&dt=1704892780025&scor=4268463433446187&ged=ve4_td4_tt3_pd4_la4000_er853.1180.1008.1480_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
0006_segment.ts
cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/ 		249 KB
249 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/0006_segment.ts?wid=0011r00001qbFvJ_372
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
1cb7524a0ecfcf655eb1d67ec5bf4cc09119bff9e6897adcee7864eeaeb9dfc2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:40 GMT
last-modified
Tue, 09 Jan 2024 00:56:53 GMT
server
AmazonS3
x-amz-request-id
ARBQ2QKP0MHB2GTB
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
254552
x-amz-id-2
R7xV4U5hN4wisweJJHV/Zb4LRVze4cxGUxO94KV4HZh2wZfUjOureD9lWSyS/gVJk1xqH6pTHJM=
x-llid
ac6e0d6cadd6b2f834671f9668b33040
0007_segment.ts
cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/ 		268 KB
268 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/0007_segment.ts?wid=0011r00001qbFvJ_372
Requested by
Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.139 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-139.fra.llnw.net
Software
AmazonS3 /
Resource Hash
883757b9b47f0d3949eec8151e09c191d46d851701670f7a3f17595b170618ce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:40 GMT
last-modified
Tue, 09 Jan 2024 00:56:53 GMT
server
AmazonS3
x-amz-request-id
9D41DVDWDDJ0JYRN
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
274292
x-amz-id-2
mYiTWlKjEuAHY5Kn2C4hzffB0tX8LpW6XxOCSY4MnBp7WeZVdmkohiNh0WJKZT1xR58oy3cEflo=
x-llid
e8d3886f34eae9ae99bb6b4b55a835c6
ads
pagead2.googlesyndication.com/gampad/ Frame 8FDC 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F136431902%2C22647169314%2C22688736%2Fapl%2Fac1984%2Fkeyvaluepamela&description_url=http%3A%2F%2Fphillyvoice.com&tfcd=0&npa=0&sz=400x300&cust_params=okingzfloors%3D1.00&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1687521644313459&vpa=auto&vpmute=0&sdkv=h.3.609.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=3582224452&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=F9263814-5CBC-4E35-B458-CF64B0D94DDA&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291&ref=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&url=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&top=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&loc=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&dlt=1704892775547&idt=1469&dt=1704892780585&scor=2134874217787012&ged=ve4_td5_tt4_pd5_la5000_er853.1180.1008.1480_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
vmp.gif
pixel.anyclip.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=6674&val=0&wnx=0&abc=&ty=crf&v=1&ext=&ta=1&lnx=0&us=&trid=&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&psi=YdWiz8jvpfKg4gV682vwxFqxfUJ3539g&pt=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.134.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-134-225.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.phillyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:41 GMT
last-modified
Sun, 22 Oct 2023 14:50:18 GMT
server
nginx
etag
"653536aa-23"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
35
0008_segment.ts
cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/ 		0
0
ads
pagead2.googlesyndication.com/gampad/ Frame 8FDC 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F22917490941%2C22647169314%2C22688736%2Fopamarketplace%2Fac1984%2Fkeyvaluevast&description_url=http%3A%2F%2FPhillyvoice.com&tfcd=0&npa=0&sz=400x300&cust_params=okingzfloors%3D2.00&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2827134611481080&vpa=auto&vpmute=0&sdkv=h.3.609.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=3582224452&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=F9263814-5CBC-4E35-B458-CF64B0D94DDA&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291&ref=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&url=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&top=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&loc=https%3A%2F%2Fwww.phillyvoice.com%2Fhershey-company-phishing-data-breach%2F&dlt=1704892775547&idt=1469&dt=1704892781150&scor=3489586286062728&ged=ve4_td5_tt4_pd5_la5000_er853.1180.1008.1480_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:19:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0
v1
btlr.sharethrough.com/universal/ Frame 9DE4 		0
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 9DE4 		0
0
unruly_prebid
targeting.unrulymedia.com/ Frame 9DE4 		0
0
events
marketplace.anyclip.com/v1/ Frame 9DE4 		0
0
events
marketplace.anyclip.com/v1/ Frame 9DE4 		0
0
events
marketplace.anyclip.com/v1/ Frame 9DE4 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p.acquireinsight.net
URL
https://p.acquireinsight.net/1/e/cs.js?cid=c013&evid=8bc9b178-ec10-44a1-bf46-bb3d0f795255&suu=1&dmn=www.phillyvoice.com
Domain
cdn5.anyclip.com
URL
https://cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/1704761921015_416x234_thumbnail.jpg?wid=0011r00001qbFvJ_372
Domain
cdn5.anyclip.com
URL
https://cdn5.anyclip.com/BGS464wBjimdTiPMYa9W/hls_1704761812615/480x270/0008_segment.ts?wid=0011r00001qbFvJ_372
Domain
targeting.unrulymedia.com
URL
https://targeting.unrulymedia.com/unruly_prebid
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=376559
Domain
targeting.unrulymedia.com
URL
https://targeting.unrulymedia.com/unruly_prebid
Domain
marketplace.anyclip.com
URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=iocbQ4EBlB2wT2eMy_kY&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&v=1&cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&abc=&dev=1&dom=phillyvoice.com&bw=undefined&os=undefined&dti=BGkuaIwBycUG4oCDuoVh&floor=1
Domain
marketplace.anyclip.com
URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=iocbQ4EBlB2wT2eMy_kY&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&v=1&cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&abc=&dev=1&dom=phillyvoice.com&bw=undefined&os=undefined&dti=JxZjj4EBhRNLCGGWTPwI&floor=1
Domain
marketplace.anyclip.com
URL
https://marketplace.anyclip.com/v1/events?ty=arq&sti=iocbQ4EBlB2wT2eMy_kY&sid=RUWOgIxYyRt62aRScIUhM5uHlxdrOiAy&pid=phillyvoicecom&wid=0011r00001qbFvJ_372&v=1&cid=ijdvgnbwgr3ue2tjnvsfi2kqjvmwcokx&abc=&dev=1&dom=phillyvoice.com&bw=undefined&os=undefined&dti=tNNkWIEBQXmbG3wRvmjR&floor=1

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| documentPictureInPicture object| adthrive object| dlData object| tags object| dataLayer string| GoogleAnalyticsObject function| ga object| adTargeting object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| gtag_enable_tcf_support function| __tcfapi object| adthriveCLS object| apstag object| googletag object| pbjs object| google_tag_manager object| _pxDataLayer function| __pxDataTag object| pxcelData object| webpackChunkanyclip_lre_player number| __mobxInstanceCount undefined| __mobxGlobals object| vttjs function| WebVTT function| __lre_testAutoNext_Show function| __lre_testAutoNext_SetValue function| __lre_testAutoNext_StartAnimation function| __lre_testAutoNext_SetFillColor function| __lre_testForcePoster object| st boolean| adBlockEnabled object| anyclip string| disqus_shortname string| STATIC_URL object| respond function| $ function| jQuery object| html5 function| EventEmitter object| eventie function| imagesLoaded function| Cookies function| $clamp boolean| isNodeJS object| BibblioHideAddon object| BibblioTakeoverAddon object| BibblioTakeoverAddonUtils object| BibblioTakeoverAddonTemplates object| Bibblio object| BibblioActivity object| BibblioUtils object| BibblioEvents object| BibblioTemplates object| BibblioLoader object| BibblioStateManager boolean| SUSPEND_ADVERTISING string| SECTION boolean| SUSPEND_TABOOLA object| _pbjsGlobals object| webpackChunkom_api_js object| _omapp function| OptinMonsterApp boolean| om_loaded object| om58293_51791 object| _omq function| omq object| wpJsonRciWidget object| ua_result object| revcontent function| renderRCWidget object| s object| jQuery1111041044970240216805 function| onYouTubeIframeAPIReady object| _aps boolean| apstagLOADED object| ggeac object| google_js_reporting_queue object| $el object| ac_lre_conf object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am function| disqus_config object| DISQUS function| disqus_recommendations_config object| owpbjsChunk object| owpbjs object| PWT function| dspCriteoRTUSCallback function| dspCMCallback undefined| google_measure_js_timing function| lrePlay function| lrePause function| lreGetPlayList function| lrePlayItem function| lreSubscribe function| lrePublish function| lreUnsubscribe function| aclreSetNewURL function| aclrePlayerMoved function| aclreCarouselShowToggle function| aclreFloatingModeToggle string| acLreTMURI object| cmp object| cmpConfiguration object| nodeScript object| _comscore object| confiant object| apscustom boolean| __bt_already_invoked object| DISQUS_RECOMMENDATIONS object| omakoxeso5zueg5a1duqar object| omoa6g6sncgokcx1uvhfnt object| launchPad object| launchPadConfiguration function| __launchpad object| ID5 object| __id5_instances number| forceStopAdLoad object| __pm_glbl object| __pm_glbl_59zMCkt2nX8eIyZQlbtWY8Af object| __pm_ads_list string| AdScoreObject function| adScore function| Swiper number| google_global_correlator object| closure_lm_111865 function| on

14 Cookies

Domain/Path Name / Value
.phillyvoice.com/ Name: _gid
Value: GA1.2.350675143.1704892774
.phillyvoice.com/ Name: _gat
Value: 1
www.phillyvoice.com/ Name: ac_cclang
Value:
www.phillyvoice.com/ Name: _omappvp
Value: la1SdKPY3o3DgRjpjgv7zrAueeueG3z8in8QyIBDVEsJVrAOCvk84aUrYnlHtOrpPGMF0GktmfTOjUKSxtbJGwCNNYj7jyVp
www.phillyvoice.com/ Name: _omappvs
Value: 1704892774519
.phillyvoice.com/ Name: _ga
Value: GA1.1.1809648490.1704892774
.phillyvoice.com/ Name: _ga_PREQSLLLMX
Value: GS1.1.1704892774.1.0.1704892774.0.0.0
www.phillyvoice.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.phillyvoice.com/ Name: ac_user_id
Value: acayceamx82tvwd8a467f8113e73e162aa0011f08a2e98e55009f694a58a00791b42562f132f37a
.phillyvoice.com/ Name: gdpr-auditId
Value: 9365416480e044418ea737dd1ce01a46
.phillyvoice.com/ Name: geo-location
Value: {"country":"GB","region":"ENG"}
www.phillyvoice.com/ Name: pmtimesig
Value: [[1704892775714,0]]
disqus.com/ Name: __jid
Value: 4gcau5dmpn837
.disqus.com/ Name: disqus_unique
Value: 4gcaufd1hesvfa

18 Console Messages

Source Level URL
Text
network error URL: https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://api.bibblio.org/v1/content-item-url-ingestions/
Message:
Failed to load resource: the server responded with a status of 422 ()
network error URL: https://p.acquireinsight.net/1/e/cs.js?cid=c013&evid=8bc9b178-ec10-44a1-bf46-bb3d0f795255&suu=1&dmn=www.phillyvoice.com
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
other warning URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=blueLagoon&useSystemFonts=false&cmpType=tcf
Message:
A preload for 'https://cmp-consent-tool.privacymanager.io/latest/runtime.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=blueLagoon&useSystemFonts=false&cmpType=tcf
Message:
A preload for 'https://cmp-consent-tool.privacymanager.io/latest/polyfills.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=blueLagoon&useSystemFonts=false&cmpType=tcf
Message:
A preload for 'https://cmp-consent-tool.privacymanager.io/latest/vendor.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://cmp-consent-tool.privacymanager.io/latest/index.html#/notice?theme=blueLagoon&useSystemFonts=false&cmpType=tcf
Message:
A preload for 'https://cmp-consent-tool.privacymanager.io/latest/main.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 503)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript warning URL: https://cmp-consent-tool.privacymanager.io/latest/#/notice?theme=blueLagoon&useSystemFonts=false&cmpType=tcf
Message:
The resource https://cmp-consent-tool.privacymanager.io/latest/vendor.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://cmp-consent-tool.privacymanager.io/latest/#/notice?theme=blueLagoon&useSystemFonts=false&cmpType=tcf
Message:
The resource https://cmp-consent-tool.privacymanager.io/latest/main.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://cmp-consent-tool.privacymanager.io/latest/#/notice?theme=blueLagoon&useSystemFonts=false&cmpType=tcf
Message:
The resource https://cmp-consent-tool.privacymanager.io/latest/polyfills.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://cmp-consent-tool.privacymanager.io/latest/#/notice?theme=blueLagoon&useSystemFonts=false&cmpType=tcf
Message:
The resource https://cmp-consent-tool.privacymanager.io/latest/runtime.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
a.omappapi.com
a.optmnstr.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.adthrive.com
ads.pubmatic.com
anyclip-player.s3.amazonaws.com
api.bibblio.org
api.btloader.com
api.omappapi.com
assets.anyclip.com
assets.revcontent.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.disquscdn.com
cdn.bibblio.org
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn5.anyclip.com
cmp-consent-tool.privacymanager.io
config.anyclip.com
config.aps.amazon-adsystem.com
csi.gstatic.com
d2zqfs55y95cft.cloudfront.net
data.ad-score.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
htlb.casalemedia.com
images.revcontent.com
imasdk.googleapis.com
img.revcontent.com
ipv4.icanhazip.com
js.ad-score.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
marketplace.anyclip.com
match.adsrvr.org
media.phillyvoice.com
p.acquireinsight.net
pagead2.googlesyndication.com
phillyvoice.disqus.com
pixel.anyclip.com
player.anyclip.com
referrer.disqus.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
targeting.unrulymedia.com
tlx.3lift.com
trafficmanager.anyclip.com
trends.revcontent.com
vid.springserve.com
www.civicscience.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.phillyvoice.com
yeet.revcontent.com
btlr.sharethrough.com
cdn5.anyclip.com
htlb.casalemedia.com
marketplace.anyclip.com
p.acquireinsight.net
targeting.unrulymedia.com
104.18.115.97
108.138.1.25
13.227.219.113
13.32.27.78
13.32.99.122
13.32.99.80
130.211.115.4
130.211.23.194
142.250.181.230
15.197.193.217
151.101.64.134
178.79.242.139
18.203.91.46
18.239.36.101
18.239.36.11
18.239.36.15
18.239.69.94
18.239.81.30
18.239.83.35
18.66.112.45
18.66.112.59
18.66.122.80
199.232.192.134
199.232.194.217
199.232.198.217
199.232.198.49
2001:4860:4802:34::36
23.35.236.201
2400:52e0:1e00::1081:1
2600:9000:206f:a000:16:f82a:8600:93a1
2600:9000:20b4:2400:6:8656:f5c0:93a1
2600:9000:2447:4600:a:deb0:3380:93a1
2600:9000:2491:3800:11:2a6a:9480:93a1
2600:9000:2682:c200:f:c7b3:ce40:93a1
2606:4700:10::6816:4bd8
2606:4700:10::ac43:266a
2606:4700:20::681a:246
2606:4700:4400::6812:2b5a
2800:3f0:4001:82c::2003
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:811::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c09::9a
3.229.139.252
34.197.189.247
34.202.84.237
52.216.93.187
52.45.134.225
52.57.206.170
54.76.200.175
99.86.4.71
0121334152c00f6c20d9358ed821405a6a508590c162d1d3378aa7ae77c2fbd3
0228dce45d7d5ea9e48b802fd400ec73c1c34f3656ab0760e2951819ce21aaea
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
099c190efe61667b7379dfacbd0f258778c23525f0d97bf91754e4221c2e3827
0b7b74a139779fba8e1d17d597aa7cbffa27bd33d2b5c43d8039264c2a627412
0e370225abf600f988eb1a0a39e34fb1da8ccd839c9b771a70a815e0ab494181
0e9554bb00cf7f136d7be0008850ce64972e0edce1c342217ac77d4626e9a0d1
0e9e429943eb80b33a77fd7db1dfac28450d4193c2f85cdd1e14961ec75c00fc
0edb65f55550751e82757d0251c36ae1f95aab6f4ee651ec16b2cb6f2951c2ea
0f790bdfb9c12c83da88b657a00be6b9aee3d14d167002faaa9562bc74404325
107037539fe83fea84fb7d17859200d24a2625fa8514a5cc6f32604bdb2d3a61
10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2
11ebec2c6b408cc5c74f54ce352588752464a82e6322e9a209dcfe6e0dfef533
13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b
157639db9c57d5b2b885a5195e24dcea2ef46c41c07e1b23fc73b80545d69251
1a2425e8a1c28da595ca2691e04b33f4bd044372dad6abd3ac5caf6b4c8c106e
1bb445379aecb7e62a81986d09b95cdc4f42e2c584d655d19c427315f80f006d
1cb7524a0ecfcf655eb1d67ec5bf4cc09119bff9e6897adcee7864eeaeb9dfc2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d4cf701c6a27087c5ecb7fee468e0bfd379a2fa962885fd2c05d45f8ed84f7f
1e87a8facbeec483528a20a654e8737ead5b65be2861c38e19c966cb6f50bfb8
20a6631c1e9c4cce3e6723c982d15d6e2a2eb8d0e46953470b87fa7d6fa34911
21111013521ce045115ade20ed1b0ac09b102688f010ecf84bb7f3f53574456c
228739c5660b9818a95c3b2c13f6c65cf4364f871c0cde499446c985be07a682
23643c91acb4cc30c22720da5b351321198a2a688ed97f09fb1f242928ca307a
2635ab2594ceca8cbcc50d1c5e9a96729cca6b0a996b69327d014770a31b72b3
263b5c14ea0c8dba145eaa30a0e60b7f9e0d3cb3c8f2356f59832ff329fa6d38
263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36
2667997051b9b0ff6723ccf1824a9a5aaea1096aed7e4364b9af548a663ca93c
27b416e3854827dc41c027f11d19fb046f72b2caf8fb46c15c4005bd4bdf213a
27f62274d9858073e8f3e5643a6bf652b6a1576e00dae337f8c7e12f6b91b97c
292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026
2ba67e5892a9f4a3333907831ce6f3b00361d4094584499f3833a4a758f11486
2bb98486a75a0ee4d7b223b374de24fc22ef0cfe4d1a9344b6b6583d0459c1b0
2bf4b5202559dbe01d8188a3adb26d68755a69064f233ef63f284b08efaed6ad
2c4d8da9fedbe5e69dc55f59712d2332b3a16e670e4ce981a1ad0263f257a025
2c71f8132e2772c7836b5f888138484f1f2b31b93cb4d76a77decef3b3b9434a
2ef3bf18994e09356dfb0f0e9aca831010d53792358d80bb2cfaa1d2af6b1f1f
30e942decdbf47bf968e350c0cb9b3c53a7bd993f7fb6c72c3a026433a51cd6d
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
3315180967de43fa1600f1cc12f6de92a12458d2741ca654cbf2be5d4d0d37c3
333bcf8037746f5d9af71a19dcc2ddcc7b4bace7c7888f66752acc7cb840a8ea
333bec099b9e98a26c2a8bd3cb80b58acfb426cd331937ee89ad443f166836ed
343cc2ae21bbaf76ed55ccd75441f693b5ed63a18f1d2ce7bf4195ef0d8a7b63
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
37d97397ed69dda8810dc5a88e36fed97ba0e0aedac0fb213a858788155646d4
3819d40ab57d6954801b68bc3fa8a7c1616ac4907416e09d92da4dc5cf2e89d5
38950857b6f83c5b833e4d09c0277294457abaada13ad71924c06a251b578c8b
389fa65aa13e9d98968a0c8c72aa84c1b64041812371a51f670b1d3de191f155
3b8a8d998dd7dc014bdb52a01adea8ec1be82193e7e7c6e0c7067a58435b7c28
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3cc9389c9cfdbc0fb7c282c3026c3cd9c11894913f4cf60cf9d1140a1415ad0a
402507faac6e0dadc0a53148c65bf03b89cb36393d668083a127a40505d35ee8
40af94e599b6a6082cd5f571f4571e90eaafbeed148ab16384e268101f8d79af
40ed512e335292a9ee27d0c24fc509fea366d1f88e99c923f43ad7387c826f14
4142fde7575500ca365c1c635e9867b14717de85fef6c23edcb3f321d1a0dd3e
41e65b30dd61b843736933e031f31393e9db4cdbabaeded0f541a2df4efcf2f8
428f350bd53281aeb92b949ccc048356f66823858401537ef57c712bf179fe3e
4304ad9301017a03d77d588218c73d2b5fbc0a292138994c023a10aed3196740
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
453e9cc6fc295196d8914da9858a388ce58a1dcb9b033aab9037aa2badbbc0d9
46d83bd31ae64e25ec20eb10834b6120eb1e5e1b23a0fb76292a1a09a2fd8494
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
47ba7507a0962e386d9be62301df17cb08070580dbd2795ce9c0f3b7cf7bfccf
47d4cc8f41a50c8835c9f83a13ab174866b9f82a24ea590b854574a6773a071a
48307114877d5b07454707dd9e225619dc2b438b76558e29748f1f9aee0bbf5a
483cba00344b6d06c2cd464bc5e4976d18f08d459670437d4c388de7a707ccbf
491027f2b675c1856c257d93a5f556401a8e4d368190224157f5deafd335969f
4afa54a9d1c1c981cc8362a6b9c3c9c068128286d59959eee3eb7092663e6d6f
4b45fc782ab0fa351474257093b4ae68442a4adfebc35b23aaa72f2c74d147a9
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4c545cbf0801ffc734bd05fda75b01d4c22f3bd7c5984665be341d23ea2e7e1b
4c57a66ca46180edc1515e91bc1feafb6c045d47e7bf12155fc6ce0c13d94125
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4
4dfa9cc0068143142a36df2d48d199a90bfff0b4d27a3fbd80bd85a5e9a6951a
4eccca0ba4ffedeaae12c42d64844c35669f4a28229afbfbb3d3aa6a119069cb
4fd2294d4ce97d4f96df1a602aa0b230cf716b3978991081fbdbfa03960f74e7
50279807da7663e6143156926fd8ca89d7e6dfdc98320ae5a2751dcdb910e7dc
531197442133e35509840be3ccf5a772fcc0a2f974ab1b4fb9c6fcaf213196b0
53f0d3ec31993f75aa6a5135d73e4c138da6eb0bf61c437b26a7acf4b9f61949
5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc
55775baf70d2f1d40bac3a60de82e8e42b7e34687802f73671f25f2f60fdc6d4
55dd5a36f8c9a1cc81b3b861508e41797c7e65abcd7ddb2f4e3967ee6d57b474
56336b045520f48d49e0b09205eb4be7d773a696afcff55d51254d22ff7800f5
5808d2fc291af8ea4438e34c55c6f4f1e48223a33e460b2fa16dea500b77a7da
58d539f0f19b99e064d6e0a60b27471031ad1a01a4e53baebc5fa26bd64acd0d
59e3774d3b30422dd735c7dba618d86de1069cd77ebfc4a784548fdfbfcb226a
5ab9af97734b7a1b76e65a6aff767898e4dd763725c46ee56d340a5fd116e6a3
5ae4e90beeb33af56f277f28e39f933b6fb564e009e3eb815ba9b265673ec32b
5c53027d0d9e66f048642d2c82571b1e81269c5254d6636a6fa17fedf3a1de7a
5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5
5c94b398586a1c2dee4de8138cba5cef404d3670e33cc2e70277657fd88a5932
5ca745b90b5f16618ab4c24e4c6f7e7f488bdc6ba9951eb8dbc72c287cf16a3a
5d9d911c6954410ba7678cf34a4f24189e65e75e1862e470cb73ad7b9e0c36ca
5e0726869d67be34cd2c73e4f380fce6b374c4d046101d92b88a075bc4a05238
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60c756504310b86bd48d4f2766ef440afa96b42258a772157638fbdb2816bd55
61117fc1e56c61f8ec9244082f480513e560dea9d4e21ae58f4455db815d16af
612ef9770b16e45767bc83794a0a89703c143c205243662636463e9b56c916c1
6255125dc2047503ac380e649a91759fe706896b55ee5f648cfae270b0f2d65b
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a
65b545c65916e46eaee73d7c8d6bdeadedf1cef47965de2cb405fff88aeca6a1
67386f7f6c11079518c59fdca44b5a6c5b17f4b8cda8ead4e993f3b2dfda0e5d
67957d46198640346a360e7ed8ebe6ded55a819ba1fda808216de43b07505e45
686546c8c4a3cd36e2af329852a8273310a63667490776837e58c8abac57907c
692d48fbaa185ced1c916c92d645d031595e90a5808d161c6191b00780c78406
6ab10b3e87626322051812fe2b00503afa995e661bcdafd1198dffac97cb7529
6ad64bf64d7ef760e814445e08d04619c0bf54ea696a75bfdd9cccc619a7e070
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6b3619ba0f3f071878ec3ebbaa1bc319d42d4ad3460242b426c607467866441b
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6daa62ec3812d8c4cc65448351cefcbe9a190ecec9c63cc261d28a851632d5fa
703dd3e688e7899681a6392e30559611bc0bd9ed7d09e27208192b4806ba6d03
745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6
752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e
76e2eb5e5e17ae7c75ded230b7e5f8d0c7c0e1ae63e9014f7bb9e58617dc852f
78e4ffc82d12c28b0ae7bfbdd302f656b9933b8b88fb3c781d9d48c43929a76e
7a873efa02bfa12df5aeeca90577d802d84659e81ecdd6a8d4358a8fa4795308
7b3f6d5dea878b8cae8f540dba8085f4c078d32e6db5db1de2a3f50c39b9a70a
7cae1c9dfac524e90982711124572117d10bb6f911b562c7e47e49db7d35f7e9
7cb155bd3101578d9a8c43505080dbd106336e9320392d57f0cfd512773c6ad4
7ef15b4d96802277eab3d0f92afbb05709610c48df42c985bb9296dc373a58ac
7f0f80f01e895d5913006755f5886fc60fba1863e2164467c30cfb0a3bb139f6
829696d77292eb1050ed6359137e0ffde644e07d3b0427fb34bc13bef2fbb8ed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83598eaabb96b3574919f0665553c833ac10d3a858b82c3296e075abe4d64795
836ac34459527c5310b65b0235edfa389a838f1967367ef56e50cec8a0e61b4b
83c03c13ae512aeaf45b9a54c62dad09b5d833edae4f2459d3f71f2a3f2744aa
83c7a3b97b11a14554d378995d6b2654dd97facebac7e7cb6526570039faf923
8820b1e379926094a3d9e9f9e63324820b122aa57e928cd0ec02598269f3b0f2
883757b9b47f0d3949eec8151e09c191d46d851701670f7a3f17595b170618ce
897796055abfcbbd536d68951dfef923918e0e799d3776459994f9efe4cda833
89a9aa4006cb20666a49f7a49921348d5207edb1fe8f289fa49b95c68c790504
8a78cef0b7848d146a9983a7ec0e37c321eef8a01d5847caa7483e5ecb86be04
8ad9a6bcdc20b0bb29576b861332e7b11719bd11af68024d7676724574070f05
8ae3a5f0775491c796d593e1eb24f44d7c8b6fffa49e06311d4d839f8c589e03
8bd3068a31f037d3d198e40d59ae6acf610e3550c11ebff7b6c66bdf8e8b2e3f
8c2226a0954a75f20b36a46ad98f37b4346d7a57167dab2dbab6941f6b50ef74
8d7293476de0d15a9417a6f896f642845e90a174c74455e095f5f9a69768b51c
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8dc675da542f629aca965669b35900a5ed0685f4d87dce9eac4660baf4493687
8f927cd54d7ef0ffd667f6537f9a9f3ef56fd8f86b32c8dfd534c29da2f2242a
9033c4bbc3fc3f3cad57600499e6ea61e8749be0ca7463b73acac2674ba89a4d
919dfe657543000dd154fcca63c23e2586c785b9dc45208c8ac4263ddef8f359
91bda20f16f3de281dc6158ff6f3c116748a357804f5d500e88f0ffc1b38b26e
92fdc61d6ff37b6fe4139cd8dffcceceddfa4ec5c9f13b27ea08e489bd8f09b7
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
94e222778eff975883ccf43658b9d447de2a7175a0cc1b626326f4a6a4e85448
978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
988088a9a17554d16bc3c202568b4a87ae34d7fd8a0107994f49d4f1c666d0b4
997c96b846b89b38f7791f733a81241d74aacfeeb4b2a0b39783ddf93b524126
998a5669295e7b46d6cbbff71584d9c72dd91fddd8be6183f45b7b5affaa038d
9ceb8c5a50f77198918306fecc63c1a9a6089b02e741ac58c7028bbc84c66b3e
9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a
9d1cb15097af3162b11e00bc64f9769362cdfc4eeae7de33d8fd1de1e901c277
9e71236c31a866e24b03cb44cc8de71e2d70fc3fa069defc7dae717678b115c6
a0746aee5a2b0032d3d664b8383d97bb3e1f0dce11ececfa1258072a704b1a72
a12ed1612f455158732f858b4cf1395777f2a53584d46bf9cd8530ed9f53e4df
a37a9a008a78a5368b01d766beb019718b732fed454c11cafebc34dc33315853
a3d1267b7290087f6dbba3967fbc83f5e856983e229fbe19c4bc21bb0895422a
a3ec1262654e922fcbfb60747723aa75757f197742549960b894f434740ea408
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
a9c21f73e5781b07e9ae478497472051a87ee326e95761bb2d82387b07cbbcf6
aadceda6ac29f88fdd80f43e6630da80c6f863be565d2205f0c45b1a3066ee2b
ab093739460cdb8e720f9ca177561ee8cbc84d481b0e29e5331f223b2197ac89
ac522ed09f4eeb1c9791eb93555e09de9fd8d131bf11afc25ba13fb2bd028ca5
ad59b3c437a380375b4205e22d9bf50856690b094d2fa425ae90971f5b58758e
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b06b78cd04a6f1f53b3f8c17315081cf9eb1b28f54c7b18c33c313292d606beb
b285fad82222aa0c37224c3092334f1142df37b585282c759b5e24e790b29d58
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bb80b29e1ab500026806e8e575b4380004900d52714d2ee73cd9e22c7cd82215
be28ece83c132cabc27db97101c66d744eb49f62ae9398d4960420e4fbffb788
bf85618f26acc60418771e88b8b6700fd73f9069326b81f42a6310323a6afe46
c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815
c3d10a5b3b0ade7d9df4f6464c007c96067dde1376fa4a6b11eeeaffb4d36cdd
c45a16fbbc2a3d79845d55b65499f519884fabc669da40cebf8e51ec8cc6bbe2
c45f10f558faeb046cc31b7a8564c58baef88465bc7fcbfa4a25db3ce0a1d171
c4b817b2c1ef5443a2dff03e8938f4ae3e74eb91bfd3af7d8257f871208fe1b7
c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52
c6dec66320c44fa7ca656297525145857239361a42e259cb0793d85aa9c7a007
c6fd60d4ecfcac36ecdcb7456ecf170d8eef75c883a1e34a4dd7855d23966cd2
c921f811b232ea60c21f0d71bd9fa49d1fec0fbc3bbd521b1f7449c3c570e2ee
cad6d22f928c169ed54c92948f08b1a788dee80ea1fc31c7121ea918518d8ec1
cc9798fd5ebb8d163418a4a8088b226a9678532426493550e4f03261bef3739f
ccea2934f7001978ab43c2cc184df1be1d7cce0dd9c5df72f052298e859dcac9
ceefa6ab5a962fa3c47736906dfe1a37ef10597c2caae9e7c5d4b1b1c503e1e1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d4fe9aaa99bae15c3c5a8f13ff68bfea4bb63c488962c4a0d4fdff717884553c
d544eae637d61ee786c0a45bb0a7f250f9280bcd2ea1576655a761f1d397b8df
d740e3cb2916af5bba823ac87c43d222f577e91190f56105be7117bed560e0fc
d8d3f72313b51806778a5e898501341ce11130abe15866871caa71d1fdfcfacc
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dd06d3cec78769e6dd11ac47b02d3cc2bdc0b8540d47ca3ba3749f2d28b32e58
dd4b226598cc41701660f6a23258e866a976cbe7714359b3656e6f1017b1fd27
ddf8afb33438f2b873d9978b6258610284b72c3755cb4202a0bdd0865f3649bb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
df5bb57668506d7e274a2a73f94769eaa8557fea9fcd627f027d4c0302c7cc22
e2ffbe9668df9a29783b6f8e7cad3e763e788c37228c9b7e9498bbd2d36d0fb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e415a16918e8bad5a8bb03706de04a415a792315166eee7e1f7c62e337e8fddb
e44f20ad1e0415f23d5cebd0f4c329f7c6b6ede0e628781ae82c392d6b09626d
e64ff225b59b316556e3f729bc753783f2e47676581027adada9d989d9685bde
e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133
ea0144946d00f7d987e58235e741544f457b957ea4bedd4c801ca162f84c649f
ee3290884ddb68ea67df3c6c9147f0331486d0a91b41e5a2b6788805a9b9c40c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
f13cdbf91c29d4b2370068222179233633d7922313fbe315ff2ed2b0c1fc1e0e
f151bfa44aae2993d5d5a6754c1358ee143f94ff70fb45a6b785250feba45b14
f17fa1d863ade20f6e8af77a09d3ea79b694c4cea7a50f11aa2d65b5d4755d4b
f2de406f11b7f8be2f8fd776774701817fbdf6c5f36f7b25a92d0385ae0d6c72
f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f630012a56a92b6f745c6992bb2b672381cdb89311d37c05bd5c6e5cc4c44507
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6a567afe8646e0c672c414fa0b77557725ca3b8c80b79c6d64e48a2d2a10343
f7694e00ae4f4c19942ddf5d93b22f3a6b42b682c01e84eebf0d7fd61718785d
f9ab1bb185f10e7135b6294f220eb38b0dbbc053b97378ba2095f5ace5049595
fa7e555cf23d09904af0c637b94fd7654edb0d6b8dcdc5aac5711043669e40a9
fb934c735f4156a7129e58c4bbbd46dadce36f0495aad61a7fbffb33d8d4eafb
fc039dba20e5501bfceceb4ed6e91af7ba3bac044693fe69fbbcb772cce60cc6
feda7c1421861cbb76bd4200c1b6627109a92e665c8ef039adf000ffed701096
fef9335830c820ead126343577fdb316736a825c5f5bf3e7b9217a5e42bdfe95