www.sunstar.com.ph Open in urlscan Pro
192.124.249.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xg4iffui.collaura.it/
Effective URL:
https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Submission: On May 30 via manual (May 30th 2021, 2:46:18 pm UTC) from PH

Summary HTTP 372 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 90 IPs in 12 countries across 67 domains to perform 372 HTTP transactions. The main IP is 192.124.249.104, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is www.sunstar.com.ph.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 16th 2020. Valid for: a year.

This is the only time www.sunstar.com.ph was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	66.42.103.233 66.42.103.233	20473 (AS-CHOOPA) (AS-CHOOPA)
19	192.124.249.104 192.124.249.104	30148 (SUCURI-SEC) (SUCURI-SEC)
13	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:d841	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
3	104.111.224.62 104.111.224.62	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.59.220.199 185.59.220.199	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
3	104.40.187.26 104.40.187.26	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.84.56.126 104.84.56.126	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	13.226.159.111 13.226.159.111	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.159.129 13.226.159.129	16509 (AMAZON-02) (AMAZON-02)
1	54.213.1.67 54.213.1.67	16509 (AMAZON-02) (AMAZON-02)
12	2606:2800:233... 2606:2800:233:9de:380:d6:22cb:12e3	15133 (EDGECAST) (EDGECAST)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.59.220.194 185.59.220.194	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
24	185.86.137.17 185.86.137.17	201081 (SMARTADSE...) (SMARTADSERVER)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
3 7	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	149.129.240.178 149.129.240.178	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
3	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:e8a... 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
6	40.79.44.59 40.79.44.59	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
3	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
6	54.208.64.234 54.208.64.234	14618 (AMAZON-AES) (AMAZON-AES)
1 3	13.226.159.71 13.226.159.71	16509 (AMAZON-02) (AMAZON-02)
1	119.81.3.35 119.81.3.35	36351 (SOFTLAYER) (SOFTLAYER)
2 3	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1 1	52.18.11.109 52.18.11.109	16509 (AMAZON-02) (AMAZON-02)
11 33	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1 1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 3	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	54.146.254.172 54.146.254.172	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 8	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
3 3	3.66.135.160 3.66.135.160	16509 (AMAZON-02) (AMAZON-02)
13 13	52.57.230.211 52.57.230.211	16509 (AMAZON-02) (AMAZON-02)
2 2	18.195.105.17 18.195.105.17	16509 (AMAZON-02) (AMAZON-02)
4 4	54.72.102.86 54.72.102.86	16509 (AMAZON-02) (AMAZON-02)
1 13	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
3 3	185.29.135.233 185.29.135.233	30419 (MEDIAMATH...) (MEDIAMATH-INC)
5 7	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
2 4	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.183 213.155.156.183	1299 (TELIANET ...) (TELIANET Telia Carrier)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 5	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	51.210.112.63 51.210.112.63	16276 (OVH) (OVH)
1 2	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	18.159.17.140 18.159.17.140	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1 2	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	85.91.47.62 85.91.47.62	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	2600:9000:218... 2600:9000:2182:4c00:3:bc0d:3a40:21	16509 (AMAZON-02) (AMAZON-02)
16	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
1	185.80.37.242 185.80.37.242	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	2600:9000:218... 2600:9000:2182:8200:19:ba84:7f40:21	16509 (AMAZON-02) (AMAZON-02)
1	85.91.45.39 85.91.45.39	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2	143.204.98.49 143.204.98.49	16509 (AMAZON-02) (AMAZON-02)
1	18.195.54.139 18.195.54.139	16509 (AMAZON-02) (AMAZON-02)
4	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
9	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
2 2	54.194.211.3 54.194.211.3	16509 (AMAZON-02) (AMAZON-02)
1	18.158.191.20 18.158.191.20	16509 (AMAZON-02) (AMAZON-02)
372	90

1 66.42.103.233 (Los Angeles, United States) 1 redirects

ASN20473 (AS-CHOOPA, US)

xg4iffui.collaura.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 192.124.249.104 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10104.sucuri.net

www.sunstar.com.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.224.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-62.deploy.static.akamaitechnologies.com

cdn.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.59.220.199 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-199.datapacket.com

cdn.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.40.187.26 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

zsearch.zoomd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.84.56.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-111.dus51.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-129.dus51.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.213.1.67 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-1-67.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:2800:233:9de:380:d6:22cb:12e3 (United States)

ASN15133 (EDGECAST, US)

60a6ae725fca.bitsngo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-194.datapacket.com

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.173.38 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adasia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.129.240.178 (Jakarta, Indonesia)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

as.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 40.79.44.59 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prod-sb-appanalytics-us1.servicebus.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.208.64.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-64-234.compute-1.amazonaws.com

services.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
messaging.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.159.71 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-71.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.81.3.35 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 23.03.5177.ip4.static.sl-reverse.com

optimize.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.11.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 216.58.212.130 (Mountain View, United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.146.254.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-254-172.compute-1.amazonaws.com

msg-0d30238761a9e7c06.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.66.135.160 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-135-160.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.57.230.211 (Frankfurt am Main, Germany) 13 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-230-211.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.105.17 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-105-17.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.72.102.86 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-102-86.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.135.233 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.157.6.241 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.183 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 85.114.159.118 (Germany) 5 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.210.112.63 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3174889.ip-51-210-112.eu

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 159.253.128.188 (Amsterdam, Netherlands) 4 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.17.140 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.206.140 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (United States) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.91.47.62 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a691.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:4c00:3:bc0d:3a40:21 (United States)

ASN16509 (AMAZON-02, US)

d2q8xv8xf7whrd.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.80.37.242 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a330.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:8200:19:ba84:7f40:21 (United States)

ASN16509 (AMAZON-02, US)

d2849lw36e7cot.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.91.45.39 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a5125.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-49.fra50.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.54.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.211.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.191.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-191-20.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com	624 KB
56	doubleclick.net 11 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	207 KB
32	adform.net 5 redirects c1.adform.net track.adform.net s1.adform.net	367 KB
25	smartadserver.com prg.smartadserver.com rtb-csync.smartadserver.com	10 KB
21	pubmatic.com 3 redirects hbopenbid.pubmatic.com image6.pubmatic.com ads.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com	31 KB
19	sunstar.com.ph www.sunstar.com.ph	466 KB
13	bidswitch.net 13 redirects x.bidswitch.net	6 KB
13	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com mv.outbrain.com	107 KB
12	bitsngo.net 60a6ae725fca.bitsngo.net	227 KB
12	google.com www.google.com adservice.google.com	2 KB
10	casalemedia.com 1 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com a691.casalemedia.com a330.casalemedia.com a5125.casalemedia.com	8 KB
10	googletagservices.com www.googletagservices.com	350 KB
10	insurads.com cdn.insurads.com services.insurads.com messaging.insurads.com msg-0d30238761a9e7c06.insurads.com	49 KB
9	openx.net 1 redirects adasia-d.openx.net rtb.openx.net eu-u.openx.net us-u.openx.net	2 KB
8	adnxs.com 3 redirects ib.adnxs.com acdn.adnxs.com	23 KB
7	criteo.com 2 redirects gum.criteo.com mug.criteo.com bidder.criteo.com dis.criteo.com	2 KB
7	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	78 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	200 KB
6	windows.net prod-sb-appanalytics-us1.servicebus.windows.net	939 B
5	simpli.fi 4 redirects um.simpli.fi	3 KB
5	adition.com 5 redirects dsp.adfarm1.adition.com	3 KB
5	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	3 KB
4	clean.gg i.clean.gg	148 B
4	3lift.com ib.3lift.com tlx.3lift.com eb2.3lift.com	78 KB
4	adsrvr.org 2 redirects match.adsrvr.org	1 KB
4	bidr.io 4 redirects match.prod.bidr.io	2 KB
4	facebook.com www.facebook.com	415 B
4	google.de adservice.google.de www.google.de	518 B
4	facebook.net connect.facebook.net	163 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	w55c.net 3 redirects pm.w55c.net	2 KB
3	everesttech.net 3 redirects pixel.everesttech.net sync-tm.everesttech.net	1 KB
3	quantserve.com 2 redirects cms.quantserve.com pixel.quantserve.com	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	cloudflare.com cdnjs.cloudflare.com	40 KB
3	cheqzone.com ob.cheqzone.com obs.cheqzone.com	23 KB
3	twitter.com platform.twitter.com syndication.twitter.com	132 KB
3	zoomd.com zsearch.zoomd.com	19 KB
3	innity.net cdn.innity.net	6 KB
2	avct.cloud 2 redirects ads.avct.cloud	890 B
2	cloudfront.net d2q8xv8xf7whrd.cloudfront.net d2849lw36e7cot.cloudfront.net	75 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	961 B
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	966 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	indexww.com js-sec.indexww.com	2 KB
2	criteo.net static.criteo.net	53 KB
2	innity.com as.innity.com optimize.innity.com	1 KB
2	googleadservices.com partner.googleadservices.com	860 B
2	google-analytics.com www.google-analytics.com	19 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	anymind360.com anymind360.com	138 KB
2	izooto.com cdn.izooto.com	41 KB
1	dotomi.com 1 redirects casale-match.dotomi.com	187 B
1	onaudience.com 1 redirects pixel.onaudience.com	400 B
1	addthisedge.com v1.addthisedge.com	325 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	mookie1.com odr.mookie1.com	324 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	5 KB
1	moatads.com z.moatads.com	1 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	49 B
1	addthis.com s7.addthis.com	114 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	jquery.com code.jquery.com	30 KB
1	collaura.it 1 redirects xg4iffui.collaura.it	242 B
372	67

	Domain	Requested by
33	cm.g.doubleclick.net	11 redirects www.sunstar.com.ph googleads.g.doubleclick.net eu-u.openx.net c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
33	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
24	prg.smartadserver.com	anymind360.com
20	pagead2.googlesyndication.com	www.sunstar.com.ph pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com cdnjs.cloudflare.com tpc.googlesyndication.com securepubads.g.doubleclick.net c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com d2q8xv8xf7whrd.cloudfront.net
19	www.sunstar.com.ph	www.sunstar.com.ph code.jquery.com
16	track.adform.net	c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com s1.adform.net d2q8xv8xf7whrd.cloudfront.net d2849lw36e7cot.cloudfront.net
13	x.bidswitch.net	13 redirects
13	securepubads.g.doubleclick.net	www.sunstar.com.ph securepubads.g.doubleclick.net cdnjs.cloudflare.com www.googletagservices.com
12	60a6ae725fca.bitsngo.net	zsearch.zoomd.com
10	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
9	s1.adform.net	track.adform.net d2q8xv8xf7whrd.cloudfront.net d2849lw36e7cot.cloudfront.net s1.adform.net c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	www.google.com	www.sunstar.com.ph googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
8	widgets.outbrain.com	www.sunstar.com.ph widgets.outbrain.com
7	simage2.pubmatic.com	ads.pubmatic.com
7	c1.adform.net	5 redirects ads.pubmatic.com ssum-sec.casalemedia.com
7	ib.adnxs.com	3 redirects anymind360.com acdn.adnxs.com
6	image2.pubmatic.com	1 redirects ads.pubmatic.com
6	prod-sb-appanalytics-us1.servicebus.windows.net	code.jquery.com cdnjs.cloudflare.com
5	c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	um.simpli.fi	4 redirects ads.pubmatic.com
5	dsp.adfarm1.adition.com	5 redirects
5	services.insurads.com	cdn.insurads.com
4	i.clean.gg	d2q8xv8xf7whrd.cloudfront.net d2849lw36e7cot.cloudfront.net
4	match.adsrvr.org	2 redirects eu-u.openx.net ssum-sec.casalemedia.com
4	match.prod.bidr.io	4 redirects
4	eu-u.openx.net	anymind360.com eu-u.openx.net
4	log.outbrainimg.com	widgets.outbrain.com cdnjs.cloudflare.com
4	www.facebook.com	www.sunstar.com.ph connect.facebook.net
4	www.gstatic.com	www.google.com googleads.g.doubleclick.net
4	connect.facebook.net	www.sunstar.com.ph connect.facebook.net
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	sync.mathtag.com	3 redirects
3	us-u.openx.net	eu-u.openx.net
3	pm.w55c.net	3 redirects
3	pr-bh.ybp.yahoo.com	eu-u.openx.net ads.pubmatic.com ssum-sec.casalemedia.com
3	image6.pubmatic.com	2 redirects ads.pubmatic.com
3	sb.scorecardresearch.com	1 redirects widgets.outbrain.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	googleads.g.doubleclick.net zsearch.zoomd.com
3	cdnjs.cloudflare.com	zsearch.zoomd.com
3	gum.criteo.com	1 redirects static.criteo.net
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	zsearch.zoomd.com	www.sunstar.com.ph code.jquery.com
3	cdn.innity.net	www.sunstar.com.ph cdn.innity.net
2	ads.avct.cloud	2 redirects
2	ib.3lift.com	c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com ib.3lift.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	sync-tm.everesttech.net	2 redirects
2	a.sportradarserving.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
2	pixel.quantserve.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	js-sec.indexww.com	anymind360.com ssum-sec.casalemedia.com
2	ads.pubmatic.com	anymind360.com ads.pubmatic.com
2	static.criteo.net	anymind360.com cdnjs.cloudflare.com
2	msg-0d30238761a9e7c06.insurads.com	cdnjs.cloudflare.com
2	images.outbrainimg.com	www.sunstar.com.ph
2	odb.outbrain.com	widgets.outbrain.com
2	obs.cheqzone.com	ob.cheqzone.com www.sunstar.com.ph
2	mug.criteo.com	www.sunstar.com.ph
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	platform.twitter.com	www.sunstar.com.ph platform.twitter.com
2	cdn.insurads.com	www.sunstar.com.ph services.insurads.com
2	anymind360.com	www.sunstar.com.ph anymind360.com
2	cdn.izooto.com	www.sunstar.com.ph cdn.izooto.com
1	eb2.3lift.com	c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
1	tlx.3lift.com	c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
1	a5125.casalemedia.com	c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
1	d2849lw36e7cot.cloudfront.net	c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
1	a330.casalemedia.com	c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
1	d2q8xv8xf7whrd.cloudfront.net	c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
1	a691.casalemedia.com	c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	dis.criteo.com	1 redirects
1	rtb-csync.smartadserver.com	eu-u.openx.net
1	acdn.adnxs.com	anymind360.com
1	v1.addthisedge.com	s7.addthis.com
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	optimize.innity.com	www.sunstar.com.ph
1	messaging.insurads.com	cdn.insurads.com
1	mv.outbrain.com	widgets.outbrain.com
1	mcdp-nydc1.outbrain.com	cdnjs.cloudflare.com
1	maxcdn.bootstrapcdn.com	code.jquery.com
1	syndication.twitter.com	platform.twitter.com
1	www.google.de	www.sunstar.com.ph
1	as.innity.com	cdn.innity.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	adasia-d.openx.net	anymind360.com
1	bidder.criteo.com	anymind360.com
1	htlb.casalemedia.com	anymind360.com
1	hbopenbid.pubmatic.com	anymind360.com
1	ob.cheqzone.com	widgets.outbrain.com
1	z.moatads.com	s7.addthis.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.sunstar.com.ph
1	certify.alexametrics.com	www.sunstar.com.ph
1	widget-pixels.outbrain.com	www.sunstar.com.ph
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	certify-js.alexametrics.com	www.sunstar.com.ph
1	s7.addthis.com	www.sunstar.com.ph
1	www.googletagmanager.com	www.sunstar.com.ph
1	code.jquery.com	www.sunstar.com.ph
1	xg4iffui.collaura.it	1 redirects
372	116

This site contains links to these domains. Also see Links.

Domain
sunstar.us16.list-manage.com
epaper.sunstar.com.ph
om.forgeofempires.com
www.outbrain.com
www.youtube.com
gallery.sunstar.com.ph
www.facebook.com
twitter.com
layoutintl.com

Subject Issuer	Validity	Valid
sunstar.com.ph Go Daddy Secure Certificate Authority - G2	`2020-10-16` - `2021-11-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-14` - `2021-08-14`	a year	crt.sh
anymind360.com R3	`2021-05-08` - `2021-08-06`	3 months	crt.sh
*.innity.net DigiCert SHA2 Secure Server CA	`2021-05-12` - `2022-05-17`	a year	crt.sh
*.insurads.com Go Daddy Secure Certificate Authority - G2	`2021-04-05` - `2022-05-07`	a year	crt.sh
*.zoomd.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-30` - `2021-11-30`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
*.raynw.net DigiCert SHA2 Secure Server CA	`2020-07-28` - `2022-08-05`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
ob.cheqzone.com R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.innity.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-11` - `2021-12-12`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
obs.cheqzone.com R3	`2021-04-15` - `2021-07-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
servicebus.windows.net Microsoft Azure TLS Issuing CA 01	`2021-04-21` - `2022-04-16`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2021-01-13` - `2022-02-14`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.3lift.com Amazon	`2020-06-26` - `2021-07-26`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh

This page contains 42 frames:

Primary Page: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Frame ID: 64B57CE500EC4DD8F12CAF672E92EC94
Requests: 152 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html
Frame ID: AB6494AB16271199800AED3E856505B2
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 4D3B644CC4F2AC8275778C95BAD68539
Requests: 2 HTTP requests in this frame

Frame: https://cdn.innity.net/admanager.js
Frame ID: 083C76D1B0127752FE1E0CCB2229DCD0
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.sunstar.com.ph
Frame ID: F23B376E958E6D38B8725188E631A422
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836569479021745&output=html&h=250&slotname=8474512511&adk=2158727077&adf=2715190138&pi=t.ma~as.8474512511&w=300&lmt=1622385958&psa=0&format=300x250&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958480&bpp=1&bdt=164&idt=210&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7462738919940&frm=20&pv=2&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AhEKIIJsV9&p=https%3A//www.sunstar.com.ph&dtd=256
Frame ID: 1DFD76558A80F5C80C1901FA411037A8
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836569479021745&output=html&h=100&slotname=7994613701&adk=471501679&adf=1831644903&pi=t.ma~as.7994613701&w=320&lmt=1622385958&psa=0&format=320x100&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958481&bpp=1&bdt=165&idt=340&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=7462738919940&frm=20&pv=1&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mNm9Ju2ynZ&p=https%3A//www.sunstar.com.ph&dtd=344
Frame ID: 5EF3B035587893D3F567569A22AF1061
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836569479021745&output=html&h=300&slotname=5503418676&adk=3545999935&adf=2677233012&pi=t.ma~as.5503418676&w=300&lmt=1622385958&psa=0&format=300x300&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958541&bpp=1&bdt=225&idt=364&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C320x100&correlator=7462738919940&frm=20&pv=1&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hhjy02jNRp&p=https%3A//www.sunstar.com.ph&dtd=368
Frame ID: E0D30CAD86819F132534AF5594204B22
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Frame ID: AB0D7255F342C5112AF6F88BE9FD0FA7
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 0E42F424FC1ECB592DD7B132BF51BA3E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DE0245EB503A0121025AE96CD9315218
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/comments.php?app_id=178272608902063&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31a87210fc56ec%26domain%3Dwww.sunstar.com.ph%26origin%3Dhttps%253A%252F%252Fwww.sunstar.com.ph%252Ff134c10c6157ebc%26relation%3Dparent.parent&container_width=878&height=100&href=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&locale=en_US&numposts=5&sdk=joey&version=v5.0&width=
Frame ID: 3CD03109331E96BECDE9BE9762C78779
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: BF039E045C852C0218EAA51B4C7F4502
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 344BDD7343830630A68DB15A6C236D30
Requests: 1 HTTP requests in this frame

Frame: https://services.insurads.com/ad?auid=706364&csz=%5B%5D&sz=%5B%5D&dm=1&is=0&sid=153B3D75A2B9C15B&s=2049&appId=1709&ct=%7B%7D&h=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&ts=1622385960820
Frame ID: C2FF810C88C04E4D6F6C740783664D30
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sunstar.com.ph
Frame ID: E54E8762E871480F5BD39D96C1805A3E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 280334D3108326F2FC17B7E51DE712C6
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5B5F62D2EDCCE7FFAD845EFA7AD7DF27
Requests: 17 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Frame ID: 48D7F67C3F0C24B011EEE56C704F9670
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FB37202C6E5CF6691A87DFAD720BAB42
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sunstar.com.ph/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CD70D4DA54C4C3892267B847D252E7F9
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=82BAF097-2B4F-4041-88F5-2E51A0168DF8
Frame ID: 39F286D02812E0B2FCE9E3E30A420CFB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7310773976145838003
Frame ID: 67573EB5D45CAD986F8655E270A11A54
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: FA831C2C0C726A0A7139D18A2476FD31
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968094648287426708
Frame ID: 399A6C8878CB41FA3340A1099C010364
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssisx_1HpsRBhMpw4ZhOiwefyVh27l0wpyqJvHpvItlvX7t-RSGTYRy4CNfgH3-eYTeD7jsdFq-CHoacS8kNMhZJPtnhaQKVeAuD57Ej4yndyoJL23-YCart9DCU0vCM1yXfeGYUUnuyJteYoJM8HXfHLFinKD-tcqhfG-Si-VyPMMdajHFdwDmuCVp7S0BuaErYq5V7D3jlMNvnil--FMeFgNeGawQq5YWsvzTC9ffENHPZJ4iEwBmYte1SFInGy2RIwPhNdLCLNl1Rk1Y_Xwmtrr-1PIfXEbkUDtsvgVwb8qypLc9HaV23ocyCQ&sig=Cg0ArKJSzBqhPKWcFV92EAE&adurl=
Frame ID: D41C30FB7E9B52C3935E6F37B4F23C45
Requests: 9 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=1709&requests=[{%22eaup%22:%22/1012712/Article_Page_leaderboard%22,%22eolid%22:5659529193,%22advid%22:5006601978,%22w%22:728,%22h%22:90,%22eId%22:%22Article_Page_leaderboard_0%22}]&h=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead
Frame ID: 172BE0A56213C2F0C193B434F99F54D0
Requests: 1 HTTP requests in this frame

Frame: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 82EC17865064AF4E5557E3CCA4D30917
Requests: 18 HTTP requests in this frame

Frame: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2BEE36AF25B05F5F13E0962C314C3050
Requests: 20 HTTP requests in this frame

Frame: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 801EB1407448B0BB26D4E5F973D44434
Requests: 11 HTTP requests in this frame

Frame: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 949F2717AB41F30B92EDDB78606348EC
Requests: 17 HTTP requests in this frame

Frame: https://a691.casalemedia.com/ifnotify?consent=1&c=1407AF0&r=B39BCF19&t=60B3A52A&u=X09DYUM4U1gtUE8tSnMxejhwQmF2d3ND&m=ac7a561ff8c697175691c0d23e28c3b7&wp=7&aid=ba24019c-3ea3-342c-c0ff-230fca8f830d&tid=14FC5&s=535D6&cp=0.07&n=www.sunstar.com.ph&pr=xx&epr=YLOlKgAIVvsK4DcIWQGYLQ
Frame ID: A2DE2140A15F96F6E36A5B38ADE01D59
Requests: 1 HTTP requests in this frame

Frame: https://a330.casalemedia.com/ifnotify?consent=1&c=1407AC2&r=DE47C52B&t=60B3A52A&u=X09DYUM4U1gtUE8tSnMxejhwQmF2d3ND&m=dc3292f7b50177cc8079c0d9f23cdc93&wp=5&aid=cf7140d5-6bc8-3abc-3834-88cc58df59fe&tid=14FC5&s=535D6&cp=0.05&n=www.sunstar.com.ph&pr=xx&epr=YLOlKgAIbgIKe6rRYA2W0A
Frame ID: E13B80F5440CB33930D9FBB5D37E4F59
Requests: 1 HTTP requests in this frame

Frame: https://a5125.casalemedia.com/ifnotify?consent=1&c=179AB13&r=CA1FC3E0&t=60B3A52A&u=X09DYUM4U1gtUE8tSnMxejhwQmF2d3ND&m=fd5f8bb2033261dff33cbf9e4273f268&wp=7&aid=fb9b0fdc-db3d-301a-25d1-1a478d9737b0&tid=14FC5&s=535D6&cp=0.07&n=www.sunstar.com.ph&pr=xx&epr=YLOlKgAIUJAIEdTIQAHAKw
Frame ID: 854F20230261E8EE317106C68149E390
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuquZ-ZThKfBGBI2Wha-udUOS7rXQiH5YN0kNqMPW5-QmsBLX0eOuahaBwASSKOpgb7c50jLLOgq0qbWBCawv1dP3kCFexigKBn1w_HmdrvglaU8_hw3jYHE0rzq28_bUbeqbmUvRkui7MPDzt5UBdsiR1lFd6R1E5jHNFWLQoM7VXCzax60ko-ao6vXd8djPnlETFL9npa4jgMiVGedFm-atUVy1Ez8Y5ZrumOqArBPIszlJmgNrjFIV33ut0PLnWNmmaxEHo7hg9bST8w4JNuvxudtLgDSlc3TDeR0xWBhYanTA&sig=Cg0ArKJSzD_bhlj0u4QyEAE&urlfix=1&adurl=
Frame ID: BA2396C5E1879B3733BA4C734F6D8B1A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9392826248043988&output=html&h=280&slotname=8616199616&adk=654258349&adf=776189484&pi=t.ma~as.8616199616&w=336&psa=0&format=336x280&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385962957&bpp=4&bdt=89&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3D2696593e40a9b39c%3AT%3D1622385958%3AS%3DALNI_MYmW1gfPA0nBXGDp1t0HeuufDZxVg&correlator=7462738919940&frm=23&ife=4&pv=2&ga_vid=308863201.1622385959&ga_sid=1622385963&ga_hid=56005&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=1936922221&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3567983320722131&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=1&uci=1.s46kja6kbppf&fsb=1&dtd=62
Frame ID: DA3F6ED3D4D0B98D7A68078AD96381F2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 6E7F59954C8035289634D673A32A1268
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F61A546771C047BEA1A7EE35991DEF99
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EDEFFA3DEEFCB2AC0FCC6C39DB3F6382
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CB94ADD03985C0E7D6225B359A0BF0C8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5F9278E05C74AFC7BAA9BD4AC51C970F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 16692692A8B585CFEAE5F42365952362
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://xg4iffui.collaura.it/ HTTP 302
https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

372
Requests

100 %
HTTPS

36 %
IPv6

67
Domains

116
Subdomains

90
IPs

12
Countries

3731 kB
Transfer

9396 kB
Size

24
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://sunstar.us16.list-manage.com/subscribe?u=69b5ee6c0b53ac3fc76286540&id=6858762225
Title: Subscribe to newsletter

Search URL Search Domain Scan URL

URL: http://epaper.sunstar.com.ph/
Title: Subscribe to e-paper

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/de/?ref=out_de_de_targetCPA&external_param=$section_name$&pid=$publisher_name$&bid=00efc5b332991320da4fb3e6b9cef529f8&obOrigUrl=true
Title: Wenn du Zeit am Computer totschlagen musst, ist dieses Civilization Spiel ein Muss. Kein Install. (Forge Of Empires)

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCrs5I6O7SzINZ0pumvhvMTQ
Title: SunStar WebTV

Search URL Search Domain Scan URL

URL: https://gallery.sunstar.com.ph/
Title: Buy Photos

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SunStarPhilippines/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/sunstaronline
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/sunnexdesk
Title: YouTube

Search URL Search Domain Scan URL

URL: https://layoutintl.com/
Title: Powered By NewsPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xg4iffui.collaura.it/ HTTP 302
https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sunstar.com.ph%2F&domain=www.sunstar.com.ph&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=baHtlnxKcmdWYlM1L1h2NHc2aEVUanE4eXlORHQwOWpkK3lWbmhUcklkYkhQM3pqcTBvUkJiNUpZMEloQ1dqWkxzUjhxMlhtTFZwWWlaYWxHZDhsalo1SnJ4b1ZzQUxWTzVZNmVacFJNVnQ2L0tDdWRuYTUyZzVzZHZ1MVdLYWdISUN3YVNaa2hYeDdISE5YVGVPRUluT3d4RDhGSFUwOWtHWVRkMGQ4WkRhUUV2UTlUOHNiTmFNbkpINElCSmxVNW5mZ3JQNTJrSjcvQ0tXcG1vOGFTZXlkMlNEeWdzaFlLdk1aRFQ3UFRXU1BMSEh3PXw&cppv=2

Request Chain 163

https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=2996&cs_ucfr=1&ns__t=1622385959726&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D2996%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DDE&c9=https%3A%2F%2Fwww.sunstar.com.ph%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=2996&cs_ucfr=1&ns__t=1622385959726&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D2996%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DDE&c9=https%3A%2F%2Fwww.sunstar.com.ph%2F

Request Chain 189

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUINXYlza3qvafzbtQU43PqMISF0VmsiT5ceTfKFlkWQgDbMB1ynbqVtvP0t-dp44GDchQFnMi1cGdYRz82eiD0OgiKhc86-&google_gid=CAESEHHsrqoH487Zk0zR8QKzu8w&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUxPbEtBQUFCRXNlZkVXLQ&google_push=AQvitUINXYlza3qvafzbtQU43PqMISF0VmsiT5ceTfKFlkWQgDbMB1ynbqVtvP0t-dp44GDchQFnMi1cGdYRz82eiD0OgiKhc86-

Request Chain 191

https://rtb.openx.net/sync/dds?google_gid=CAESECp5SK955B-0ajA3cb1VJJ8&google_cver=1&google_push=AQvitUJtqiH3OOwXMnP5lw_O4Tftl8bz7K8YUNRQd9Lrym65EaFKYzTRFN-HlMCM8PfhhI8eIQ2hABb_ntL-gvknwLF8-xYMuKac HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJtqiH3OOwXMnP5lw_O4Tftl8bz7K8YUNRQd9Lrym65EaFKYzTRFN-HlMCM8PfhhI8eIQ2hABb_ntL-gvknwLF8-xYMuKac&google_hm=1odZYkABheS30ivx3NfGog==

Request Chain 192

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDXXXaKnvX2TlGI4Nq0Iis0&google_cver=1&google_push=AQvitUKCF7AzVItTqXL2LYvpqRL9BQ4eRE0vx8hIVg4SdAC0zP-Gp4lYISLiIPjL89k10h8OC9a3ubouOAdDbNgFGxpXrrO7mcaO HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDXXXaKnvX2TlGI4Nq0Iis0&google_cver=1&google_push=AQvitUKCF7AzVItTqXL2LYvpqRL9BQ4eRE0vx8hIVg4SdAC0zP-Gp4lYISLiIPjL89k10h8OC9a3ubouOAdDbNgFGxpXrrO7mcaO&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=grrwlytPQEGI9S5RoBaN-A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKCF7AzVItTqXL2LYvpqRL9BQ4eRE0vx8hIVg4SdAC0zP-Gp4lYISLiIPjL89k10h8OC9a3ubouOAdDbNgFGxpXrrO7mcaO

Request Chain 193

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENX5Nhnej7QGaSCzKb2dRLI&google_cver=1&google_push=AQvitUIhrUA7WrjuZ4FUVBgLLIez0SCW2vL8IPBmFmlk5ETuMPe1vX4Xx09JQRrV5jWtwfK8qdtpe1rFDygO6LpMBbgxuvRs0Ah_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCQVBNVDktMVgtRElZVg==&google_push=AQvitUIhrUA7WrjuZ4FUVBgLLIez0SCW2vL8IPBmFmlk5ETuMPe1vX4Xx09JQRrV5jWtwfK8qdtpe1rFDygO6LpMBbgxuvRs0Ah_

Request Chain 194

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1

Request Chain 217

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=HaSHh7FP1LNmHw5

Request Chain 218

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=30ab8b9a-73de-43e6-9a51-85fe4bb686ee HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=30ab8b9a-73de-43e6-9a51-85fe4bb686ee HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=b0a7dfe0-5f2d-480c-9545-23bf7aca0643&ssp=openx&expires=30&user_group=5&bsw_param=30ab8b9a-73de-43e6-9a51-85fe4bb686ee HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=30ab8b9a-73de-43e6-9a51-85fe4bb686ee

Request Chain 219

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDMDQwN0JaMG9BQURGcUFIZW01QQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC0407BZ0oAADFqAHem5A&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC0407BZ0oAADFqAHem5A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 220

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7c4e60b3-a52a-4b00-87a9-ba4d7b868c17

Request Chain 221

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=oTH_aPY0r2O6MPw-ojOwa_Jn-D26Zf5qrmd0Fe7l

Request Chain 222

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2431088141839179251

Request Chain 225

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHAFQc2u7AzW_dxAvgV9FF4&google_cver=1

Request Chain 226

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 229

https://c1.adform.net/serving/cookie/match?party=14&cid=82BAF097-2B4F-4041-88F5-2E51A0168DF8 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=82BAF097-2B4F-4041-88F5-2E51A0168DF8

Request Chain 230

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7310773976145838003

Request Chain 231

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=

Request Chain 232

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968094648287426708

Request Chain 233

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=grrwlytPQEGI9S5RoBaN-A%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 234

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=16bc60b3-a52a-4700-a76e-1f3663947c58

Request Chain 235

https://pixel.onaudience.com/?partner=214&mapped=82BAF097-2B4F-4041-88F5-2E51A0168DF8 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=9d406eed1076de73 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3f57b140-e32f-48a6-7d4e-001a1dc0b4df&reqId=7c33c5b9-53a2-4d9f-4a5f-a525ee27be6f&zcluid=9d406eed1076de73&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEHu9npoCcC5HvYOxhPpJW1E&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3f57b140-e32f-48a6-7d4e-001a1dc0b4df&reqId=7c33c5b9-53a2-4d9f-4a5f-a525ee27be6f&zcluid=9d406eed1076de73&zdid=1332

Request Chain 236

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODJCQUYwOTctMkI0Ri00MDQxLTg4RjUtMkU1MUEwMTY4REY4&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 237

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIn7S3T0XwrUZ4F64pMA5t8&google_cver=1

Request Chain 239

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5954425679924379616

Request Chain 240

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:42a460b3-a52a-4800-9bb8-5636a69ffa1e&gdpr=0&gdpr_consent=

Request Chain 241

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=727435e6-5ccd-4550-8f30-bb71f88d0541

Request Chain 242

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3518618575674890531&gdpr=0&gdpr_consent=

Request Chain 244

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=82BAF097-2B4F-4041-88F5-2E51A0168DF8&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=82BAF097-2B4F-4041-88F5-2E51A0168DF8&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-aTECktFE2uW2uPXbm6JpY63ue_WuIWU-~A&gdpr=0&gdpr_consent=

Request Chain 245

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ec8AyC7KUMNizgOees1PyyqZB51imwHKdpnXDtsd

Request Chain 246

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0384d577-c282-4740-acfd-90a8bcc32c31&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=30ab8b9a-73de-43e6-9a51-85fe4bb686ee&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 247

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YLOlKgABX5iA-gAC HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLOlKgABX5iA-gAC&gdpr=0&gdpr_consent=&_test=YLOlKgABX5iA-gAC

Request Chain 249

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&dcc=t

Request Chain 250

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLOlKBDZ4lge5057QsfaJQAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YLOlKBDZ4lge5057QsfaJQAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEwSk4oQOTsooL-osp6riAY&google_cver=1&gdpr=1

Request Chain 251

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1

Request Chain 252

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=HaSHh7FP1LNmHw5&gdpr=1

Request Chain 254

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1622472362&gdpr=1

Request Chain 338

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 346

https://um.simpli.fi/gp_match?google_gid=CAESECGz30HcnvsFlUf3wZw-xo8&google_cver=1&google_push=AQvitUJg0xbZARl--IgDaibtMOCZwz40HsJR8GRAyh3xQ2RJoZCF43oQvoI1XZDyt3yT6MI8ey3D6VvacveKZkrJsfWCgHHW9we5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CCD4D6690881496ABCA6BC9F9CACFC53&google_push=AQvitUJg0xbZARl--IgDaibtMOCZwz40HsJR8GRAyh3xQ2RJoZCF43oQvoI1XZDyt3yT6MI8ey3D6VvacveKZkrJsfWCgHHW9we5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CCD4D6690881496ABCA6BC9F9CACFC53&google_push=AQvitUJg0xbZARl--IgDaibtMOCZwz40HsJR8GRAyh3xQ2RJoZCF43oQvoI1XZDyt3yT6MI8ey3D6VvacveKZkrJsfWCgHHW9we5&google_tc=

Request Chain 347

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMTAOGSAJwvBJqZc5pgjhGw&google_cver=1&google_push=AQvitUL4v6XYR8B9gpAYjrUw5E-d2uUQkI4kT3HUok6AQgDQuK53yPS-hlbmXOXFPFrs6V9e9oJb3xiVuqiLzo--FgxSo7JLffRG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MTY3MzEwOA%3D%3D&google_push=AQvitUL4v6XYR8B9gpAYjrUw5E-d2uUQkI4kT3HUok6AQgDQuK53yPS-hlbmXOXFPFrs6V9e9oJb3xiVuqiLzo--FgxSo7JLffRG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MTY3MzEwOA%3D%3D&google_push=AQvitUL4v6XYR8B9gpAYjrUw5E-d2uUQkI4kT3HUok6AQgDQuK53yPS-hlbmXOXFPFrs6V9e9oJb3xiVuqiLzo--FgxSo7JLffRG&google_tc=

Request Chain 348

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOHwq5lEnCiYoV07p0y6-a4&google_cver=1&google_push=AQvitUJbPIIogIdYhfJrfucR8cw6gWbSl7CdPJLrwF7IL0bWgxhiO8UoeUifXFPKxS7iwUS8jX-EJRreNiESmBA3-GI7uolZiQAf HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOHwq5lEnCiYoV07p0y6-a4&google_cver=1&google_push=AQvitUJbPIIogIdYhfJrfucR8cw6gWbSl7CdPJLrwF7IL0bWgxhiO8UoeUifXFPKxS7iwUS8jX-EJRreNiESmBA3-GI7uolZiQAf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJbPIIogIdYhfJrfucR8cw6gWbSl7CdPJLrwF7IL0bWgxhiO8UoeUifXFPKxS7iwUS8jX-EJRreNiESmBA3-GI7uolZiQAf&google_hm=hWUFrfaqSj6UO2j3jNO4Eg==

Request Chain 350

https://um.simpli.fi/gp_match?google_gid=CAESECGz30HcnvsFlUf3wZw-xo8&google_cver=1&google_push=AQvitUJ8BQ9KqnXNa4vmlkik4wRKoMXaSQxln4V8VcTm9sqX_j9u3qMPuAZZAR79Xp3MnIqXPgmZIGCX9ykk4zVu0f2BkGvlqB6c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6F505FF9BB9840A080E8E6BF267647C7&google_push=AQvitUJ8BQ9KqnXNa4vmlkik4wRKoMXaSQxln4V8VcTm9sqX_j9u3qMPuAZZAR79Xp3MnIqXPgmZIGCX9ykk4zVu0f2BkGvlqB6c

Request Chain 351

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMTAOGSAJwvBJqZc5pgjhGw&google_cver=1&google_push=AQvitUIzFXabEn0oh6wAdArChG9bJRbu5Mq3uGCjVMNHIIG2-Dp-s8RhRUnUl4dGAcmH-1jfjvZ6gXadEeW81lCErMlaut8s5dn- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MTgwNDE4MA%3D%3D&google_push=AQvitUIzFXabEn0oh6wAdArChG9bJRbu5Mq3uGCjVMNHIIG2-Dp-s8RhRUnUl4dGAcmH-1jfjvZ6gXadEeW81lCErMlaut8s5dn-

Request Chain 352

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOHwq5lEnCiYoV07p0y6-a4&google_cver=1&google_push=AQvitULTW9734y-k51xpfHsq3CG7nIkfoT_c1uKQr6RRxm93908iZBPj9IfslHR3RJGWCCuZZq0vvWZCIUTF1x7ZGK4VVE6Y-HTz HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOHwq5lEnCiYoV07p0y6-a4&google_cver=1&google_push=AQvitULTW9734y-k51xpfHsq3CG7nIkfoT_c1uKQr6RRxm93908iZBPj9IfslHR3RJGWCCuZZq0vvWZCIUTF1x7ZGK4VVE6Y-HTz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULTW9734y-k51xpfHsq3CG7nIkfoT_c1uKQr6RRxm93908iZBPj9IfslHR3RJGWCCuZZq0vvWZCIUTF1x7ZGK4VVE6Y-HTz&google_hm=YqAwOnhCQTi0wzDAAHJ9HQ==

Request Chain 354

https://um.simpli.fi/gp_match?google_gid=CAESECGz30HcnvsFlUf3wZw-xo8&google_cver=1&google_push=AQvitUKE4DPee39LiMc4hC8ditJaAjdZVD9dBFx5Xsjh6QDk0jWa1W73RZZqAjRGI7NWxi-dalYK8U05x5oS5x_0PnfAX4wZXOQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7EB3BBA917F040CE9CA5647332357BB3&google_push=AQvitUKE4DPee39LiMc4hC8ditJaAjdZVD9dBFx5Xsjh6QDk0jWa1W73RZZqAjRGI7NWxi-dalYK8U05x5oS5x_0PnfAX4wZXOQ

Request Chain 355

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMTAOGSAJwvBJqZc5pgjhGw&google_cver=1&google_push=AQvitUIETJ7zhUMy_w1gweF20IUX0luTYF_bvCo_fyxakPaqn0to5uWKG2fti3sbsAytD8llgo5ovYIbwJz2Gr5DIu23oyZ0nBg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MjA2NjMyNA%3D%3D&google_push=AQvitUIETJ7zhUMy_w1gweF20IUX0luTYF_bvCo_fyxakPaqn0to5uWKG2fti3sbsAytD8llgo5ovYIbwJz2Gr5DIu23oyZ0nBg

Request Chain 356

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOHwq5lEnCiYoV07p0y6-a4&google_cver=1&google_push=AQvitUJc5h59UrO1nqAEaBRGUQI55kKjoRjdp3PMHaKvgjo5UxeB0leNMF8GoCQVfe4giO_V7pVVnGXS7cbMx4HQVTxHx6KeYQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOHwq5lEnCiYoV07p0y6-a4&google_cver=1&google_push=AQvitUJc5h59UrO1nqAEaBRGUQI55kKjoRjdp3PMHaKvgjo5UxeB0leNMF8GoCQVfe4giO_V7pVVnGXS7cbMx4HQVTxHx6KeYQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJc5h59UrO1nqAEaBRGUQI55kKjoRjdp3PMHaKvgjo5UxeB0leNMF8GoCQVfe4giO_V7pVVnGXS7cbMx4HQVTxHx6KeYQ&google_hm=gQ87k_rMSaunAZMzmh0s9A==

Request Chain 368

https://um.simpli.fi/gp_match?google_gid=CAESECGz30HcnvsFlUf3wZw-xo8&google_cver=1&google_push=AQvitUJf-Fgy5o9V6dKbT936hzGzIctrHtQcm8n3u-JZbdrzCT9MNR7Hzqz0c49UB0e1fUOoqaSvG9jLxwegYHBdFV-xr3RCqTxw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7EB3BBA917F040CE9CA5647332357BB3&google_push=AQvitUJf-Fgy5o9V6dKbT936hzGzIctrHtQcm8n3u-JZbdrzCT9MNR7Hzqz0c49UB0e1fUOoqaSvG9jLxwegYHBdFV-xr3RCqTxw

Request Chain 369

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMTAOGSAJwvBJqZc5pgjhGw&google_cver=1&google_push=AQvitUJ3nEV7iFtxikLCIaqTPbSU_g8ebDIa6waUDkI2StZahPKkCSyKPUV58hS36dSsZBXy_zmFTHjmgN-iUbugzoSyheMyPJY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MjA2NjMyNA%3D%3D&google_push=AQvitUJ3nEV7iFtxikLCIaqTPbSU_g8ebDIa6waUDkI2StZahPKkCSyKPUV58hS36dSsZBXy_zmFTHjmgN-iUbugzoSyheMyPJY

Request Chain 370

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOHwq5lEnCiYoV07p0y6-a4&google_cver=1&google_push=AQvitULLm8O9bBO0OSzfaPQwKmKS1k-QSO9xxcrsn6mxCdujS-5GaGvMbyoZFaEVmOo3myXmnBAj3uxlylfND5gm1ZM9wxqu3sSk HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=89b65c08-8b96-462a-9c21-c50acb0e1584&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULLm8O9bBO0OSzfaPQwKmKS1k-QSO9xxcrsn6mxCdujS-5GaGvMbyoZFaEVmOo3myXmnBAj3uxlylfND5gm1ZM9wxqu3sSk&google_hm=YqAwOnhCQTi0wzDAAHJ9HQ==

372 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 2-trucks-collide-catch-fire-4-dead Show response
www.sunstar.com.ph/article/1877981/Bacolod/Local-News/
Redirect Chain

http://xg4iffui.collaura.it/
https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

54 KB
13 KB

39ms
16ms

Document
text/html

192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: 221cfcab230ebf7c469f05c9bf27518c8dc3d5471349fd620e3a9b830bfa27c2

Request headers

:method: GET
:authority: www.sunstar.com.ph
:scheme: https
:path: /article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sun, 30 May 2021 14:45:58 GMT
content-type: text/html
x-sucuri-id: 15004
set-cookie: device=web; expires=Sun, 30-May-2021 14:53:53 GMT; path=/ device_used=web; expires=Sun, 30-May-2021 14:53:53 GMT; path=/ device_type=web; expires=Sun, 30-May-2021 14:53:53 GMT; path=/ device=web; expires=Sun, 30-May-2021 14:53:53 GMT; path=/ device_used=web; expires=Sun, 30-May-2021 14:53:53 GMT; path=/ device_type=web; expires=Sun, 30-May-2021 14:53:53 GMT; path=/ USER_COUNTRY_CODE=IE; expires=Tue, 29-Jun-2021 14:23:53 GMT; path=/ p_stats_monthly=1877981; expires=Tue, 29-Jun-2021 14:23:53 GMT; path=/ device=web
x-device: device=web
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: dPiOa1ymcrRihBZrOIby7kZ5MyggtW49QMLp4AZIpNZjaCZgdpwAJQ==
age: 1325
x-sucuri-cache: MISS

Redirect headers

X-Powered-By: Express
Location: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Date: Sun, 30 May 2021 14:45:58 GMT
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 37ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "887 / 735 of 1000 / last-modified: 1622153345"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21426
x-xss-protection: 0
expires: Sun, 30 May 2021 14:45:58 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
748 B 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1b6a758365f36733ee318c64cbfd8d2a1aee8dae87112ed62597cdcc15fe0cfc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Sun, 30 May 2021 14:45:58 GMT

GET
H2 200 selection-sharer.min.css
www.sunstar.com.ph/css/ 6 KB
3 KB 8ms
7ms Stylesheet
text/css 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunstar.com.ph/css/selection-sharer.min.css
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: bacf66ab856f40796dfc72fa7ae94235bc66475895549a8b34b2dcb2d6d2d2d2

Request headers

:path: /css/selection-sharer.min.css
pragma: no-cache
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
age: 67018
x-cache: Hit from cloudfront
x-sucuri-cache: HIT
pragma: public
last-modified: Tue, 02 Jun 2020 15:10:46 GMT
server: nginx
etag: W/"5ed66bf6-18ec"
vary: Accept-Encoding
content-type: text/css
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-sucuri-id: 15004
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ytYtYtmTrENi96vk3utJ6Mqd5xGAnW5WQUCBJbcYXHvZsQlbe0NtQA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style-one.min.css
www.sunstar.com.ph/themes/sunstar/css/ 247 KB
57 KB 9ms
8ms Stylesheet
text/css 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: d10052bd1bdc51bcd867bf1ef3681cb8f7d24d54e684b2d1b98e95733c4175b3

Request headers

:path: /themes/sunstar/css/style-one.min.css?v8.13
pragma: no-cache
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
age: 67018
x-cache: Hit from cloudfront
x-sucuri-cache: HIT
pragma: public
last-modified: Mon, 10 May 2021 07:53:48 GMT
server: nginx
etag: W/"6098e68c-3dc46"
vary: Accept-Encoding
content-type: text/css
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-sucuri-id: 15004
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 5xkyv7a-dl6X9E53ituSQQ5z5bdyvvj9kHS2_zz-UXNxAX6pJDiUrw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 premium-popup.min.css
www.sunstar.com.ph/themes/sunstar/css/ 5 KB
2 KB 18ms
16ms Stylesheet
text/css 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunstar.com.ph/themes/sunstar/css/premium-popup.min.css?v1.03
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: ed9ee128d4095786ba21fd26316090475245b192a620698f44af20638139a364

Request headers

:path: /themes/sunstar/css/premium-popup.min.css?v1.03
pragma: no-cache
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
age: 67018
x-cache: Hit from cloudfront
x-sucuri-cache: HIT
pragma: public
last-modified: Thu, 01 Oct 2020 07:42:15 GMT
server: nginx
etag: W/"5f758857-1413"
vary: Accept-Encoding
content-type: text/css
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-sucuri-id: 15004
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: aY-esDFDmRav-NZ2OktHc70U6ZSdhMRN31GTf0uu0MLGofJK_3HVyg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style-update.min.css
www.sunstar.com.ph/themes/sunstar/css/ 634 B
759 B 18ms
17ms Stylesheet
text/css 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunstar.com.ph/themes/sunstar/css/style-update.min.css?v1.06
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: 57dcf8b4b8cd5a57930bf6a6b55d40b6d4a10f472c2aa42f633babe8050abb76

Request headers

:path: /themes/sunstar/css/style-update.min.css?v1.06
pragma: no-cache
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
age: 67018
x-cache: Hit from cloudfront
x-sucuri-cache: HIT
pragma: public
last-modified: Tue, 02 Jun 2020 15:10:50 GMT
server: nginx
etag: W/"5ed66bfa-27a"
vary: Accept-Encoding
content-type: text/css
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-sucuri-id: 15004
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 26j7XdxzYWbgNpHjArWLI65UWoeB1gu72nDFTTO2_nYdFsJMP4u5Dw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 28ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin: https://www.sunstar.com.ph
Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1622385958.dop004.fr8.t,1622385958.cds292.fr8.hn,1622385958.cds002.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 22ms
18ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-308175-1

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9efa2aa6bdf90651decf2c011df2dd00ea766226e00b2cf3004c10d83a72590d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35862
x-xss-protection: 0
last-modified: Sun, 30 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 30 May 2021 14:45:58 GMT

GET
H2 200 3ce7034c2709f8fc2447018f8fcc5b73636d0c17.js Show response
cdn.izooto.com/scripts/ 2 KB
1 KB 39ms
19ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/3ce7034c2709f8fc2447018f8fcc5b73636d0c17.js

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af59ea12e97b1b8a5285f78c9d5c209cb276382600e5aea9b07dfc01eab98e6d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Jan 2021 09:48:06 GMT
server: cloudflare
age: 278250
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=691200
expires: Mon, 07 Jun 2021 14:45:58 GMT
cf-ray: 6578bfcf98a663a1-FRA
cf-request-id: 0a5f5635c3000063a1d332e000000001
cf-bgj: minify

GET
H2 200 ats.js Show response
anymind360.com/js/3181/ 114 KB
27 KB 48ms
15ms Script
application/javascript 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/3181/ats.js

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

321245bf2268cd73f72a65009ea72bc13fbe334768fad8957c59367173788208

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
x-guploader-response-body-transformations: gunzipped
age: 13475
x-guploader-uploadid: ABg5-Uz1XJXjF-HuOWFpy84FpzE2BVHLEGTEpAeC6AupUr18cCiebBb5oMH_codEyTmHP3z6jcYsewnBaFTb3Qa1nzg
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 26595
x-served-by: cache-tyo11945-TYO, cache-fra19160-FRA
access-control-allow-origin: *
expires: Sun, 30 May 2021 11:01:23 GMT
last-modified: Thu, 18 Mar 2021 03:43:30 GMT
server: UploadServer
x-timer: S1622385958.363199,VS0,VE1
etag: W/"3432d2ad0873b645b648ee9013eaa523"
vary: Accept-Encoding
x-goog-hash: crc32c=X+G0aQ==, md5=NDLSrQhztkW2SO6QE+qlIw==
x-goog-generation: 1616039010944559
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 26595
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
warning: 214 UploadServer gunzipped
x-cache-hits: 6, 1

GET
H/1.1 200
OK admanager-async.js Show response
cdn.innity.net/ 5 KB
2 KB 54ms
14ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/admanager-async.js
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f38579c50edb7a9e22a53d52a6272f6180b39cfcf6eae6fcf9009b659b0d58df

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 14:45:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Feb 2020 09:20:41 GMT
Server: Apache
ETag: "121a-59f4ee2916c40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1546
Expires: Mon, 31 May 2021 14:45:58 GMT

GET
H2 200 9I7XLBWW.js Show response
cdn.insurads.com/bootstrap/ 8 KB
4 KB 68ms
9ms Script
application/x-javascript 185.59.220.199
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insurads.com/bootstrap/9I7XLBWW.js
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-199.datapacket.com
Software: BunnyCDN-DE1-722 /
Resource Hash: b4d6f2a59b7a98fcfb5bd04e84172fa55ec144038c10d9e5aff421da13b33766

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
cdn-edgestorageid: 601
x-amz-request-id: 1VXA0VJHB2E5NCPD
cdn-cachedat: 2021-05-29 00:37:52
cdn-pullzone: 55316
content-length: 3629
x-amz-id-2: /vYRTaTx2nBJJ6fXo8164WbXmJKF2tPQIO0Oz3F8cfY4w793WKDFBK4HB9TY5vLjs7WrPeA0Swg=
last-modified: Fri, 28 May 2021 13:22:42 GMT
server: BunnyCDN-DE1-722
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cdn-cache: HIT
cdn-uid: 56a941db-1de6-4dd7-bd60-f93546463707
cache-control: max-age=31536000
cdn-requestid: 9481a10e976762fdc691ef5c7c4edc47
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK Script Show response
zsearch.zoomd.com/zoomd/SearchUi/ 44 KB
17 KB 122ms
25ms Script
application/x-javascript 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7cc13f04456886cbda69f821f3671e53c6fee1a537210e99f97ce0751d45dc71

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 14:45:57 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Last-Modified: Sun, 30 May 2021 14:45:58 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: public, max-age=3600
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 16793
Expires: Sun, 30 May 2021 15:45:58 GMT

GET
H2 200 sunstar.png
www.sunstar.com.ph/themes/sunstar/images/ 1 KB
1 KB 10ms
7ms Image
image/png 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunstar.com.ph/themes/sunstar/images/sunstar.png
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: e167c8a2724463ef585059cf9e0e1a01df907b0fd32da4cb85dbc324961ef36a

Request headers

:path: /themes/sunstar/images/sunstar.png
pragma: no-cache
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981; ats_referrer_history=%5B%22%22%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-sucuri-cache: HIT
content-length: 1042
pragma: public
last-modified: Wed, 08 May 2019 07:41:44 GMT
server: nginx
etag: "5cd28838-412"
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15004
accept-ranges: bytes
x-amz-cf-id: XCleVntytsmLzd-a2wku1zs1VO7xhjHPws8Qq9Jg264tL23thSo4Sg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 256710.jpg
www.sunstar.com.ph/uploads/images/2020/11/24/ 57 KB
57 KB 11ms
8ms Image
image/jpeg 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunstar.com.ph/uploads/images/2020/11/24/256710.jpg
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: f97e6da3052ea65a676751f25040ea2edcc4b6e3288d07f755973fc3a30189e5

Request headers

:path: /uploads/images/2020/11/24/256710.jpg
pragma: no-cache
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981; ats_referrer_history=%5B%22%22%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-sucuri-cache: HIT
content-length: 58027
pragma: public
last-modified: Tue, 24 Nov 2020 15:18:28 GMT
server: nginx
etag: "5fbd2444-e2ab"
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15004
accept-ranges: bytes
x-amz-cf-id: oLKGcvPpSx_6bU1oc9lq661k3_rr_EsE1FWf_1G9jh4I9LVi5octiQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48356
x-xss-protection: 0
server: cafe
etag: 3890051329819667200
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 30 May 2021 14:45:58 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 35ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 14:45:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 114
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28779
x-tw-cdn: VZ
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/6795)
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 26ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

70141b74810963b60fac0b9ffb71bab1fe4bee9a3552c2dc0fccfbdfc804afd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.sunstar.com.ph
Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Mw88klEkqFQ5FtZBA1cFng==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: krXyKrG3PfVmascpMZPqwdHHs1cORcLFz5yU3UTvRCi75Te3IpEvScv2nnXGz8bhzWd8Ih7mPD1tYnwKTyKzVQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 09eba283a4bd63eaed2d33bb6e753551
x-frame-options: DENY
date: Sun, 30 May 2021 14:45:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "453b7919f83860128d4d8739cbe1d3b6"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 30 May 2021 14:58:02 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 174 KB
58 KB 56ms
14ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 76c90c52171d1967d833b04ff7a7e7e36a719c329398a9efb972ecf79a659a9f

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
last-modified: Sun, 30 May 2021 10:15:31 GMT
etag: W/"2b962-HfZ7Jz6y59hhI9ZQeFYUBVNLxR4"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 91ea241bdd7df668c773d9517095ed0e
timing-allow-origin: *, *
content-length: 59145
expires: Sun, 30 May 2021 18:45:58 GMT

GET
H2 200 no-image-sunstar.png
www.sunstar.com.ph/themes/sunstar/images/ 4 KB
5 KB 14ms
11ms Image
image/png 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunstar.com.ph/themes/sunstar/images/no-image-sunstar.png
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: dbfc5965310cbe1a099f0174fbc5a2f3f648814fb2b52755d3c3e761ae28d1f9

Request headers

:path: /themes/sunstar/images/no-image-sunstar.png
pragma: no-cache
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981; ats_referrer_history=%5B%22%22%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
age: 365018
x-cache: Hit from cloudfront
x-sucuri-cache: HIT
content-length: 4494
pragma: public
last-modified: Tue, 14 May 2019 09:26:06 GMT
server: nginx
etag: "5cda89ae-118e"
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15004
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: xkgk7yiw_Jl9wUMP9B2SODllZNmXqomRRCrONh8s1wY80E8vVc2MZQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 39ms
11ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sun, 30 May 2021 14:45:58 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 script-one.min.js Show response
www.sunstar.com.ph/themes/sunstar/js/ 381 KB
125 KB 7ms
7ms Script
application/javascript 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunstar.com.ph/themes/sunstar/js/script-one.min.js?v2.44
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: 44937dec5d3b29880853567f13d86fdabecc926fcd3f60929d688ff0c74110fa

Request headers

:path: /themes/sunstar/js/script-one.min.js?v2.44
pragma: no-cache
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
age: 67018
x-cache: Hit from cloudfront
x-sucuri-cache: HIT
pragma: public
last-modified: Mon, 01 Jun 2020 09:08:26 GMT
server: nginx
etag: W/"5ed4c58a-5f56d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-sucuri-id: 15004
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: de9Iuge41YrVU542qEznn4cQxLX_wgMmDR3zStzyjx7gBEmMJI2OHA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 premium-popup.min.js Show response
www.sunstar.com.ph/themes/sunstar/js/ 1 KB
1 KB 8ms
8ms Script
application/javascript 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunstar.com.ph/themes/sunstar/js/premium-popup.min.js?v1.12
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: 0e3a5c1cc2fd4fcdc3aff4cbc12bf282223b1e786830f9d877082a781166d4e8

Request headers

:path: /themes/sunstar/js/premium-popup.min.js?v1.12
pragma: no-cache
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
age: 67018
x-cache: Hit from cloudfront
x-sucuri-cache: HIT
pragma: public
last-modified: Mon, 16 Nov 2020 06:32:11 GMT
server: nginx
etag: W/"5fb21ceb-58c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-sucuri-id: 15004
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 83qRzOQoQaXnh4-OyPyojS9Bpi8fT3dieOeIRhFudrr8TmK8A1E8nw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ 342 KB
134 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33df66ca469e2de5ae4723c4944b20fd37d65daa2f095b6ec2ff0d70ed6c3d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.sunstar.com.ph
Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 14:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85702
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136431
x-xss-protection: 0
last-modified: Tue, 25 May 2021 16:32:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 May 2022 14:57:36 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 50ms
13ms Script
application/javascript 13.226.159.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-111.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 2839112
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: cAzjxMrXbYcvMLhMORQdnyAiWdDHeYSE_wBQqa4ImwwyIKQOqdwn8Q==

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 12ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24156
x-fb-rlafr: 0
pragma: public
x-fb-debug: 6JXx8edxqWXjRmioYAonyZzOEC7kqs/bHqb2RpLnRVUG7X961gA3B0LfW7SOxA0ZY6t/ag6U0ofk2uXvfIW4oA==
x-frame-options: DENY
date: Sun, 30 May 2021 14:45:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 167 KB
40 KB 57ms
56ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/3ce7034c2709f8fc2447018f8fcc5b73636d0c17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37191f21e3dd1db20898df836eb549dff1a8969082852e8538a25a72e99e639c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 182564
last-modified: Fri, 21 May 2021 12:02:16 GMT
cf-request-id: 0a5f5635f4000063a1d3330000000001
cf-bgj: minify
server: cloudflare
etag: W/"60a7a148-29bcb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=691200
cf-ray: 6578bfcfe8c363a1-FRA
expires: Mon, 07 Jun 2021 14:45:58 GMT

GET
H3-29 200 pubads_impl_2021052401.js Show response
securepubads.g.doubleclick.net/gpt/ 309 KB
108 KB 33ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 May 2021 08:37:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110966
x-xss-protection: 0
expires: Sun, 30 May 2021 14:45:58 GMT

GET
H2 200 prebid.js Show response
anymind360.com/js/ 358 KB
111 KB 19ms
17ms Script
application/javascript 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/prebid.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/3181/ats.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5ccc3e785cd8e9b3f95a721637dd14595208dc56b4db19b788dc2ddc0262ede5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
age: 99896
x-guploader-uploadid: ABg5-Uytq5PkmtenW04i8ZbNc5MvFjUx0nmzqe6GKrTkEMeTqAEkKcRO8BIZTVL4NBINlBN6SaWj8ek90uo3s64apSY
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 113559
x-served-by: cache-tyo11974-TYO, cache-fra19160-FRA
access-control-allow-origin: *
expires: Sat, 29 May 2021 11:01:02 GMT
last-modified: Mon, 17 May 2021 06:14:58 GMT
server: UploadServer
x-timer: S1622385958.400882,VS0,VE0
etag: "524bc627fe4d28b82374d8b9428ccbfa"
vary: Accept-Encoding
x-goog-hash: crc32c=v22Bpg==, md5=UkvGJ/5NKLgjdNi5QozL+g==
x-goog-generation: 1621232098868361
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=43200
x-goog-stored-content-length: 113559
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 45814, 592

GET
H2 200 today-newspaper-blue.png
www.sunstar.com.ph/themes/sunstar/images/ 48 KB
48 KB 8ms
7ms Image
image/png 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunstar.com.ph/themes/sunstar/images/today-newspaper-blue.png
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: 9e467dc86ab4bfe0a0a040b5719a2a10200a355dc02085995006a00ff2f55c40

Request headers

:path: /themes/sunstar/images/today-newspaper-blue.png
pragma: no-cache
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981; ats_referrer_history=%5B%22%22%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-sucuri-cache: HIT
content-length: 48970
pragma: public
last-modified: Mon, 16 Dec 2019 09:36:58 GMT
server: nginx
etag: "5df7503a-bf4a"
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15004
accept-ranges: bytes
x-amz-cf-id: hWCpzgj2bLUNFS3yP87vCEVIhpIej6PR2d8B2CIXnb-_5w1VoI_8Bg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 subset-Ziggurat-HTF-Black.woff2
www.sunstar.com.ph/themes/sunstar/css/fonts/ 9 KB
9 KB 11ms
10ms Font
application/octet-stream 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunstar.com.ph/themes/sunstar/css/fonts/subset-Ziggurat-HTF-Black.woff2
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: 2334707ad893361a198494698b80017cbddd21ca1869c8af1ec00b827c5b53da

Request headers

sec-fetch-mode: cors
origin: https://www.sunstar.com.ph
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981; ats_referrer_history=%5B%22%22%5D
:path: /themes/sunstar/css/fonts/subset-Ziggurat-HTF-Black.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.sunstar.com.ph
Referer: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-sucuri-cache: HIT
content-length: 9132
pragma: public
last-modified: Wed, 08 May 2019 07:41:44 GMT
server: nginx
etag: "5cd28838-23ac"
content-type: application/octet-stream
cache-control: max-age=315360000
x-sucuri-id: 15004
accept-ranges: bytes
x-amz-cf-id: UT9sGCgY86nWGbXumcM9BL7EgiTNSFSfzqdJWnaTJWTODnk6wZOh3w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 subset-PublicoText-Bold.woff2
www.sunstar.com.ph/themes/sunstar/css/fonts/ 29 KB
29 KB 11ms
10ms Font
application/octet-stream 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunstar.com.ph/themes/sunstar/css/fonts/subset-PublicoText-Bold.woff2
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: 7fd5077294a7b81fb7d4dd9fd9b9e5ae59592790cb23d8ef7e8965de43f97285

Request headers

sec-fetch-mode: cors
origin: https://www.sunstar.com.ph
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981; ats_referrer_history=%5B%22%22%5D
:path: /themes/sunstar/css/fonts/subset-PublicoText-Bold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.sunstar.com.ph
Referer: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-sucuri-cache: HIT
content-length: 29592
pragma: public
last-modified: Wed, 08 May 2019 07:41:44 GMT
server: nginx
etag: "5cd28838-7398"
content-type: application/octet-stream
cache-control: max-age=315360000
x-sucuri-id: 15004
accept-ranges: bytes
x-amz-cf-id: 74UYn0i0ECfpctuxAgC403VbKcvtDrQTekrdw6MO2Y9amhnd2_U4_Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 subset-Gudea.woff2
www.sunstar.com.ph/themes/sunstar/css/fonts/ 8 KB
9 KB 12ms
11ms Font
application/octet-stream 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunstar.com.ph/themes/sunstar/css/fonts/subset-Gudea.woff2
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: fe9188bb781bd7510b839627bec1cf19ed8cf6c624c52748a76e9267135b9135

Request headers

sec-fetch-mode: cors
origin: https://www.sunstar.com.ph
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981; ats_referrer_history=%5B%22%22%5D
:path: /themes/sunstar/css/fonts/subset-Gudea.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.sunstar.com.ph
Referer: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-sucuri-cache: HIT
content-length: 8456
pragma: public
last-modified: Wed, 08 May 2019 07:41:44 GMT
server: nginx
etag: "5cd28838-2108"
content-type: application/octet-stream
cache-control: max-age=315360000
x-sucuri-id: 15004
accept-ranges: bytes
x-amz-cf-id: JWs2I_LdLUTrbhlaRQcqelAOwRk8kMTNZKTMNwhBDohLvOdy3O7VAA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome-webfont.woff2
www.sunstar.com.ph/css/font-awesome/fonts/ 75 KB
76 KB 12ms
11ms Font
application/octet-stream 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunstar.com.ph/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-fetch-mode: cors
origin: https://www.sunstar.com.ph
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981; ats_referrer_history=%5B%22%22%5D
:path: /css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.sunstar.com.ph
Referer: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-sucuri-cache: HIT
content-length: 77160
pragma: public
last-modified: Wed, 08 May 2019 07:41:44 GMT
server: nginx
etag: "5cd28838-12d68"
content-type: application/octet-stream
cache-control: max-age=315360000
x-sucuri-id: 15004
accept-ranges: bytes
x-amz-cf-id: Itwn3BRzI0-RDGxJ8MegQLjKfDJr0ulB-n8GknsEfRmFPaf1O2sKHQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 subset-TungstenNarrow-Medium.woff2
www.sunstar.com.ph/themes/sunstar/css/fonts/ 8 KB
9 KB 9ms
7ms Font
application/octet-stream 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunstar.com.ph/themes/sunstar/css/fonts/subset-TungstenNarrow-Medium.woff2
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: 3e913b4a7d16ac35ebe8a9830bdd24f0f1e6d20b92ebaf8552c9f24d319209be

Request headers

sec-fetch-mode: cors
origin: https://www.sunstar.com.ph
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981; ats_referrer_history=%5B%22%22%5D
:path: /themes/sunstar/css/fonts/subset-TungstenNarrow-Medium.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.sunstar.com.ph
Referer: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-sucuri-cache: HIT
content-length: 8680
pragma: public
last-modified: Wed, 08 May 2019 07:41:44 GMT
server: nginx
etag: "5cd28838-21e8"
content-type: application/octet-stream
cache-control: max-age=315360000
x-sucuri-id: 15004
accept-ranges: bytes
x-amz-cf-id: LCqwgkT950zSpY-E1f0HPuUEg9J2Q_jCPUnx4enHtDrdfLO2IsgVIw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 subset-Tungsten-Medium.woff2
www.sunstar.com.ph/themes/sunstar/css/fonts/ 8 KB
8 KB 9ms
7ms Font
application/octet-stream 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunstar.com.ph/themes/sunstar/css/fonts/subset-Tungsten-Medium.woff2
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: c5068c06c792db4bfb097befce2427c85ed094392d1f9721e09ee7af0ade1387

Request headers

sec-fetch-mode: cors
origin: https://www.sunstar.com.ph
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981; ats_referrer_history=%5B%22%22%5D
:path: /themes/sunstar/css/fonts/subset-Tungsten-Medium.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.sunstar.com.ph
Referer: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-sucuri-cache: HIT
content-length: 8200
pragma: public
last-modified: Wed, 08 May 2019 07:41:44 GMT
server: nginx
etag: "5cd28838-2008"
content-type: application/octet-stream
cache-control: max-age=315360000
x-sucuri-id: 15004
accept-ranges: bytes
x-amz-cf-id: rvx0nn7RxF6NaAJ28FNIlcDLzIEqa1lHPANkMC4QQgB9yTQyidd6EA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ 232 KB
86 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2836569479021745&plah=www.sunstar.com.ph&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87658
x-xss-protection: 0
server: cafe
etag: 5316214545020586774
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 30 May 2021 14:45:58 GMT

GET
H2 200 subset-BoomerExtraCond-Light.woff2
www.sunstar.com.ph/themes/sunstar/css/fonts/ 12 KB
12 KB 7ms
7ms Font
application/octet-stream 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunstar.com.ph/themes/sunstar/css/fonts/subset-BoomerExtraCond-Light.woff2
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: 061992b47c54dbe1a6cf3523a8390a142220fd31331c3eeacf7d4cca416bdc66

Request headers

sec-fetch-mode: cors
origin: https://www.sunstar.com.ph
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981; ats_referrer_history=%5B%22%22%5D
:path: /themes/sunstar/css/fonts/subset-BoomerExtraCond-Light.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.sunstar.com.ph
Referer: https://www.sunstar.com.ph/themes/sunstar/css/style-one.min.css?v8.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-sucuri-cache: HIT
content-length: 11852
pragma: public
last-modified: Wed, 08 May 2019 07:41:44 GMT
server: nginx
etag: "5cd28838-2e4c"
content-type: application/octet-stream
cache-control: max-age=315360000
x-sucuri-id: 15004
accept-ranges: bytes
x-amz-cf-id: xzs8765tiB22vNv7tnuGQn-U9FwVoolq8FSWKqbaAnCXj_rXkD_x0w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/ Frame AB64 10 KB
4 KB 6ms
5ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210524/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 29 May 2021 20:29:24 GMT
expires: Sat, 12 Jun 2021 20:29:24 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 65794
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 218 KB
64 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1a0614939c6fd9c4e1eafb36c2df02cf&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e93e3959d3e0558aaa18605044cce85af709e94bd6542adfaba733960576df08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.sunstar.com.ph
Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 6m9+W6PdlVyLQonpfUs0eg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65693
x-fb-rlafr: 0
x-fb-debug: Eo6jVjBbVwIIk8VKaZvO4vY9Ji++AFujV8aFTv3DRYVDMEQQfEdx7AD83myFjSMo3wc1lX5wiYWpLGD+v7xL3g==
x-fb-content-md5: c19feae949a495f490f92b719f6cd445
x-frame-options: DENY
date: Sun, 30 May 2021 14:45:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "0cdb7748848d0ca88b28c948bce56e82"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 30 May 2022 14:24:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-308175-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1146
date: Sun, 30 May 2021 14:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 30 May 2021 16:26:52 GMT

GET
H3-29 200 319691251551515 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/319691251551515?v=2.9.40&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

82bb4b6608706721f71ca285d3b341e98428830530b45b8524c624a673b8d3a5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74089
x-fb-rlafr: 0
pragma: public
x-fb-debug: I7UGUD4yqssQC+O2er8pzoek2BA7xGaI1BQGNExYMOluqt4YKoYe3fZ8gWU5Q6sJbv6MWgFpMHZ8ir/d1ucg8Q==
x-frame-options: DENY
date: Sun, 30 May 2021 14:45:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 4D3B 416 B
799 B 16ms
15ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1622370201.07582"
last-modified: Sun, 30 May 2021 10:15:10 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Sun, 30 May 2021 14:45:58 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1622385958~rv=39~id=e40394d547be54c14bcc0a4c5ad9f0e2; path=/; Expires=Sun, 30 May 2021 14:45:58 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3LnN1bnN0YXIuY29tLnBo Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 23ms
7ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnN1bnN0YXIuY29tLnBo
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 14:45:58 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=35887
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: d0ae1dbf308842b6c4be1de29f0343ff
Content-Length: 15
Expires: Mon, 31 May 2021 00:44:05 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
452 B 16ms
14ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=7.4577838404807775
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Tue, 29 Jun 2021 14:45:58 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 43ms
13ms Image
image/gif 13.226.159.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=2%20trucks%20collide%2C%20catch%20fire%3B%204%20dead%20-%20SUNSTAR&time=1622385958648&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&random_number=13612780362&sess_cookie=7c0fdae6179bdbd1ef887b166b4&sess_cookie_flag=1&user_cookie=7c0fdae6179bdbd1ef887b166b4&user_cookie_flag=1&dynamic=true&domain=sunstar.com.ph&account=VLrBe1awy400qZ&jsv=20130128&user_lang=en-US
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-129.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 05:39:39 GMT
Via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 32780
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: DUS51-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: KkzGN12CXd5Fh4ctihrN63QynPQQhzgZ4UXXElP5oN8NlUDEf5FyxQ==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
49 B 515ms
170ms Image
text/plain 54.213.1.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.1.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-1-67.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
server: Server

GET
H/1.1 200
OK admanager.js Show response
cdn.innity.net/ Frame 083C 10 KB
4 KB 14ms
14ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/admanager.js
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3cbc91b08f13856bfdca4216f4827f45654ee8c4daa770f79767d967595194a7

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 14:45:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Feb 2019 01:30:07 GMT
Server: Apache
ETag: "2833-5825d6a16c5c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3259
Expires: Mon, 31 May 2021 14:45:58 GMT

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame F23B 319 KB
103 KB 7ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.sunstar.com.ph
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.sunstar.com.ph/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 297204
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 30 May 2021 14:45:58 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6760)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 zd_w_s_loading.css
60a6ae725fca.bitsngo.net/content/ 907 B
666 B 26ms
7ms Stylesheet
text/css 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/zd_w_s_loading.css?ver=4.0.v20210513115757.080845.023915
Requested by: Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F10) / ASP.NET
Resource Hash: df2f130ebaf879966d5e5e8e8623f57a217befe98549db88445fea1e2e1a5797

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
etag: "05c83cfee47d71:0"
last-modified: Thu, 13 May 2021 11:55:04 GMT
server: ECAcc (frc/8F10)
age: 248785
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 470

GET
H2 200 jquery.tap.min.js Show response
60a6ae725fca.bitsngo.net/common-scripts/ 2 KB
1 KB 29ms
11ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/common-scripts/jquery.tap.min.js
Requested by: Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FFE) / ASP.NET
Resource Hash: 3d9b4c1e21f076d905f1b85a541dda587ee989d1516f1465c6c6ded005cb99a8

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
etag: "05c83cfee47d71:0"
last-modified: Thu, 13 May 2021 11:55:04 GMT
server: ECAcc (frc/8FFE)
age: 329795
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 1130

GET
H2 200 zoomd.widget.loader.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/ 37 KB
13 KB 29ms
11ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/zoomd.widget.loader.min.js?ver=4.0.v20210513115757.080845.023915
Requested by: Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F93) / ASP.NET
Resource Hash: 6ceb80df4a2a09a64c6506bea46609e055f2043c2960b72a82e5e2388e016a86

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
etag: "0b5603eef47d71:0"
last-modified: Thu, 13 May 2021 11:58:10 GMT
server: ECAcc (frc/8F93)
age: 248785
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 12755

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
644 B 38ms
15ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.sunstar.com.ph&callback=_gfp_s_&client=ca-pub-2836569479021745

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2836569479021745&plah=www.sunstar.com.ph&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

de5d9ed7562b102a9eba10fd74f7d66e9c40b988c5e5cf934e79048f1607009f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
166 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunstar.com.ph

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 17ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunstar.com.ph

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1DFD 69 KB
23 KB 344ms
342ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836569479021745&output=html&h=250&slotname=8474512511&adk=2158727077&adf=2715190138&pi=t.ma~as.8474512511&w=300&lmt=1622385958&psa=0&format=300x250&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958480&bpp=1&bdt=164&idt=210&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7462738919940&frm=20&pv=2&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AhEKIIJsV9&p=https%3A//www.sunstar.com.ph&dtd=256

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e8ea15dea24cccc8818c608809d02d3a0594b00f130ceaf48ef58da95896a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2836569479021745&output=html&h=250&slotname=8474512511&adk=2158727077&adf=2715190138&pi=t.ma~as.8474512511&w=300&lmt=1622385958&psa=0&format=300x250&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958480&bpp=1&bdt=164&idt=210&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7462738919940&frm=20&pv=2&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AhEKIIJsV9&p=https%3A//www.sunstar.com.ph&dtd=256
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 30 May 2021 14:45:59 GMT
server: cafe
content-length: 23706
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 30-May-2021 15:00:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 May 2021 14:45:59 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028727180027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Sun, 30 May 2021 14:45:58 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 45ms
15ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 55B3FEF853787171
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7844
accept-ranges: bytes
content-length: 948
x-amz-id-2: Q642xTOmaMfnUx2ik9Ebqcgrzdt4CToIbGwQRcj5CmFnPJgGu8/7rMnrJ24M1JCzksF1mp5w/wU=

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=206844708&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&ul=en-us&de=UTF-8&dt=2%20trucks%20collide%2C%20catch%20fire%3B%204%20dead%20-%20SUNSTAR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1855148842&gjid=73958472&cid=308863201.1622385959&tid=UA-308175-1&_gid=1181900130.1622385959&_r=1&gtm=2ou5q1&z=1261971193

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 49 KB
20 KB 36ms
8ms Script
text/javascript 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-194.datapacket.com
Software: BunnyCDN-DE1-713 /
Resource Hash: 4f65c38ed3681b49cf4f86c0e1fcd4143fa78015121b20e69e11c1c422dd0bfa

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: br
cdn-edgestorageid: 632
cdn-cachedat: 2021-05-30 16:41:44
cdn-pullzone: 62714
cheq_headers_order: Content-Type Cache-Control Expires Etag Date Connection Content-Length
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: 2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control: public, max-age=43200
cdn-requestid: 8472e32b24668cd95c178884610f6d4b
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f31df3545a3dbd5c6f919c99ecb73f9e1837f1d987917093a68a84f2ac3107a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 389 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbf2a527971cec70abee81dc6c0aefb363a93bce31b5237b13f389fcd489dd82

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 376 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 399f8348cc63a4853d4ff0536a5e7ec0f3c1e7fb6ab5d837db6ea4858b872f4a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5EF3 603 B
68 B 35ms
35ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836569479021745&output=html&h=100&slotname=7994613701&adk=471501679&adf=1831644903&pi=t.ma~as.7994613701&w=320&lmt=1622385958&psa=0&format=320x100&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958481&bpp=1&bdt=165&idt=340&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=7462738919940&frm=20&pv=1&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mNm9Ju2ynZ&p=https%3A//www.sunstar.com.ph&dtd=344

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2836569479021745&output=html&h=100&slotname=7994613701&adk=471501679&adf=1831644903&pi=t.ma~as.7994613701&w=320&lmt=1622385958&psa=0&format=320x100&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958481&bpp=1&bdt=165&idt=340&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=7462738919940&frm=20&pv=1&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mNm9Ju2ynZ&p=https%3A//www.sunstar.com.ph&dtd=344
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 30 May 2021 14:45:58 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 30-May-2021 15:00:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 May 2021 14:45:58 GMT
cache-control: private

GET
H2 200 /
www.facebook.com/tr/ 44 B
299 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=178272608902063&ev=fb_page_view&dl=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&rl=&if=false&ts=1622385958830&sw=1600&sh=1200&at=

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 30 May 2021 14:45:58 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=319691251551515&ev=PageView&dl=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&rl=&if=false&ts=1622385958843&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.2.1622385958840.554969166&it=1622385958562&coo=false&exp=l0&rqm=GET

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 30 May 2021 14:45:58 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 42ms
14ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sunstar.com.ph%2F&domain=www.sunstar.com.ph&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.sunstar.com.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.sunstar.com.ph
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1687
date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sunstar.com.ph%2F&domain=www.sunstar.com.ph&cw=1
https://mug.criteo.com/sid?cpp=baHtlnxKcmdWYlM1L1h2NHc2aEVUanE4eXlORHQwOWpkK3lWbmhUcklkYkhQM3pqcTBvUkJiNUpZMEloQ1dqWkxzUjhxMlhtTFZwWWlaYWxHZDhsalo1SnJ4b1ZzQUxWTzVZNmVacFJNVnQ2L0tDdWRuYTUyZzVzZHZ1MV...

360 B
637 B

42ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=baHtlnxKcmdWYlM1L1h2NHc2aEVUanE4eXlORHQwOWpkK3lWbmhUcklkYkhQM3pqcTBvUkJiNUpZMEloQ1dqWkxzUjhxMlhtTFZwWWlaYWxHZDhsalo1SnJ4b1ZzQUxWTzVZNmVacFJNVnQ2L0tDdWRuYTUyZzVzZHZ1MVdLYWdISUN3YVNaa2hYeDdISE5YVGVPRUluT3d4RDhGSFUwOWtHWVRkMGQ4WkRhUUV2UTlUOHNiTmFNbkpINElCSmxVNW5mZ3JQNTJrSjcvQ0tXcG1vOGFTZXlkMlNEeWdzaFlLdk1aRFQ3UFRXU1BMSEh3PXw&cppv=2

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

c89e481d4474e7e8c07541503abebcc1f933cee07873802fb9bf09d3a15670f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 30 May 2021 14:45:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2041
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 30 May 2021 14:45:58 GMT
location: https://mug.criteo.com/sid?cpp=baHtlnxKcmdWYlM1L1h2NHc2aEVUanE4eXlORHQwOWpkK3lWbmhUcklkYkhQM3pqcTBvUkJiNUpZMEloQ1dqWkxzUjhxMlhtTFZwWWlaYWxHZDhsalo1SnJ4b1ZzQUxWTzVZNmVacFJNVnQ2L0tDdWRuYTUyZzVzZHZ1MVdLYWdISUN3YVNaa2hYeDdISE5YVGVPRUluT3d4RDhGSFUwOWtHWVRkMGQ4WkRhUUV2UTlUOHNiTmFNbkpINElCSmxVNW5mZ3JQNTJrSjcvQ0tXcG1vOGFTZXlkMlNEeWdzaFlLdk1aRFQ3UFRXU1BMSEh3PXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1434
content-length: 482
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 62ms
17ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 63ms
18ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 73ms
21ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 72ms
21ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 72ms
21ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 71ms
19ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 78ms
17ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 78ms
17ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 303 B
666 B 95ms
25ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 28ddce2a241e05365f0439a31ac7c67b33eb292fb18ac12b2566373c714aaa40

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 3%3b10%3b109
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 91ms
20ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 129ms
57ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 92ms
20ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 93ms
16ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 94ms
17ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 111ms
20ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 112ms
21ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 108ms
16ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 303 B
664 B 119ms
25ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 28ddce2a241e05365f0439a31ac7c67b33eb292fb18ac12b2566373c714aaa40

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 3%3b3%3b84
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 303 B
664 B 117ms
24ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 28ddce2a241e05365f0439a31ac7c67b33eb292fb18ac12b2566373c714aaa40

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 3%3b2%3b93
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 303 B
664 B 135ms
27ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 28ddce2a241e05365f0439a31ac7c67b33eb292fb18ac12b2566373c714aaa40

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 3%3b4%3b64
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 303 B
664 B 135ms
25ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 28ddce2a241e05365f0439a31ac7c67b33eb292fb18ac12b2566373c714aaa40

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 3%3b9%3b92
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 303 B
666 B 136ms
25ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 28ddce2a241e05365f0439a31ac7c67b33eb292fb18ac12b2566373c714aaa40

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 3%3b23%3b144
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 137ms
20ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
326 B 135ms
18ms XHR
application/json 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
119 B 119ms
86ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunstar.com.ph
date: Sun, 30 May 2021 14:45:57 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
377 B 300ms
198ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=503783&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22517bc4828d8df6e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A6%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A6%2C%22ren%22%3Afalse%2C%22version%22%3A%224.38.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2252652d4f1441f79%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503783%22%2C%22sid%22%3A%2221897294902%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2255abf4876789324%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503783%22%2C%22sid%22%3A%2221897294902%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2258de18803dc165%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503783%22%2C%22sid%22%3A%2221897299747%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2259c4e2e44604aad%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503783%22%2C%22sid%22%3A%2221897299747%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22627028a4ff0e565%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503783%22%2C%22sid%22%3A%2221897299747%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2263f295828f06d6e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503783%22%2C%22sid%22%3A%2221897299747%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22644f9cd39a43691%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503783%22%2C%22sid%22%3A%2222013165251%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2265fdce2a818e4a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503783%22%2C%22sid%22%3A%2222013165251%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2268336598a8f54f7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503783%22%2C%22sid%22%3A%2222067763013%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22726a55021a105d7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503783%22%2C%22sid%22%3A%2221896041195%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2273d86e5a22da394%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503783%22%2C%22sid%22%3A%2221896041195%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2274fd43bc9ef17b1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503783%22%2C%22sid%22%3A%2222125068126%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2275c02e27ca07a7b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503783%22%2C%22sid%22%3A%2222125068126%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7a98a93d3da2cc35938854f518019bafffbf77b8065d71bba87272203229046b

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[152.89.163.12], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sunstar.com.ph
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 12
expires: Sun, 30 May 2021 14:45:59 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
753 B 24ms
8ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:45:58 GMT
X-Proxy-Origin: 152.89.163.12; 152.89.163.12; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.151:80
AN-X-Request-Uuid: 9e54b28b-fe14-4090-923b-4e5ba4c54870
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sunstar.com.ph
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
753 B 23ms
8ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:45:58 GMT
X-Proxy-Origin: 152.89.163.12; 152.89.163.12; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.106:80
AN-X-Request-Uuid: 9e293639-f96d-4bb2-90a8-0c768bebbd5d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sunstar.com.ph
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
148 B 142ms
105ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=58830223793
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunstar.com.ph
date: Sun, 30 May 2021 14:45:58 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 arj Show response
adasia-d.openx.net/w/1.0/ 173 B
562 B 75ms
18ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adasia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2e87bf7a-7914-44be-b9fd-f96e767210c1%2C72b3099d-cb41-4b08-a585-de91f8683c5c%2C11326ab4-b1d6-413f-bb61-816e9ba04418%2C4b686b16-49f7-4476-973a-1a4a5a6f45c2%2C0b0ad6c5-f5c0-48ed-bea3-76d4639050ab%2C65b48b30-eef9-4a08-bd53-e7bcfc15dcb5&nocache=1622385958896&schain=1.0%2C1!any-digital.com%2C3181%2C1%2C%2C%2C&aus=728x90%2C640x360%7C728x90%2C640x360%2C300x250%2C336x280%7C300x250%2C336x280%7C728x90%7C160x600%2C120x600%7C970x90%2C728x90&divIds=ats-insert_ads-2%2Cats-insert_ads-3%2Cats-insert_ads-4%2Cats-insert_ads-5%2Cats-insert_ads-6%2Cats-insert_ads-7&auid=542526078%2C542526081%2C542526083%2C542526086%2C542526089%2C542526095
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 0c582e20f0314afac4495fb9bff3af2d949705e90b5d3c4595fa11cdf00480c5

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-308175-1&cid=308863201.1622385959&jid=1855148842&gjid=73958472&_gid=1181900130.1622385959&_u=YAhAAUAAAAAAAC~&z=1563792486

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 30 May 2021 14:45:58 GMT
content-type: text/plain
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1877981 Show response
www.sunstar.com.ph/ajax/article_count/ 46 B
549 B 204ms
204ms XHR
text/html 192.124.249.104
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunstar.com.ph/ajax/article_count/1877981?ts=1622385958901
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.104 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10104.sucuri.net
Software: nginx /
Resource Hash: 906b8ec7d6f04c5f4a8e7a1c7f2468554f85422feb2144ae747365327432431b

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: device=web; device_used=web; device_type=web; USER_COUNTRY_CODE=IE; p_stats_monthly=1877981; ats_referrer_history=%5B%22%22%5D; __asc=7c0fdae6179bdbd1ef887b166b4; __auc=7c0fdae6179bdbd1ef887b166b4; _ga=GA1.3.308863201.1622385959; _gid=GA1.3.1181900130.1622385959; _gat_gtag_UA_308175_1=1; _fbp=fb.2.1622385958840.554969166; _pbjs_userid_consent_data=3524755945110770
:path: /ajax/article_count/1877981?ts=1622385958901
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.sunstar.com.ph
referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA2-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-sucuri-cache: BYPASS
x-sucuri-id: 15004
set-cookie: device=web; expires=Sun, 30-May-2021 15:15:58 GMT; path=/ device_used=web; expires=Sun, 30-May-2021 15:15:58 GMT; path=/ device_type=web; expires=Sun, 30-May-2021 15:15:58 GMT; path=/ desktop
x-device: desktop
x-amz-cf-id: qGgJwPcQ5QLbweWoO7rOOwDeT5fW_yUm-LAUa9yt4IjQr9TcayAD5w==

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ Frame 083C 463 B
1 KB 1040ms
268ms Script
text/javascript 149.129.240.178
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1622385958904&ver=1&pub=a64a034c3cb8eac64eb46ea474902797&zone=95204&output=js&flash=0&url=www.sunstar.com.ph&width=*&height=*&vpw=1600&vph=1200&auction=43ff837-c91d682
Requested by: Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: ee392a7db7c7c077f737a6a0b6b5354e856268c6a72b14cdc183979743ef124a

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:45:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 May 2021 14:45:59 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Type: text/javascript; charset=utf-8
Content-Length: 297
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E0D3 68 KB
19 KB 1015ms
1015ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836569479021745&output=html&h=300&slotname=5503418676&adk=3545999935&adf=2677233012&pi=t.ma~as.5503418676&w=300&lmt=1622385958&psa=0&format=300x300&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958541&bpp=1&bdt=225&idt=364&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C320x100&correlator=7462738919940&frm=20&pv=1&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hhjy02jNRp&p=https%3A//www.sunstar.com.ph&dtd=368

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35f0c2b5a21bdda4cd593d0c7ac31b0c8936a5a1cd350ff74d072334576d6ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2836569479021745&output=html&h=300&slotname=5503418676&adk=3545999935&adf=2677233012&pi=t.ma~as.5503418676&w=300&lmt=1622385958&psa=0&format=300x300&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958541&bpp=1&bdt=225&idt=364&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C320x100&correlator=7462738919940&frm=20&pv=1&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hhjy02jNRp&p=https%3A//www.sunstar.com.ph&dtd=368
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 30 May 2021 14:45:59 GMT
server: cafe
content-length: 19066
x-xss-protection: 0
set-cookie: IDE=AHWqTUnVzRhoUeWsg2cacFsUCWsXl-2MfKZ-srMkDwY7jCyYtSMFVwmxD8IK111TLXA; expires=Fri, 24-Jun-2022 14:45:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 May 2021 14:45:59 GMT
cache-control: private

GET
H2 200 uuid.min.js Show response
cdnjs.cloudflare.com/ajax/libs/node-uuid/1.4.8/ 2 KB
1 KB 16ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/node-uuid/1.4.8/uuid.min.js

Requested by

Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87b3e2271b71b1fefe56400637a37ef3fd2a66b84aee860973fa60b839d8262e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4177706
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1095
cf-request-id: 0a5f56380a00004a8001a07000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FX1RSH2l1fT0bNrr92%2FUo8TWkMQzWHCOJ62qLPTwThLPvdv3IJfrDXc5yBDKY3wtHcD0mb5yMlKitTzTtsRr9UiM0rbmuxrg9XWSYo0kkTqPIX2NQ7xNa9myHsX9Mhs3p3b1D3nnwseoLu0xuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6578bfd34d634a80-FRA
expires: Fri, 20 May 2022 14:45:58 GMT

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 4D3B 610 B
993 B 14ms
14ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1622370201.874622"
last-modified: Sun, 30 May 2021 10:15:10 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Sun, 30 May 2021 14:45:58 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1622385958~rv=48~id=ab27cffb8a7217f09787dece4a650e29; path=/; Expires=Sun, 30 May 2021 14:45:58 GMT; Secure; SameSite=None

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 40ms
37ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-308175-1&cid=308863201.1622385959&jid=1855148842&_u=YAhAAUAAAAAAAC~&z=1205982013

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 32ms
29ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-308175-1&cid=308863201.1622385959&jid=1855148842&_u=YAhAAUAAAAAAAC~&z=1205982013

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 50ms
14ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 981
date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 3 KB
2 KB 352ms
154ms Script
text/javascript 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=942226502241615029080701412651108405962082709229921993250011206118&nc=0&tsf=0&tsfmi=&pv=0&cb=1622385959107&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2826626440&at=&bid=e30%3D&di=W1siZWYiLDM4MDVdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFstMSwiLSJdLFstMiwiMTAs%0D%0AWEh4ZzFqMHpFbEFRd0oxUUVja3Z6b3ZiY0FJWlNFRWpBaEpJUVFCd2dsOUY0Q0JBZ1FXZ2lkMExI%0D%0AQkJlT0dqYnZYM3FZeU02Lyt2enZTN0dvWEd3aC8rYk1samJUeWFvN09QZiJdLFstMywiW10iXSxb%0D%0ALTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJnb29nbGV0YWdcIixcIl9fX2dy%0D%0AZWNhcHRjaGFfY2ZnXCIsXCJncmVjYXB0Y2hhXCIsXCJfX3JlY2FwdGNoYV9hcGlcIixcIl9fZ29v%0D%0AZ2xlX3JlY2FwdGNoYV9jbGllbnRcIixcIiRcIixcImpRdWVyeVwiLFwiZ3RhZ1wiLFwiZGF0YUxh%0D%0AeWVyXCIsXCJfYXRya19vcHRzXCIsXCJmYnFcIixcIl9mYnFcIixcIl9penFcIixcImNvbnRhaW5l%0D%0AclwiLFwiX2l6QWx0XCIsXCJfaXpcIixcIml6Q29uZmlnXCIsXCJnZ2VhY1wiLFwiZ29vZ2xlX2pz%0D%0AX3JlcG9ydGluZ19xdWV1ZVwiLFwic2V0SW1tZWRpYXRlXCIsXCJjbGVhckltbWVkaWF0ZVwiLFwi%0D%0AcGJqc1wiLFwic2FzXCIsXCJzdGFydEFueW1pbmRUU1wiLFwiYW55bWluZFRTXCIsXCJpbm5pdHlf%0D%0AYWRab25lQXN5bmNcIixcImFkc2J5Z29vZ2xlXCIsXCJnb29nbGVfdGFnX21hbmFnZXJcIixcImdv%0D%0Ab2dsZV9zcnRcIixcImdvb2dsZV9sb2dnaW5nX3F1ZXVlXCIsXCJnb29nbGVfYWRfbW9kaWZpY2F0%0D%0AaW9uc1wiLFwiZ29vZ2xlX21lYXN1cmVfanNfdGltaW5nXCIsXCJnb29nbGVfcmVhY3RpdmVfYWRz%0D%0AX2dsb2JhbF9zdGF0ZVwiLFwiX2dmcF9hX1wiLFwiZ29vZ2xlX3NhX3F1ZXVlXCIsXCJnb29nbGVf%0D%0Ac2xfd2luXCIsXCJnb29nbGVfcHJvY2Vzc19zbG90c1wiLFwiZ29vZ2xlX2FwbHRsYWRcIixcImdv%0D%0Ab2dsZV9zcGZkXCIsXCJnb29nbGVfbHBhYnljXCIsXCJnb29nbGVfdW5pcXVlX2lkXCIsXCJnb29n%0D%0AbGVfc3ZfbWFwXCIsXCJGQlwiLFwiX190d3R0cmxsXCIsXCJ0d3R0clwiLFwiX190d3R0clwiLFwi%0D%0AZ29vZ2xlX3VzZXJfYWdlbnRfY2xpZW50X2hpbnRcIixcImdvb2dsZV90YWdfZGF0YVwiLFwiR29v%0D%0AZ2xlQW5hbHl0aWNzT2JqZWN0XCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwi%0D%0ALSJdLFstOSwiLSJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlw%0D%0AdGlvblwiLFwia2V5d29yZHNcIixcIklka2V5d29yZHNcIixcInR3aXR0ZXI6dGl0bGVcIixcInR3%0D%0AaXR0ZXI6ZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwidHdp%0D%0AdHRlcjp0aXRsZVwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJudWxsIl0sWy0x%0D%0AMywiLSJdLFstMTQsIntcIm9cIjowLjAwODIzMDQ1MjY3NDg5NzEyfSJdLFstMTUsIi0iXSxbLTE2%0D%0ALCIwIl0sWy0xNywiMTYiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwy%0D%0ANCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAs%0D%0AMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIzMDg4NjMyMDEuMTYyMjM4NTk1OSJdLFstMjEsIjYzeGNP%0D%0AcEJSIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0i%0D%0AXSxbLTI2LCJ7XCJ0amhzXCI6MjMxMDAwMDAsXCJ1amhzXCI6MjE3MDAwMDAsXCJqaHNsXCI6Mzc2%0D%0AMDAwMDAwMH0iXSxbLTI3LCJbMCw5LjMsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyJdLFst%0D%0AMjksIntcInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAsMiwwLDIsMCwwLDIsMiwyLDIsMF19Il0sWy0z%0D%0AMCwiW1widlwiLDBdIl0sWy0zMSwidHJ1ZSJdLFstMzIsIjIiXSxbLTMzLCItIl0sWy0zNCwiLSJd%0D%0ALFstMzUsIlsxNjIyMzg1OTU4OTk3LC0yXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0z%0D%0ANywiLSJdLFstMzgsImksLTEsLTEsMzI3LDAsMSwwLDYsMTYsMTgsMzY1LDAsNDY0LjEsNDY0LjEs%0D%0AMTA1MCwxMDUwIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIs%0D%0AXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzMiXSxb%0D%0ALTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAx%0D%0AMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIjYyMCwwLDAsMCwwLDAsNzYyLDAsNjQ4LDAsMCww%0D%0ALDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3%0D%0ALCJFdXJvcGUvQmVybGluLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0i%0D%0AXSxbImJuY2giLDEzOV1d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A653%2C%22y%22%3A1931%2C%22w%22%3A0%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=LSZ0l08eo3&sdd=%7B%7D&pto=1162
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 523b16081817475f71c997756f6f0b6b3d82dfa7ac98c788489c13f8a3c0ba07

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: gzip
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length: 1590
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zoomd.widget.logger.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/ 9 KB
4 KB 9ms
8ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/zoomd.widget.logger.min.js?ver=4.0.v20210513115757.080845.023915
Requested by: Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F42) / ASP.NET
Resource Hash: c75f65c26c8627f92d561c1574e598ce07ccfae2f3f19cb24b59437f95658259

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: gzip
etag: "0b5603eef47d71:0"
last-modified: Thu, 13 May 2021 11:58:10 GMT
server: ECAcc (frc/8F42)
age: 248786
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 4104

GET
H2 200 css
fonts.googleapis.com/ Frame 1DFD 6 KB
767 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836569479021745&output=html&h=250&slotname=8474512511&adk=2158727077&adf=2715190138&pi=t.ma~as.8474512511&w=300&lmt=1622385958&psa=0&format=300x250&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958480&bpp=1&bdt=164&idt=210&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7462738919940&frm=20&pv=2&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AhEKIIJsV9&p=https%3A//www.sunstar.com.ph&dtd=256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 May 2021 13:26:23 GMT
server: ESF
date: Sun, 30 May 2021 14:45:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 May 2021 14:45:59 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F23B 256 B
444 B 135ms
118ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=41440fa8acbe0e48c9d592889e5f2d8ca86f44d9

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.sunstar.com.ph

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:58 GMT
content-encoding: gzip
last-modified: Sun, 30 May 2021 14:45:59 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 987b7b27fb56cabc7ff0572b9bcc978c5dd39fcc3f3d947ddff003c55541fdcb
content-length: 176

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 1DFD 1 KB
992 B 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:38:56 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 1DFD 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:44:58 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 1DFD 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:38:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DFD 121 KB
37 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sun, 30 May 2021 14:45:59 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 1DFD 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:45:53 GMT

GET
H3-29 200 7d9aee27bee51cf015d1b4a8dc2025e1.js Show response
www.gstatic.com/mysidia/ Frame 1DFD 25 KB
10 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7d9aee27bee51cf015d1b4a8dc2025e1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 06:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 17:49:14 GMT
server: sffe
age: 28301
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10414
x-xss-protection: 0
expires: Sat, 28 Aug 2021 06:54:18 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1DFD 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ck6JmJqWzYMzuLobH1fAP6qOjsAH48df5YoPLh6LwDb_hHhABII6QjgJglQKgAeeJ_sEByAEJqAMByAPLBKoEpAJP0Ip1x0dLMJkrpDY7uz2gFE-aTLMGrlH85QmS2XZVZSIowJagZ5wLXb9sFeAhN_DmEPX2-oLvWW1Nist28Q5joWbHB-3E3G0pqsLLW8mis_Nh2C2xDsHjHJRwExnPNlBVq1m04RLTzp6W7H3MO0fVH490DK7yy2L9vzqWcPlVZCgeT9Opz7PNQxOR7e-ZIdx-XXKE9PZUuGRpMhWPURearbv2jAedcKjFv8XnUbKJ9ArLbVTNjQKsE_YJpvRveNUrZfuKWuIsPDTBfqq1O86lTg3CyMmJ8C9kxe2JaDg6z95Y0fDbqeMAAyQ9jdlYWIrvMGuvTqRfWTRjbhSTmc8AEk1kY17wZ5ojCkk0XAdUSfm870GSqeKmBHIxP_EcwbkIRGpuwASNvI6uvQOSBQQIBBgBkgUECAUYBKAGLoAHgfaBvgKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQz-UB0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshcaChgIABIUcHViLTI4MzY1Njk0NzkwMjE3NDU&sigh=6FnkPzunDzk&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836569479021745&output=html&h=250&slotname=8474512511&adk=2158727077&adf=2715190138&pi=t.ma~as.8474512511&w=300&lmt=1622385958&psa=0&format=300x250&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958480&bpp=1&bdt=164&idt=210&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7462738919940&frm=20&pv=2&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AhEKIIJsV9&p=https%3A//www.sunstar.com.ph&dtd=256
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 30 May 2021 14:45:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 30 May 2021 14:45:59 GMT

GET
H3-29 200 2076313506083323656
tpc.googlesyndication.com/simgad/13772017732144581454/ Frame 1DFD 49 KB
49 KB 19ms
16ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13772017732144581454/2076313506083323656

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b287c940d01af52ae21c0aa3b230d384fdbe620f8505b99b9910615711bc9b31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 05:56:03 GMT
x-content-type-options: nosniff
age: 118196
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49740
x-xss-protection: 0
last-modified: Sun, 21 Mar 2021 16:11:26 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 May 2022 05:56:03 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7985282800639057142/ Frame 1DFD 1 KB
1 KB 16ms
14ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7985282800639057142/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

439d49929f585df823340e807a4ae129cd3fc4fedd4cd5dc3a76566917e357a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 06:26:36 GMT
x-content-type-options: nosniff
age: 548363
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1342
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 23:48:00 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 May 2022 06:26:36 GMT

GET
DATA 200
OK truncated
/ Frame 1DFD 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1149d980feaaafbf4061277dc4070b4c313ce159c29e989aec0f35ab1934c132

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK GetToken Show response
zsearch.zoomd.com/zoomd/SearchUi/ 226 B
950 B 63ms
18ms XHR
application/json 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zsearch.zoomd.com/zoomd/SearchUi/GetToken
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0236e9de2313bf6108beeaa098f59d409ede3cb2c2be934d21b5c6849e92bff3

Request headers

Accept: */*
Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 30 May 2021 14:45:59 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 324

GET
H2 200 jquery.dfp.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ 289 B
401 B 6ms
6ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/extra_content/jquery.dfp.min.js?ver=4.0.v20210513115757.080845.023915
Requested by: Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F3A) / ASP.NET
Resource Hash: 823686237069918cffd8537c4a5a77c27cd84451bef4b07624f44d7e5456c226

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: gzip
etag: "05c83cfee47d71:0"
last-modified: Thu, 13 May 2021 11:55:04 GMT
server: ECAcc (frc/8F3A)
age: 248785
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 327

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
546 B 25ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 May 2021 13:26:31 GMT
server: ESF
date: Sun, 30 May 2021 14:45:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 May 2021 14:45:59 GMT

GET
H3-29 200 icon
fonts.googleapis.com/ 568 B
365 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b95b3cf0439813fbdb3b96435627d3cb9bd1ab3cc1a4a4ffbb9d643ce59157b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 30 May 2021 14:45:59 GMT
server: ESF
date: Sun, 30 May 2021 14:45:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 May 2021 14:45:59 GMT

GET
H2 200 masonry.pkgd.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/ 25 KB
10 KB 8ms
8ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/masonry.pkgd.min.js?v=4.0.v201807040945
Requested by: Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FDC) / ASP.NET
Resource Hash: b4ab3afc167a24f795563b7a51fae8dfbe6efc232ccb2e2add52dacc59cec3e3

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: gzip
etag: "05c83cfee47d71:0"
last-modified: Thu, 13 May 2021 11:55:04 GMT
server: ECAcc (frc/8FDC)
age: 329803
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 10202

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
5 KB 14ms
13ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 5939041
cdn-cachedat: 2021-03-11 11:57:55
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5f56392000004e743a9fb000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a9f1136dc57a7605179530d5ffb85493
cf-ray: 6578bfd4fa864e74-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 core.min.js Show response
cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/ 86 KB
26 KB 22ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/core.min.js

Requested by

Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c062e44ef26a7b57ee5e158af4af360561ed6f3d18d96e4c1faa9b69097add0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1448103
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25572
cf-request-id: 0a5f56392b00004e3e4a1bc000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-156f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AER6bwhwq8QfC1dUhcA5sJiBSC8CkAFQbExfu8UST%2BEjH%2Fao1d5OYrjEY4Av%2BEYakuXkLFIWFKdw3K%2FSQ41070%2Fdg%2FJSzr%2FOsgSYRIjY7%2BU9Opp5Hhi4tFMoZs0Y4IgrBk12PFhQBKKWw33%2B%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6578bfd51c1c4e3e-FRA
expires: Fri, 20 May 2022 14:45:59 GMT

GET
DATA 200
OK truncated
/ Frame 1DFD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3be3a79ccfede9d74c492fa15c59becc3759cdf870b593749e750bf1489fc85

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1DFD 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 495039
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 24 May 2022 21:15:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1DFD 15 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 10:13:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 189151
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Sat, 28 May 2022 10:13:28 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1DFD 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 12:08:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 182238
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Sat, 28 May 2022 12:08:41 GMT

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 443ms
98ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.sunstar.com.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.sunstar.com.ph
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Sun, 30 May 2021 14:45:58 GMT

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 176ms
102ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=v8adWCFCm2Pj6AY5anzVgdB%2BmT5bj5fh9usJiHdw1UA%3D&se=1622387836&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: pageView
Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clientId: "94273241"

Response headers

Access-Control-Allow-Origin: https://www.sunstar.com.ph
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 30 May 2021 14:45:59 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

GET
H2 200 zoomd.widget.externalcontent.loader.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ 15 KB
6 KB 6ms
6ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/extra_content/zoomd.widget.externalcontent.loader.min.js?ver=4.0.v20210513115757.080845.023915
Requested by: Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE8) / ASP.NET
Resource Hash: 34d2701c293a921dbbaf7b206c1f4ffb541a7223c1ab3c5c6ff2b1fa011a85a0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: gzip
etag: "0fc340ef47d71:0"
last-modified: Thu, 13 May 2021 11:58:14 GMT
server: ECAcc (frc/8FE8)
age: 248785
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 6259

GET
H2 200 runtime.js Show response
60a6ae725fca.bitsngo.net/content/4.0/js/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/4.0/js/runtime.js?v=4.0.v20210513115757.080845.023915
Requested by: Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F77) / ASP.NET
Resource Hash: 747c61f2521fc8d26f3aff1c4b1131b6174703774fbc676e97b78bdde3da3ba5

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: gzip
etag: "0bc8adaef47d71:0"
last-modified: Thu, 13 May 2021 12:02:32 GMT
server: ECAcc (frc/8F77)
age: 248785
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 1989

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 362ms
90ms XHR
application/json 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1622385959332&sessionId=c7bdcb6c-bfeb-3a9f-96fa-06d791402a62&url=www.sunstar.com.ph&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:45:59 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 7ac9481d24bb11087f8482d371e4f999
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 19 KB
7 KB 299ms
283ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.sunstar.com.ph%2F%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&idx=0&rand=91422&key=NANOWDGT01&widgetJSId=AR_3&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=c7bdcb6c-bfeb-3a9f-96fa-06d791402a62&fdu=www.sunstar.com.ph&px=653&py=2021&vpd=821&settings=true&recs=true&version=2000363&sig=63xcOpBR&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ad4a958e9d57b4ab0323867e2b39a2297360690fd1341bca6bcd58452137b6b3

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.67
x-cache-hits: 0, 0
x-traceid: fa66c51c99dd2a07637565c92ebf2806
content-encoding: gzip
content-length: 6832
x-served-by: cache-lga21967-LGA, cache-hhn4054-HHN
x-timer: S1622385959.350765,VS0,VE277
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js Show response
pagead2.googlesyndication.com/bg/ Frame AB0D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 1340
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5771
x-xss-protection: 0
expires: Mon, 30 May 2022 14:23:39 GMT

GET
H2 200 zd_top.searches.css
60a6ae725fca.bitsngo.net/Content/3.0/widget-css/ 16 KB
4 KB 11ms
10ms Stylesheet
text/css 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/Content/3.0/widget-css/zd_top.searches.css?ver=4.0.v20210513115757.080845.023915
Requested by: Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F07) / ASP.NET
Resource Hash: 176f3ca1ee7b655aa9f2c16e71c09dc548d315c9b77ff39d637eebb931d70d81

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: gzip
etag: "05c83cfee47d71:0"
last-modified: Thu, 13 May 2021 11:55:04 GMT
server: ECAcc (frc/8F07)
age: 248784
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 3890

GET
H2 200 zd_top.searches.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ 17 KB
7 KB 8ms
6ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/extra_content/zd_top.searches.min.js?ver=4.0.v20210513115757.080845.023915
Requested by: Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FF8) / ASP.NET
Resource Hash: 1426c56748e464a4c9a1dae580dc73acf291663684aa701711537d8709329014

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: gzip
etag: "0e2913fef47d71:0"
last-modified: Thu, 13 May 2021 11:58:12 GMT
server: ECAcc (frc/8FF8)
age: 248784
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 6909

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 13ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryNwOhoA5Ufd4lLu7C

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 30 May 2021 14:45:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.sunstar.com.ph
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 vendor.js Show response
60a6ae725fca.bitsngo.net/content/4.0/js/ 451 KB
154 KB 9ms
9ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/4.0/js/vendor.js?v=4.0.v20210513115757.080845.023915
Requested by: Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FCC) / ASP.NET
Resource Hash: 43a3180bf543501f3c010d886d652d3da0997798bd88b071de838fa876560c8d

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: gzip
etag: "0bc8adaef47d71:0"
last-modified: Thu, 13 May 2021 12:02:32 GMT
server: ECAcc (frc/8FCC)
age: 248785
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 157759

GET
H/1.1 200
OK MultipleTopSearch Show response
zsearch.zoomd.com/ 257 B
642 B 262ms
262ms Script
text/javascript 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zsearch.zoomd.com/MultipleTopSearch?callback=jQuery33109037126593963094_1622385958363&clientId=94273241&url=https%3A%2F%2Fwww.sunstar.com.ph%2Fthemes%2Fsunstar%2F&query=&title=&loader=false&containerType=SR1&overrideActions=true&targetUrl=https%3A%2F%2Fwww.sunstar.com.ph%2Fthemes%2Fsunstar%2F&_=1622385958364
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a23b3f0a07f00a92014357e56f6f0e86dd2db824b2495b9fbe3bf5c02869008b

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:45:58 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Content-Type: text/javascript; charset=utf-8
Content-Length: 260
Expires: -1

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 129ms
104ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=v8adWCFCm2Pj6AY5anzVgdB%2BmT5bj5fh9usJiHdw1UA%3D&se=1622387836&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: TSrequested
Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clientId: "94273241"

Response headers

Access-Control-Allow-Origin: https://www.sunstar.com.ph
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 30 May 2021 14:45:59 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 392ms
97ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.sunstar.com.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.sunstar.com.ph
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Sun, 30 May 2021 14:45:59 GMT

GET
H2 200 main.js Show response
60a6ae725fca.bitsngo.net/content/4.0/js/ 78 KB
25 KB 8ms
8ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/4.0/js/main.js?v=4.0.v20210513115757.080845.023915
Requested by: Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F97) / ASP.NET
Resource Hash: f0915701b5111d37473a04027f9d01c78717f58cc3536c6c2a724b6a2bbf7697

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: gzip
etag: "0bc8adaef47d71:0"
last-modified: Thu, 13 May 2021 12:02:32 GMT
server: ECAcc (frc/8F97)
age: 248785
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 25582

GET
H3-29 200 zone.min.js Show response
cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/ 43 KB
13 KB 15ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Requested by

Host: zsearch.zoomd.com
URL: https://zsearch.zoomd.com/zoomd/SearchUi/Script?clientId=94273241

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

937fdab3409538bd4f6164b79c2caf886f7bb6170fcc37d9bb2fa3c9c010940f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 326192
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12870
cf-request-id: 0a5f563a1a00004e3ed3a56000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:18:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04044-ac73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2euYxoVE6GDR4Pd8W%2Fa811XyOXOrtR9ejmcxppPcVaZVpPnQyRTP1P5U6qn4Hbijps7zX%2BP8pb7FBs7JuaLW3BBSYCCyiIbBKRwNtiqLGAUqg4KqCLprZeSvIZ1cHllVL1AzTU7nQZIj9OG9sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6578bfd688444e3e-FRA
expires: Fri, 20 May 2022 14:45:59 GMT

GET
H2 200 init Show response
services.insurads.com/ 2 KB
1 KB 313ms
102ms Script
application/javascript 54.208.64.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/init?appId=9I7XLBWW&h=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&t=1622385959458
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/9I7XLBWW.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.64.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-64-234.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4efb5c4f6ded51edbc12ff1abf5703efcffc9279e07959a4dc19948262ad632f

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
content-type: application/javascript;charset=UTF-8
x-nocache: true
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 317ms
90ms XHR
application/json 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1622385959469&sessionId=c7bdcb6c-bfeb-3a9f-96fa-06d791402a62&url=www.sunstar.com.ph&cheqSource=1&cheqEvent=2&responseTime=665
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:45:59 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 9ad35232ab1674726369cdb759d5d92e
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
135 B 95ms
95ms Image
image/gif 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e001368ecc43def4e8f949225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60632fd78afe7dfe1474ab9488bbd39e821da61c45085052aae2d05f91e46042cc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c1250616e9656ca0990a63ecc89825d957bd1fad811bc551c8c96dd82a77c3d835d2779386eff68dbde2112df429b5e8fe29073defd16798b743e1424106d0545883d9c38681eb923bce6a88dee5de7bb9782a37d72a7f9097c71424d6e825fb55b6c91e9676a97e151b069a32ff439cd0be71f8df78d209f2c3cdcc6b9f4f477db15f195c325b748aaf73a24ed5c28069f6c430a8cb7689cfc9fd7c82beea592b5085e85d4a949b0e4f13b9bcad22e67fc9b11ff2b371ee20f965c04e874593fb64da4c7ea6fb8f62226b35527e194005feb49e66d31ea5071b126aa7ea5dd59b041ebce4cdb0d76fdeeee4f99afbaff8574c3efd5b9bb059689f406418cb7e5b716cea66a97618def6c7638e7cca268dab30d0be0d9b16133373107601e8b5f6c72e2947901959879688a9bace4f17dde5ff3bc38d00249d8c566537ae83d31263f272994ddc5af1359b5f&cb=1622385959469&cri=LSZ0l08eo3
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:59 GMT
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type: image/gif
content-length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 15ms
15ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1613570903.586246"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Tue, 29 Jun 2021 14:45:59 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 25ms
24ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Tue, 29 Jun 2021 14:45:59 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 345ms
88ms Fetch
text/plain 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=8e716ec9f386574b07725ca94881f9ee_2996_1622385959573&tm=1001&eT=0&widgetWidth=713&widgetHeight=331&widgetX=297&widgetY=2042&tpcs=0&wRV=2000363&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&ab=0&wl=0
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: gzip
X-TraceId: 14f6b38d7c7469031a13181c6a6b26d0
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame 0E42 16 KB
6 KB 28ms
28ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5bdf881868ac7b463d2c26adb5b2191eec0ca3dcf013741fec60d7968b4c5e2b

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "978c043087ae13e54442ade6ea7cf2e1:1621941737.600191"
last-modified: Tue, 25 May 2021 11:22:06 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Mon, 31 May 2021 14:45:59 GMT
date: Sun, 30 May 2021 14:45:59 GMT
content-length: 5461
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1622385959~rv=54~id=ff3bb98968f7c1a68a2f45abfd845f6f; path=/; Expires=Sun, 30 May 2021 14:45:59 GMT; Secure; SameSite=None

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000363/module/ 53 KB
18 KB 36ms
35ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000363/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 199558683c3977d73e547ba03bca17d1d65c24fdc00b053f913b76d5d3747f81

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: gzip
last-modified: Sun, 30 May 2021 10:15:10 GMT
server: AkamaiNetStorage
etag: "f1747ab954576764a168219d1090b042:1622370068.165499"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 17532

GET
H2 200 get Show response
odb.outbrain.com/utils/ 4 KB
2 KB 101ms
100ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.sunstar.com.ph%2F%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&idx=1&rand=9954&key=NANOWDGT01&widgetJSId=SL_1&va=true&et=true&format=html&pdobuid=-1&t=OGU3MTZlYzlmMzg2NTc0YjA3NzI1Y2E5NDg4MWY5ZWU=&adblck=false&abwl=false&clss=LuVu9Gos8VDWoHEyk1iWVIWfXcF9foYuksIwZavaYyRdY5QGdt4qAW73oNVvV%2FRk2TMwHyqV5I4aOCk%2F&px=293&py=2372&vpd=1172&cw=720&settings=true&recs=true&version=2000363&sig=63xcOpBR&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2bbd74d7f0fe414d91a6f8f7de5e822cf1c1fafdb98bff5308f0369ab5877c63

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1622385960.646742,VS0,VE94
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
backend-ip: 157.52.117.76
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0, 0
x-traceid: e873121f965d18ba149bb7d3ff231729
content-encoding: gzip
content-length: 1538
x-served-by: cache-lga21976-LGA, cache-hhn4054-HHN

GET
H2 200 eyJpdSI6ImIwM2FjZTYxOGE2NTgxMzcyZTk2Njk2ZDU1NmE1Mzc5ZDBlY2QxNWMzMmEyMjMyMzVkNDg4ZGZkMGY4MWI2NWQiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjaCI6MTY4Nzk2NzM0NCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 49 KB
50 KB 24ms
7ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImIwM2FjZTYxOGE2NTgxMzcyZTk2Njk2ZDU1NmE1Mzc5ZDBlY2QxNWMzMmEyMjMyMzVkNDg4ZGZkMGY4MWI2NWQiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjaCI6MTY4Nzk2NzM0NCwiY3MiOjAsImYiOjR9.webp
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e90f5ac082cbcac78816f187958056b8ab95e16272d5a12ea33d004b382fe924

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
cache-control: max-age=1410060
last-modified: Thu, 18 Mar 2021 15:52:37 GMT
x-traceid: 2cfd0e55296ef72e17d0de2999c57a10
timing-allow-origin: *
content-length: 50574
content-type: image/webp

GET
H2 200 eyJpdSI6IjgwNjY1Yjc5NjExOGI4YzQ1MDBmN2E1ZDEyYmZjYmVjN2YxMDFhZTU2ODRkZDY2NzdjNmRiYjlhOGQ3YzI4OTAiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 26 KB
26 KB 495ms
479ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjgwNjY1Yjc5NjExOGI4YzQ1MDBmN2E1ZDEyYmZjYmVjN2YxMDFhZTU2ODRkZDY2NzdjNmRiYjlhOGQ3YzI4OTAiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aa9ca6f418e06647011afb0ac588834f47fc4ae5a7716fa983a2f93ccb405225

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:00 GMT
cache-control: max-age=2462400
last-modified: Thu, 27 May 2021 13:37:30 GMT
x-traceid: fdf74ae7bed9a9a7a02cb782c0a4fc0c
timing-allow-origin: *
content-length: 26528
content-type: image/webp

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 0E42 1 KB
2 KB 45ms
14ms Script
application/javascript 13.226.159.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-71.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:36:45 GMT
via: 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: VNs25DEcbnGXNMClMBNTS1fU9wd_ljQGhsG82J0iRfN54oLFmfZ2zg==

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 136ms
97ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.sunstar.com.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.sunstar.com.ph
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Sun, 30 May 2021 14:45:59 GMT

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 182ms
104ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=v8adWCFCm2Pj6AY5anzVgdB%2BmT5bj5fh9usJiHdw1UA%3D&se=1622387836&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: TSdisplayed
Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clientId: "94273241"

Response headers

Access-Control-Allow-Origin: https://www.sunstar.com.ph
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 30 May 2021 14:45:59 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 3 KB
2 KB 146ms
144ms Script
application/json 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.sunstar.com.ph%2F%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&settings=true&recs=true&widgetJSId=AR_3&key=NANOWDGT01&version=2000363&apv=true&sig=63xcOpBR&format=html&rand=41629&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=OGU3MTZlYzlmMzg2NTc0YjA3NzI1Y2E5NDg4MWY5ZWU=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=1&lastCardIdx=0&fAB=11523-77045&layeredTestInfo=11523-77045-&clss=LuVu9Gos8VDWoHEyk1iWVIWfXcF9foYuksIwZavaYyRdY5QGdt4qAW73oNVvV%2FRk2TMwHyqV5I4aOCk%2F&pcer=p%3D_7hmb13dyH0i81HUkpCBVHH8IG2ZK9kay_cdWt5h31A%26c%3D5390ac15%26v%3D3&dpr=1&cw=713&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000363/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 39aa6a77ffa7296cad911168a6000b8c39f5ab88dbf22c2b7f461c274c02cfbc

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1622385960.712822,VS0,VE138
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: application/json; charset=UTF-8
backend-ip: 157.52.117.82
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0, 0
x-traceid: 80a4b1f2e3828c0ba39a26e4636c6d35
content-encoding: gzip
content-length: 1497
x-served-by: cache-lga21982-LGA, cache-hhn4054-HHN

GET
H2

200

b2
sb.scorecardresearch.com/ Frame 0E42
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=2996&cs_ucfr=1&ns__t=1622385959726&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2Fob...
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=2996&cs_ucfr=1&ns__t=1622385959726&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2Fo...

64 B
332 B

20ms
20ms

Image
image/gif

13.226.159.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=2996&cs_ucfr=1&ns__t=1622385959726&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D2996%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DDE&c9=https%3A%2F%2Fwww.sunstar.com.ph%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-71.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
via: 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: aqDBiRvZ9vcvDEXYCbAly8MBOty-EUQRC0dzVwgPWhvtJxSmAm2XjA==

Redirect headers

date: Sun, 30 May 2021 14:45:59 GMT
via: 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=2996&cs_ucfr=1&ns__t=1622385959726&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D2996%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DDE&c9=https%3A%2F%2Fwww.sunstar.com.ph%2F
content-length: 442
x-amz-cf-id: EjtmZfaKUeTzsD6FOxx_syfmVp-jvc-OD3jmruGHLPkkswKIEd6pOw==

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 86ms
86ms Fetch
application/json 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=608b4d2331c76ff646c67087dc455655&pvId=8e716ec9f386574b07725ca94881f9ee&sid=807388&pid=2996&idx=1&wId=217&pad=0&org=0&tm=1110&eT=0&cnsnt=no_consent&widgetWidth=720&widgetHeight=0&widgetX=294&widgetY=2420&wRV=2000363&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:45:59 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 8a1bf17ef600269ce822bd4a86c7ffd2
Content-Length: 4
Expires: 0

GET
H2 200 tg-1.4.14.js Show response
cdn.insurads.com/ 159 KB
42 KB 8ms
7ms Script
application/javascript 185.59.220.199
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insurads.com/tg-1.4.14.js
Requested by: Host: services.insurads.com
URL: https://services.insurads.com/init?appId=9I7XLBWW&h=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&t=1622385959458
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-199.datapacket.com
Software: BunnyCDN-DE1-722 /
Resource Hash: c342b3eb0e7459d283889198caff34a00c105c3fcaad1d0bf353aa0641937727

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
content-encoding: gzip
cdn-edgestorageid: 632
x-amz-request-id: 5ZX3ASRV1JP26N5X
cdn-cachedat: 2021-05-30 16:43:02
cdn-pullzone: 55316
content-length: 42005
x-amz-id-2: RzmdZldkHDfV8oaEemkgO7Uqb8eiskXGmcKntotYSt7TGYXq8DPOVA7UQvX6Xg91fN8E1f+t26I=
last-modified: Fri, 21 May 2021 11:29:41 GMT
server: BunnyCDN-DE1-722
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 56a941db-1de6-4dd7-bd60-f93546463707
cache-control: max-age=2592000
cdn-requestid: 61a5853cf12e2acd40259d9a7ad45da2
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 initcb Show response
services.insurads.com/ 0
290 B 122ms
122ms Script
application/javascript 54.208.64.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/initcb?appId=1709&vId=153B3D75A2B9C15B&cId=B57B&iatId=922352305&iatIdB=879466738&s=2049&dads=0&fpc=1&lts=0&lIatId=0&lIatIdB=0&nv=1&npv=1&h=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&ts=1622385959997&v=1.0
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/9I7XLBWW.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.64.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-64-234.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:00 GMT
server: nginx/1.10.3 (Ubuntu)
content-type: application/javascript;charset=UTF-8
x-nocache: true
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK analytics.js Show response
cdn.innity.net/ Frame 083C 173 B
523 B 30ms
29ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/analytics.js
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d86f773cc0628268e605173f2d589ee2ec9ecfd150e454514240eb2bfcb1fb82

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 14:46:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Dec 2015 07:32:50 GMT
Server: Apache
ETag: "ad-5267218ef0c80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 152
Expires: Mon, 31 May 2021 14:46:00 GMT

GET
H2 200 skyLander.js Show response
widgets.outbrain.com/nanoWidget/2000363/module/ 3 KB
2 KB 17ms
17ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000363/module/skyLander.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cb587591eb4362bd19e7762c7e01b1d21568c44f4bb799b76f2d2a4eed1eb982

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:00 GMT
content-encoding: gzip
last-modified: Sun, 30 May 2021 10:15:10 GMT
server: AkamaiNetStorage
etag: "ac4898f3b10749626802efaa5713d13b:1622370062.972104"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 1226

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 86ms
86ms Fetch
application/json 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=3a8cefe66e4e093f87aeb620c08b3c32&pvId=8e716ec9f386574b07725ca94881f9ee&sid=807388&pid=2996&idx=3&wId=972&pad=0&org=0&tm=1375&eT=0&cnsnt=no_consent&widgetWidth=713&widgetHeight=0&widgetX=297&widgetY=2417&wRV=2000363&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:46:00 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 40cb669bc3751f9f6ea4fbdca8b9cd37
Content-Length: 4
Expires: 0

GET
H2 200 endpoint Show response
messaging.insurads.com/rt-pub/node/messaging/ 80 B
167 B 109ms
101ms Script
application/javascript 54.208.64.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://messaging.insurads.com/rt-pub/node/messaging/endpoint
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/tg-1.4.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.64.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-64-234.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 2442651ee21396390dc493d95b1fc5e9c63e749685d0fac660dd5ebb7f342bbc

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:00 GMT
server: Kestrel
content-length: 80
content-type: application/javascript

GET
H3-29 200 fe40d081d0f0a30a365fc04b58169149.js Show response
www.gstatic.com/mysidia/ Frame E0D3 6 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe40d081d0f0a30a365fc04b58169149.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836569479021745&output=html&h=300&slotname=5503418676&adk=3545999935&adf=2677233012&pi=t.ma~as.5503418676&w=300&lmt=1622385958&psa=0&format=300x300&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958541&bpp=1&bdt=225&idt=364&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C320x100&correlator=7462738919940&frm=20&pv=1&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hhjy02jNRp&p=https%3A//www.sunstar.com.ph&dtd=368

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0c6eea8eb9d725d46ac2bf600e1a6318358881b990a332fb7b1225c7e15a851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 17:49:14 GMT
server: sffe
age: 136605
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2729
x-xss-protection: 0
expires: Fri, 27 Aug 2021 00:49:15 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame E0D3 1 KB
909 B 7ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:38:56 GMT

GET
H3-29 200 de885542b4ef2d41dfb01ff6aa37f46c.js Show response
www.gstatic.com/mysidia/ Frame E0D3 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/de885542b4ef2d41dfb01ff6aa37f46c.js?tag=exit_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75ccdf55dd7914e78df9b777b2e46b78bec1f105b00aff7d8d95eacd759279b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 07:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 17:49:14 GMT
server: sffe
age: 26825
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7411
x-xss-protection: 0
expires: Sat, 28 Aug 2021 07:18:55 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame E0D3 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:44:58 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame E0D3 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:38:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0D3 121 KB
37 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sun, 30 May 2021 14:46:00 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame E0D3 13 KB
6 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:44:02 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame E0D3 0
0 14ms
13ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQPG3lyG_VCwo-_DZLmF-hr0ilGS4jgJEkzVL0CC8nKDIwbSa-mNd2wczSn0C_0spg8HfFOGlqZz03BpH6H_mQygjLGA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836569479021745&output=html&h=300&slotname=5503418676&adk=3545999935&adf=2677233012&pi=t.ma~as.5503418676&w=300&lmt=1622385958&psa=0&format=300x300&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958541&bpp=1&bdt=225&idt=364&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C320x100&correlator=7462738919940&frm=20&pv=1&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hhjy02jNRp&p=https%3A//www.sunstar.com.ph&dtd=368
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11490499405150620965/ Frame E0D3 7 KB
7 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11490499405150620965/downsize_200k_v1?w=195&h=102

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a464584c67dbc2d82b4f7f0c0203a82330d48b368bd5c1c1c6109c349fb2d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 15:25:35 GMT
x-content-type-options: nosniff
age: 84025
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7034
x-xss-protection: 0
last-modified: Wed, 02 Dec 2020 03:46:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 May 2022 15:25:35 GMT

GET
H3-29 200 2973505824927952997
tpc.googlesyndication.com/icore_images/ Frame E0D3 27 KB
27 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/2973505824927952997

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c9e2b21829fee8ed5573f654bad63de1b8998d1d028307ae596212aa4d6f69e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 05:18:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 13:00:51 GMT
server: sffe
age: 34052
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27561
x-xss-protection: 0
expires: Mon, 30 May 2022 05:18:28 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16360737856511032301/ Frame E0D3 3 KB
3 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16360737856511032301/downsize_200k_v1?w=195&h=102

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d74210a9d94f8224a0ebad0564f741b6d21014a4a342093ff6654e882ace6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 06:25:55 GMT
x-content-type-options: nosniff
age: 375605
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2895
x-xss-protection: 0
last-modified: Tue, 04 May 2021 14:20:35 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 06:25:55 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame E0D3 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSENrJqWzYKHsOOOD1fAPs-WakAGLiN68Ypvb_by2DLSTqKHBCRABII6QjgIoA2CVAqAB1pP5lAPIAQapAiOTrRc_4qk-qAMByAMCqgSjAk_Q5S-Phu4NYSjW2n1lWACc5UCZwtdMvdTvD4iPpfVSOzpVCoZXgLh7aNDNH0KQFHgw-xi1Wthj-1IRzzFtaPe9e5W6So-O3mmLJNGBEq0LozDhiOUOkO7OYATqUarAHb7d2pwE-7dyUcffQ_xvtVU2UnVj7K3ToUaeIQjqjn3yWpAT7vSzM2yw4qQ5GqO3goVBCYsMpPzYOTYg_vxYjEZUtYkZwd-mgoRloTlCDrsAlt3z2ElIuxiOBEi7npPCZRcjmXWpmVsWYl_MpzZHNT7ZR3cSMWBCpu-wucXFnnKiwbZlYOxrJEISxFxVOa_bV7UyheLwEiA2Tdpx2k_MbByt7HwjMBMVdaxK_ODzvVARovelVHve-Uh6QvFy0gkzC1SwBcAEpsbI_agDkgUECAQYAZIFBAgFGASgBjeAB5LshmuoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQmLIB0ggJCIDhgBAQARgfgAoByAsBwhMGGNaT-ZQD2BMNiBQN0BUBgBcBshcaChgIABIUcHViLTI4MzY1Njk0NzkwMjE3NDU&sigh=HlC5K457Ne0&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836569479021745&output=html&h=300&slotname=5503418676&adk=3545999935&adf=2677233012&pi=t.ma~as.5503418676&w=300&lmt=1622385958&psa=0&format=300x300&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958541&bpp=1&bdt=225&idt=364&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C320x100&correlator=7462738919940&frm=20&pv=1&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hhjy02jNRp&p=https%3A//www.sunstar.com.ph&dtd=368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 30 May 2021 14:46:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame E0D3 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIAtcJqWzYKHsOOOD1fAPs-WakAGl1Z2xBY3cwrqfAqaerY1rEAIgjpCOAigDYJUCyAEBqAMByAMCqgT5AU_QNdOCpu-HYIigv308XFuB41qLxJhd_NquEs5FzEhgDDkdCc5UaonBAcTRG0XaSG1ooxjsXoN-_UgDyX58Kfn8ZtPlQ9KbxX6OIpLVBasErT_pn5ZAseDBYAyqeervE7GR-NQ97e8zU4GAQu1xpRMmEHpg6aXf6EDSNgr2wHO2TpxMv_Tje2mxY8Ha26I2aIdLLGrHMyXvuTMr_vwur1tUIM_yhpOvWoNZpDlCDnsD8t3z6E3KqhiOBEi7vpPCZR8giXWpmdtWYF_Mpz5GNT7ZT3dSMmBCpu-wucXFlnKiwLZlYOxrJEISxFxVua_bXTUyhff1z8KN-8AEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJiyAdIICQiA4YAQEAEYH4AKAcgLAdAVAYAXAbIXGgoYCAASFHB1Yi0yODM2NTY5NDc5MDIxNzQ1&sigh=vlodogtPbS0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836569479021745&output=html&h=300&slotname=5503418676&adk=3545999935&adf=2677233012&pi=t.ma~as.5503418676&w=300&lmt=1622385958&psa=0&format=300x300&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958541&bpp=1&bdt=225&idt=364&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C320x100&correlator=7462738919940&frm=20&pv=1&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hhjy02jNRp&p=https%3A//www.sunstar.com.ph&dtd=368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 30 May 2021 14:46:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame E0D3 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeBsdJqWzYKHsOOOD1fAPs-WakAG0rv3NYoW06qboDeG3utWZIxADII6QjgIoA2CVAqABzfiC2gPIAQaoAwHIAwKqBJ0CT9Cja52G7A1hKNbafWVYAJzlQJnC10y91O8PiI-l9VI7OlUKhleAuHto0M0fQpAUeDD7GLVa2GP7UhHPMW1o9717lbpKj47eaYsk0YESrQujMOGI5Q6Q7s5gBOpRqsAdvt3anAT7t3JRx99D_G-1VTZSdWPsrdOhRp4hCOqOffJakBPu9LMzbLDipDkao7eChUEJhwyky_VEMzn-_FiMRlS1iRnB36aChGWhOUIOuwCW3fPYSUi7GI4ESLuek8JlFyOZdamZWxZiX8ynNkc1PtlHdxIxYEKm77C5xcWecqLBtmVg7GskQhLEXFU5r9tXtTKF4vASIDZN2nHaT8xsHK3pF2V_ExWpEoOD4POnUHDt09Nfe525YAlB2TsFwASYnIOe3wOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHm4f9JagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCYsgHSCAkIgOGAEBABGB-ACgHICwHCEwYYzfiC2gPYEw3QFQGAFwGyFxoKGAgAEhRwdWItMjgzNjU2OTQ3OTAyMTc0NQ&sigh=pGmsm-9y9eM&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836569479021745&output=html&h=300&slotname=5503418676&adk=3545999935&adf=2677233012&pi=t.ma~as.5503418676&w=300&lmt=1622385958&psa=0&format=300x300&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958541&bpp=1&bdt=225&idt=364&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C320x100&correlator=7462738919940&frm=20&pv=1&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hhjy02jNRp&p=https%3A//www.sunstar.com.ph&dtd=368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 30 May 2021 14:46:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DE02 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 30 May 2021 03:14:09 GMT
expires: Mon, 31 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 41511
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK /
optimize.innity.com/ Frame 083C 43 B
452 B 708ms
175ms Image
image/gif 119.81.3.35
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimize.innity.com/?pubid=5361&zoneid=95204&cb=1622385960053
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.3.35 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 23.03.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:46:00 GMT
Last-Modified: Sun, 30 May 2021 14:46:00 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E0D3 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37eebd1555b3e00a80956d6b32fcb52ba8c6020041f97e81d5c3a6be52b6bad7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame DE02 35 B
463 B 25ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELzaFbZwqj7_Icg0SE5FulY&google_cver=1&google_push=AQvitUIyn9rh4Z5gBjVWYBDNWI1UpE4zu0wT4ZPIPSZJu-rKF6olpA30_Ttdt7sl_xVXicoKTjZC_Dvnw7K8bE2jmbLzocfnljRO

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DE02
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUINXYlza3qvafzbtQU43PqMISF0VmsiT5ceTfK...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUxPbEtBQUFCRXNlZkVXLQ&google_push=AQvitUINXYlza3qvafzbtQU43PqMISF0VmsiT5ceTfKFlkWQgDbMB1ynbqVtvP0t-dp44GDchQFnMi1cGdYRz82eiD0OgiKhc86-

170 B
232 B

967ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUxPbEtBQUFCRXNlZkVXLQ&google_push=AQvitUINXYlza3qvafzbtQU43PqMISF0VmsiT5ceTfKFlkWQgDbMB1ynbqVtvP0t-dp44GDchQFnMi1cGdYRz82eiD0OgiKhc86-

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUxPbEtBQUFCRXNlZkVXLQ&google_push=AQvitUINXYlza3qvafzbtQU43PqMISF0VmsiT5ceTfKFlkWQgDbMB1ynbqVtvP0t-dp44GDchQFnMi1cGdYRz82eiD0OgiKhc86-
Date: Sun, 30 May 2021 14:46:00 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame DE02 43 B
324 B 33ms
16ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEO332e0vzUN4Z9BC6n4DMU0&google_push=AQvitUJXaZAPgwJ2mIpfsmYMFFhkXfk4daTsmW5taxnkRFmCpaCAXjbU1PO-dUQ0__kD3lUqS9UNbdp8kUOnLAQiFmXky9x8StU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836569479021745&output=html&h=300&slotname=5503418676&adk=3545999935&adf=2677233012&pi=t.ma~as.5503418676&w=300&lmt=1622385958&psa=0&format=300x300&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385958541&bpp=1&bdt=225&idt=364&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C320x100&correlator=7462738919940&frm=20&pv=1&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=2979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060031%2C31060615&oid=3&pvsid=1128707435100374&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hhjy02jNRp&p=https%3A//www.sunstar.com.ph&dtd=368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:00 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DE02
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESECp5SK955B-0ajA3cb1VJJ8&google_cver=1&google_push=AQvitUJtqiH3OOwXMnP5lw_O4Tftl8bz7K8YUNRQd9Lrym65EaFKYzTRFN-HlMCM8PfhhI8eIQ2hABb_ntL-gvknwLF8-xYMuKac
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJtqiH3OOwXMnP5lw_O4Tftl8bz7K8YUNRQd9Lrym65EaFKYzTRFN-HlMCM8PfhhI8eIQ2hABb_ntL-gvknwLF8-xYMuKac&google_hm=1odZYkABheS30ivx3NfGog==

170 B
232 B

1026ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJtqiH3OOwXMnP5lw_O4Tftl8bz7K8YUNRQd9Lrym65EaFKYzTRFN-HlMCM8PfhhI8eIQ2hABb_ntL-gvknwLF8-xYMuKac&google_hm=1odZYkABheS30ivx3NfGog==

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 14:45:59 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJtqiH3OOwXMnP5lw_O4Tftl8bz7K8YUNRQd9Lrym65EaFKYzTRFN-HlMCM8PfhhI8eIQ2hABb_ntL-gvknwLF8-xYMuKac&google_hm=1odZYkABheS30ivx3NfGog==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: t2vff8n9jpjmdpn7i78s0d589auau8hh

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DE02
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=grrwlytPQEGI9S5RoBaN-A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
329 B

747ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=grrwlytPQEGI9S5RoBaN-A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKCF7AzVItTqXL2LYvpqRL9BQ4eRE0vx8hIVg4SdAC0zP-Gp4lYISLiIPjL89k10h8OC9a3ubouOAdDbNgFGxpXrrO7mcaO

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=grrwlytPQEGI9S5RoBaN-A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKCF7AzVItTqXL2LYvpqRL9BQ4eRE0vx8hIVg4SdAC0zP-Gp4lYISLiIPjL89k10h8OC9a3ubouOAdDbNgFGxpXrrO7mcaO
date: Sun, 30 May 2021 14:45:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DE02
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENX5Nhnej7QGaSCzKb2dRLI&google_cver=1&google_push=AQvitUIhrUA7WrjuZ4FUVBgLLIez0SCW2vL8IPBmFmlk5ETuMPe1vX4Xx09JQRrV5jWtwfK8qdt...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCQVBNVDktMVgtRElZVg==&google_push=AQvitUIhrUA7WrjuZ4FUVBgLLIez0SCW2vL8IPBmFmlk5ETuMPe1vX4Xx09JQRrV5jWtwfK8qdtpe1rFDygO6LpMBbgxuvRs0Ah_

170 B
232 B

757ms
19ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCQVBNVDktMVgtRElZVg==&google_push=AQvitUIhrUA7WrjuZ4FUVBgLLIez0SCW2vL8IPBmFmlk5ETuMPe1vX4Xx09JQRrV5jWtwfK8qdtpe1rFDygO6LpMBbgxuvRs0Ah_

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCQVBNVDktMVgtRElZVg==&google_push=AQvitUIhrUA7WrjuZ4FUVBgLLIez0SCW2vL8IPBmFmlk5ETuMPe1vX4Xx09JQRrV5jWtwfK8qdtpe1rFDygO6LpMBbgxuvRs0Ah_
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame DE02
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_push=AQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRq...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DE02 0
227 B 1055ms
14ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3pJ0LJXKalt_2llZRdAbNGJCMFhpXi2P_iKiDLB5kSfSIgLi6uUjIMX1JkOeqqkMYgSoV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:01 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 negotiate Show response
msg-0d30238761a9e7c06.insurads.com/rt-pub/node/hub/ 252 B
469 B 304ms
101ms XHR
application/json 54.146.254.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://msg-0d30238761a9e7c06.insurads.com/rt-pub/node/hub/negotiate?appId=1709&sId=153B3D75A2B9C15B&cId=B57B&dev=Personal%20computer&br=Chrome&os=Windows&cc=DE&rc=BE&v=0.1

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.146.254.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-146-254-172.compute-1.amazonaws.com

Software

iat /

Resource Hash

12b32e9b0439aa37b2170aa4c97521dea6b60bc0a50272524903314ba101c3a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.sunstar.com.ph/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.sunstar.com.ph
date: Sun, 30 May 2021 14:46:00 GMT
access-control-allow-credentials: true
server: iat
content-length: 252
strict-transport-security: max-age=15768000
content-type: application/json

OPTIONS
H2 204 negotiate
msg-0d30238761a9e7c06.insurads.com/rt-pub/node/hub/ Frame 0
0 323ms
101ms Preflight 54.146.254.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://msg-0d30238761a9e7c06.insurads.com/rt-pub/node/hub/negotiate?appId=1709&sId=153B3D75A2B9C15B&cId=B57B&dev=Personal%20computer&br=Chrome&os=Windows&cc=DE&rc=BE&v=0.1

Protocol

Server

54.146.254.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-146-254-172.compute-1.amazonaws.com

Software

iat /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://www.sunstar.com.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 30 May 2021 14:45:59 GMT
access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://www.sunstar.com.ph
strict-transport-security: max-age=15768000
server: iat

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1DFD 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7b78pPl0HQ_v2pazJUNvPO6Igv2HWRlTuZL2zYl5xmxMy_zHMd5tmzAh6WZbMHBiOlGZyBWvy5kXXgTeovxqmFbOQF68bOYE-g8HhElOfqPerZtBaP38i-IBHiA&sai=AMfl-YSWOcp-pwnhETePSmux8OFo7xasul2WGjedjnhYclxcIsiOpw9yjUl84k9Vr8eQKZZMTbXGLDQx4bct&sig=Cg0ArKJSzDEWMQPL-BvkEAE&id=lidar2&mcvt=1000&p=205,1103,455,1403&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2158727077&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622385958738&dlt=390&rpt=210&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bc4ce90c60ac5aa710e70c1590d24d1f68e844acc88f4b1d87581cc3ae10a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 May 2021 14:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8175
x-xss-protection: 0

GET
H3-29 200 comments.php
www.facebook.com/v5.0/plugins/ Frame 3CD0 0
0 34ms
34ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/comments.php?app_id=178272608902063&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31a87210fc56ec%26domain%3Dwww.sunstar.com.ph%26origin%3Dhttps%253A%252F%252Fwww.sunstar.com.ph%252Ff134c10c6157ebc%26relation%3Dparent.parent&container_width=878&height=100&href=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&locale=en_US&numposts=5&sdk=joey&version=v5.0&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1a0614939c6fd9c4e1eafb36c2df02cf&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v5.0/plugins/comments.php?app_id=178272608902063&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31a87210fc56ec%26domain%3Dwww.sunstar.com.ph%26origin%3Dhttps%253A%252F%252Fwww.sunstar.com.ph%252Ff134c10c6157ebc%26relation%3Dparent.parent&container_width=878&height=100&href=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&locale=en_US&numposts=5&sdk=joey&version=v5.0&width=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
content-type: text/html;charset=utf-8
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
x-fb-debug: xBry8Zo/IORnx0V9xGpsFcPe/fu03SZogOCk648AQza4rohjSC5S6P3WpRrVoyAJzhdiHH9sWWHoheOVBHghNw==
content-length: 0
date: Sun, 30 May 2021 14:46:00 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5b27a71e3e2ef6d0/ 166 B
325 B 15ms
12ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5b27a71e3e2ef6d0/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:00 GMT
content-encoding: gzip
etag: 659743217
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=50, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 154

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 30 May 2021 14:46:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame BF03 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 30 May 2021 14:41:48 GMT
expires: Mon, 30 May 2022 14:41:48 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 252
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 344B 783 B
531 B 16ms
15ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6908df60b617573b345db4aebac15147996ec9dd53f9c3265998785e859aab98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UqncHyG7PswOgRjydgT9qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

expires: Sun, 30 May 2021 14:46:00 GMT
date: Sun, 30 May 2021 14:46:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-UqncHyG7PswOgRjydgT9qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js Show response
pagead2.googlesyndication.com/bg/ Frame BF03 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 1341
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5771
x-xss-protection: 0
expires: Mon, 30 May 2022 14:23:39 GMT

GET
H2 200 ad Show response
services.insurads.com/ Frame C2FF 131 B
461 B 103ms
102ms Script
application/javascript 54.208.64.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/ad?auid=706364&csz=%5B%5D&sz=%5B%5D&dm=1&is=0&sid=153B3D75A2B9C15B&s=2049&appId=1709&ct=%7B%7D&h=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&ts=1622385960820
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/tg-1.4.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.64.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-64-234.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 078170298c5f6ea65afcceb8696ac031ab57212b6259cde3d2b99939167a2ecb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:00 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
content-type: application/javascript;charset=UTF-8
x-nocache: true
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 97ms
49ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:00 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 31 May 2021 14:46:00 GMT

GET
H2 200 lb
services.insurads.com/ 0
156 B 103ms
103ms Image
text/plain 54.208.64.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.insurads.com/lb?appid=1709&acid=383&s=2049&sid=153B3D75A2B9C15B&auid=706364&ts=1622385960950&iid=p02c938a148e72e61841009a579ac470b074c5c0b88&is=0&m=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.64.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-64-234.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nocache: true
pragma: no-cache
date: Sun, 30 May 2021 14:46:01 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx/1.10.3 (Ubuntu)
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=1128707435100374&bg=!d3SldDDNAAaMan2LjGo7ACkAdvg8WmAxkqNkK30-nEpf8HdSikKw74UZDBM4K87diAMs2NE78dB51QIAAABrUgAAAA1oAQcKALreO7hgS1Klyuv8A-ubHbktWWuwWbdDBHFugTNpoLfAo_WHGCExJzKAusWCdFsmIn2kkjGoYPXOLMMeYhnBM7Wug-mDgIBMSDD1VgpVmoJ5VT5Voy06M7Lc0eAc1tm_bZ5JEOQW-YrURRyp1-Hre6RBka2TXzpqE56VN4sFzidsBjBTfZmjtufrCvfxIeolfoHnAbwYQnhxArZXjRK6tYIfcA1G1fcmsmuSg5mtaX1Q6kGIdg6DI9BeaACZAlBgS-NfyG8I5nSnRcrPUV3F_Lk58MPwZMzZjNwVCr83rEZGKJXqHFwxnS3-xuxoLaxtxvCBMg_WS9-rTrETe1g7-BWdZNRW6vhM7Id636JCtJouasu8NhW4Z72XzjA32wOaegslAoVYohBTKUxuzQ2se13xequBdh5g0ae99i-dxTtgEj6LFbuSoqz7mqr_8T6iek5eyAzkkavkd1V5kedvZeYIpASYD_lZ4Vad6dYwGz4YXJT9aTyKk-u6kgeKIsBttsPeQlB9vgclt4JptR6FMEFcX5wwEYnyCvJocpSrmPGQ69z9IEA68bFouVb-vRqOYts9XFfHZ_bSlEQzqLq1YLm_0Nf2sndCA8KTCn-oq4G_khCWVYZraTbg6ow2M3vF4a0PHmmy0Cops8LGRfnotDyYKSwuXX0uDiqJFr7AnFv3VJDZbkhTaXGilQ0ktBPD5dl0fwvFM5dXESP5GGOApobwZ48tGTbBrL3NvqWvyDmcNBJkZKQ4mdntj-_nM1wGriDcA5UGgrOrCc1rBJ_Blq8qfIk3bfozQg4WvzNdOMCG1ftc5ialURhgfxMAxFrrChAl3Cl1xs44hpbRLaWxORlRk_C5DhV3muI1Tv2y3BamXawsav8YhAfdDPTbyAcENa-KG0LHL1IUOIXte9vzd73USKrXX8LBGyHdJZcSIrNcZhGT9sTJ-HY06M41SUtuhOPvzaS2B0aSUrJaw2FuJGplTIG9Dp-8w4oocVtedrDkDApYOrlQ9zOnzcsuNcAtXezk_25mx2RXVxkzzH62

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E54E 0
326 B 14ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sunstar.com.ph

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.sunstar.com.ph
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1735
set-cookie: uid=caddef6b-dd76-419e-8afb-4a82d2db42a3; expires=Mon, 30 May 2022 14:46:00 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Sun, 30 May 2021 14:46:00 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 71ms
25ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:01 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 31 May 2021 14:46:01 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2803 52 KB
17 KB 26ms
10ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.sunstar.com.ph/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Mon, 31 May 2021 14:46:04 GMT
Date: Sun, 30 May 2021 14:46:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5B5F 38 KB
14 KB 46ms
29ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=82BAF097-2B4F-4041-88F5-2E51A0168DF8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=56333
expires: Mon, 31 May 2021 06:24:55 GMT
date: Sun, 30 May 2021 14:46:02 GMT
vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 48D7 1007 B
863 B 18ms
17ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4bef65891aee5a3edfb1a7ab019d3e8cdb10223cb6c7a982e3a325822e794abd

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=da7dec07-4000-033d-0b70-afae6be9cfe5|1622385958
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=da7dec07-4000-033d-0b70-afae6be9cfe5|1622385958; Version=1; Expires=Mon, 30-May-2022 14:46:02 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1622385962|mOgegqnskin0vNomiygu; Version=1; Expires=Mon, 14-Jun-2021 14:46:02 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 30 May 2021 14:46:02 GMT
content-type: text/html
content-length: 545
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame FB37 2 KB
1 KB 45ms
26ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.sunstar.com.ph/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Sun, 30 May 2021 14:46:02 GMT
Connection: keep-alive

GET
H2 200 9d16b51a-792b-ae83-6071-71b3f0993151
pr-bh.ybp.yahoo.com/sync/openx/ Frame 48D7 43 B
839 B 99ms
31ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/9d16b51a-792b-ae83-6071-71b3f0993151?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 48D7
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=HaSHh7FP1LNmHw5

43 B
106 B

20ms
18ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=HaSHh7FP1LNmHw5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:46:02 GMT
Server: PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-0a1405953f2666354@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=HaSHh7FP1LNmHw5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 48D7
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=30ab8b9a-73de-43e6-9a51-85fe4bb686ee
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=30ab8b9a-73de-43e6-9a51-85fe4bb686ee
https://x.bidswitch.net/sync?dsp_id=4&user_id=b0a7dfe0-5f2d-480c-9545-23bf7aca0643&ssp=openx&expires=30&user_group=5&bsw_param=30ab8b9a-73de-43e6-9a51-85fe4bb686ee
https://us-u.openx.net/w/1.0/sd?id=537072968&val=30ab8b9a-73de-43e6-9a51-85fe4bb686ee

43 B
106 B

17ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=30ab8b9a-73de-43e6-9a51-85fe4bb686ee
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=30ab8b9a-73de-43e6-9a51-85fe4bb686ee
date: Sun, 30 May 2021 14:46:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame 48D7
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDMDQwN0JaMG9BQURGcUFIZW01QQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC0407BZ0oAADFqAHem5A&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC0407BZ0oAADFqAHem5A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...

43 B
163 B

59ms
16ms

Image
image/gif

185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC0407BZ0oAADFqAHem5A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:01 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC0407BZ0oAADFqAHem5A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Date: Sun, 30 May 2021 14:46:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 48D7
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7c4e60b3-a52a-4b00-87a9-ba4d7b868c17

43 B
106 B

28ms
27ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7c4e60b3-a52a-4b00-87a9-ba4d7b868c17
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 30 May 2021 14:48:08 GMT
Server: MT3 3736 915c305 master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7c4e60b3-a52a-4b00-87a9-ba4d7b868c17
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 30 May 2021 14:48:07 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 48D7
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=oTH_aPY0r2O6MPw-ojOwa_Jn-D26Zf5qrmd0Fe7l

43 B
122 B

16ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=oTH_aPY0r2O6MPw-ojOwa_Jn-D26Zf5qrmd0Fe7l
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=oTH_aPY0r2O6MPw-ojOwa_Jn-D26Zf5qrmd0Fe7l
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 48D7
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2431088141839179251

43 B
106 B

17ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2431088141839179251
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2431088141839179251
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 48D7 70 B
265 B 130ms
32ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=09d1d35e-e987-3cca-51a6-67460fcefc18&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 48D7 170 B
188 B 40ms
17ms Image
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjViZTAwOTQtMjBmMC02MjZlLTQ0NDYtM2RmZmM1MmMzMjc4

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 48D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHAFQc2u7AzW_dxAvgV9FF4&google_cver=1

43 B
106 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHAFQc2u7AzW_dxAvgV9FF4&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHAFQc2u7AzW_dxAvgV9FF4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 2803
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
822 B

7ms
7ms

Script
text/html

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:46:02 GMT
X-Proxy-Origin: 152.89.163.12; 152.89.163.12; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.234:80
AN-X-Request-Uuid: 8adb22a4-7cd4-400f-8eba-d18ae3b46526
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:46:02 GMT
X-Proxy-Origin: 152.89.163.12; 152.89.163.12; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.232:80
AN-X-Request-Uuid: 1d176f6d-371a-40cb-b90c-e2f96e2b6591
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame CD70 2 KB
3 KB 47ms
45ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sunstar.com.ph/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4b44a01578dfcfd1798276c722f799f8aa3eefcebed07e8587025c145d611ae

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YLOlKBDZ4lge5057QsfaJQAA; CMPS=3213; CMPRO=1150; CMST=YLOlKGCzpSgA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|241|45|230|47|73|65|111
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1800
Expires: Sun, 30 May 2021 14:46:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 30 May 2021 14:46:02 GMT
Connection: keep-alive
Set-Cookie: CMID=YLOlKBDZ4lge5057QsfaJQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 14:46:02 GMT CMPS=3213;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 14:46:02 GMT CMPRO=1150;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 Aug 2021 14:46:02 GMT CMST=YLOlKGCzpSoA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 31 May 2021 14:46:02 GMT CMRUM3=2f60b3a52a05a0&2d60b3a52a05a0&e660b3a52a2760&2760b3a52a0b40&4960b3a52a05a0&4160b3a52a05a0&f160b3a52a05a0&6f60b3a52a05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 30 May 2022 14:46:02 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5B5F 3 KB
4 KB 14ms
14ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47095679&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a3d0e8870649ac921fc78e2f40b0fd4519023f8d4db694fe38df0e09406d081c

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:01 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 39F2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=82BAF097-2B4F-4041-88F5-2E51A0168DF8
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=82BAF097-2B4F-4041-88F5-2E51A0168DF8

35 B
467 B

28ms
21ms

Document
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=82BAF097-2B4F-4041-88F5-2E51A0168DF8

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=82BAF097-2B4F-4041-88F5-2E51A0168DF8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sun, 30 May 2021 14:46:02 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=2881007210812127972; expires=Thu, 29 Jul 2021 14:46:02 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Sun, 30 May 2021 14:46:02 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=82BAF097-2B4F-4041-88F5-2E51A0168DF8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Wed, 30 Jun 2021 14:46:02 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 6757
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7310773976145838003

42 B
289 B

43ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7310773976145838003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7310773976145838003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=82BAF097-2B4F-4041-88F5-2E51A0168DF8; chkChromeAb67Sec=1; DPSync3=1623542400%3A201_197_219%7C1622419200%3A174; SyncRTB3=1623542400%3A13_3_54_71_8_161_7_22_220_21_56%7C1623628800%3A35%7C1624924800%3A203%7C1622937600%3A223%7C1623196800%3A63
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sun, 30 May 2021 14:46:01 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-7310773976145838003; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 14:46:01 GMT; path=/ PugT=1622385961; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 14:46:01 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 28-Aug-2021 14:46:01 GMT; path=/
x-lat: amspug019:0:388
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7310773976145838003
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame FA83
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=

42 B
110 B

131ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=82BAF097-2B4F-4041-88F5-2E51A0168DF8; chkChromeAb67Sec=1; DPSync3=1623542400%3A201_197_219%7C1622419200%3A174; SyncRTB3=1623542400%3A13_3_54_71_8_161_7_22_220_21_56%7C1623628800%3A35%7C1624924800%3A203%7C1622937600%3A223%7C1623196800%3A63
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sun, 30 May 2021 14:46:01 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 28-Aug-2021 14:46:01 GMT; path=/
x-lat: amspug005:0:243
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
expires: Sun, 30 May 2021 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3006
x-powered-by: ASP.NET
date: Sun, 30 May 2021 14:46:01 GMT
content-length: 205

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 399A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968094648287426708

42 B
211 B

135ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968094648287426708
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968094648287426708
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=82BAF097-2B4F-4041-88F5-2E51A0168DF8; chkChromeAb67Sec=1; DPSync3=1623542400%3A201_197_219%7C1622419200%3A174; SyncRTB3=1623542400%3A13_3_54_71_8_161_7_22_220_21_56%7C1623628800%3A35%7C1624924800%3A203%7C1622937600%3A223%7C1623196800%3A63
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sun, 30 May 2021 14:46:01 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-6968094648287426708; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 14:46:01 GMT; path=/ PugT=1622385961; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 14:46:01 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 28-Aug-2021 14:46:01 GMT; path=/
x-lat: amspug006:0:337
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Sun, 30 May 2021 14:46:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6968094648287426708; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6968094648287426708

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5B5F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=grrwlytPQEGI9S5RoBaN-A%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

15ms
7ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 18:57:29 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-1f78-5b232eb4914bb"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=81538
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 2654
expires: Mon, 31 May 2021 13:25:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 5B5F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=16bc60b3-a52a-4700-a76e-1f3663947c58

0
128 B

1057ms
15ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=16bc60b3-a52a-4700-a76e-1f3663947c58
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:01 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 30 May 2021 14:48:08 GMT
Server: MT3 3736 915c305 master cdg-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=16bc60b3-a52a-4700-a76e-1f3663947c58
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 30 May 2021 14:48:07 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5B5F
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=82BAF097-2B4F-4041-88F5-2E51A0168DF8
https://spl.zeotap.com/?zdid=1332&zcluid=9d406eed1076de73
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3f57b140-e32f-48a6-7d4e-001a1dc0b4df&reqId=7c33c5b9-53a2-4d9f-4a5f-a525ee27be6f&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEHu9npoCcC5HvYOxhPpJW1E&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3f57b140-e32f-48a6-7d4e-001a1dc0b4df&reqId=7c33c5b9-53a2-4d9f-4a5f-a52...

95 B
189 B

39ms
31ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEHu9npoCcC5HvYOxhPpJW1E&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3f57b140-e32f-48a6-7d4e-001a1dc0b4df&reqId=7c33c5b9-53a2-4d9f-4a5f-a525ee27be6f&zcluid=9d406eed1076de73&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6578bfeadad763e9-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a5f5646cb000063e9db901000000001

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEHu9npoCcC5HvYOxhPpJW1E&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3f57b140-e32f-48a6-7d4e-001a1dc0b4df&reqId=7c33c5b9-53a2-4d9f-4a5f-a525ee27be6f&zcluid=9d406eed1076de73&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5B5F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODJCQUYwOTctMkI0Ri00MDQxLTg4RjUtMkU1MUEwMTY4REY4&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
186 B

132ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:01 GMT
cache-control: no-store, no-cache, private
x-lat: amspug017:0:479
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5B5F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIn7S3T0XwrUZ4F64pMA5t8&google_cver=1

42 B
282 B

132ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIn7S3T0XwrUZ4F64pMA5t8&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:01 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:267
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIn7S3T0XwrUZ4F64pMA5t8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 5B5F 43 B
611 B 49ms
12ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 29 May 2021 14:46:02 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5B5F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5954425679924379616

42 B
389 B

125ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5954425679924379616
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
cache-control: no-store, no-cache, private
x-lat: amspug014:0:370
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5954425679924379616
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5B5F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:42a460b3-a52a-4800-9bb8-5636a69ffa1e&gdpr=0&gdpr_consent=

42 B
340 B

138ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:42a460b3-a52a-4800-9bb8-5636a69ffa1e&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:01 GMT
cache-control: no-store, no-cache, private
x-lat: amspug013:0:392
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 30 May 2021 14:48:08 GMT
Server: MT3 3736 915c305 master cdg-pixel-x16
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:42a460b3-a52a-4800-9bb8-5636a69ffa1e&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 30 May 2021 14:48:07 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5B5F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=727435e6-5ccd-4550-8f30-bb71f88d0541

42 B
294 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=727435e6-5ccd-4550-8f30-bb71f88d0541
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:01 GMT
cache-control: no-store, no-cache, private
x-lat: amspug012:0:274
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=727435e6-5ccd-4550-8f30-bb71f88d0541
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5B5F
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3518618575674890531&gdpr=0&gdpr_consent=

42 B
210 B

147ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3518618575674890531&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:00 GMT
cache-control: no-store, no-cache, private
x-lat: amspug016:0:290
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:46:02 GMT
X-Proxy-Origin: 152.89.163.12; 152.89.163.12; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.81:80
AN-X-Request-Uuid: 0ccc440f-b397-4053-947e-6d776aa31916
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3518618575674890531&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 82BAF097-2B4F-4041-88F5-2E51A0168DF8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5B5F 43 B
554 B 36ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/82BAF097-2B4F-4041-88F5-2E51A0168DF8?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 5B5F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=82BAF097-2B4F-4041-88F5-2E51A0168DF8&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=82BAF097-2B4F-4041-88F5-2E51A0168DF8&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-aTECktFE2uW2uPXbm6JpY63ue_WuIWU-~A&gdpr=0&gdpr_consent=

0
260 B

1031ms
14ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-aTECktFE2uW2uPXbm6JpY63ue_WuIWU-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 30 May 2021 14:46:02 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-aTECktFE2uW2uPXbm6JpY63ue_WuIWU-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5B5F
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ec8AyC7KUMNizgOees1PyyqZB51imwHKdpnXDtsd

42 B
579 B

146ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ec8AyC7KUMNizgOees1PyyqZB51imwHKdpnXDtsd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:00 GMT
cache-control: no-store, no-cache, private
x-lat: amspug002:0:270
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ec8AyC7KUMNizgOees1PyyqZB51imwHKdpnXDtsd
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5B5F
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0384d577-c282-4740-acfd-90a8bcc32c31&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=30ab8b9a-73de-43e6-9a51-85fe4bb686ee&gdpr=&gdpr_consent=&gdpr_pd=

1 B
180 B

14ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=30ab8b9a-73de-43e6-9a51-85fe4bb686ee&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:01 GMT
cache-control: no-store, no-cache, private
x-lat: amspug002:0:365
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=30ab8b9a-73de-43e6-9a51-85fe4bb686ee&gdpr=&gdpr_consent=&gdpr_pd=
date: Sun, 30 May 2021 14:46:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5B5F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLOlKgABX5iA-gAC&gdpr=0&gdpr_consent=&_test=YLOlKgABX5iA-gAC

1 B
334 B

16ms
15ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLOlKgABX5iA-gAC&gdpr=0&gdpr_consent=&_test=YLOlKgABX5iA-gAC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:00 GMT
cache-control: no-store, no-cache, private
x-lat: amspug007:0:388
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1622385962.467220,VS0,VE0
x-served-by: cache-hhn4024-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLOlKgABX5iA-gAC&gdpr=0&gdpr_consent=&_test=YLOlKgABX5iA-gAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame CD70 70 B
264 B 41ms
32ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YLOlKBDZ4lge5057QsfaJQAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sunstar.com.ph/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame CD70
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&dcc=t

43 B
433 B

102ms
102ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sunstar.com.ph/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:46:02 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:46:02 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame CD70
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLOlKBDZ4lge5057QsfaJQAA
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YLOlKBDZ4lge5057QsfaJQAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEwSk4oQOTsooL-osp6riAY&google_cver=1&gdpr=1

43 B
1014 B

14ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEwSk4oQOTsooL-osp6riAY&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sunstar.com.ph/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:46:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 May 2021 14:46:03 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEwSk4oQOTsooL-osp6riAY&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame CD70
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1

43 B
315 B

20ms
19ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sunstar.com.ph/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:46:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sun, 30 May 2021 14:46:02 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame CD70
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=HaSHh7FP1LNmHw5&gdpr=1

43 B
1 KB

1054ms
18ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=HaSHh7FP1LNmHw5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sunstar.com.ph/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:46:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 May 2021 14:46:03 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:46:02 GMT
Server: PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-077182e85f3323570@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=HaSHh7FP1LNmHw5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 YLOlKBDZ4lge5057QsfaJQAABH4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CD70 43 B
552 B 38ms
31ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YLOlKBDZ4lge5057QsfaJQAABH4AAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sunstar.com.ph/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame CD70
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1622472362&gdpr=1

43 B
315 B

277ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1622472362&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sunstar.com.ph/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:46:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sun, 30 May 2021 14:46:02 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1622472362&gdpr=1
pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame CD70 0
330 B 27ms
21ms Image
text/plain 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sunstar.com.ph/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame CD70 43 B
425 B 14ms
8ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YLOlKBDZ4lge5057QsfaJQAA%261150
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sunstar.com.ph/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 30 May 2021 14:46:02 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1228
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 30 May 2021 15:06:30 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 23ms
23ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunstar.com.ph

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 24ms
22ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunstar.com.ph

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 50ms
49ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

7d7bbb7846d1e8e40356566ac70beb0125ddcbaf992ef4fda6e3d53cc3e10923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10882
x-xss-protection: 0
google-lineitem-id: 5659529193
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347018477
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 49ms
14ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 7 KB
4 KB 411ms
410ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

5ab76d970f7a9b17ae11ea4dbf0e0532e0c6ff02d50a2ac5d65ea83cbb6a55f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3911
x-xss-protection: 0
google-lineitem-id: 5164664816
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138286671658
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 292ms
291ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1128707435100374&correlator=3798610481982546&output=ldjh&impl=fifs&eid=31061160%2C31061004%2C31061199&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210530&iu_parts=21622890900%2CPH_sunstar.com.ph_pc_article_top2_970x90%2C728x90%2CPH_sunstar.com.ph_pc_article_right2_sticky_300x250%2C300x600%2C120x600%2C160x600%2C336x280%2CPH_sunstar.com.ph_res_article_below1_300x250%2CPH_sunstar.com.ph_res_article_mid1_728x90%2C640x360%2C300x250%2C320x50%2C320x100&enc_prev_ius=%2F0%2F1%2F%2F2%2C%2F0%2F3%2F%2F4%2F%2F5%2F%2F6%2F%2F7%2C%2F0%2F8%2F%2F7%2C%2F0%2F9%2F%2F10%2F%2F11%2F%2F7%2F%2F12%2F%2F13&prev_iu_szs=970x90%7C728x90%2C160x600%7C120x600%2C336x280%7C300x250%2C640x360%7C728x90&eri=1&cust_params=url%3D%252Farticle%252F1877981%252FBacolod%252FLocal-News%252F2-trucks-collide-catch-fire-4-dead%26ref%3Dnull&cookie=ID%3D2696593e40a9b39c-22735e054ec800ea%3AT%3D1622385958%3ART%3D1622385958%3AS%3DALNI_MaxIESEqBn0Y6xgZyBuhKvvR5E54Q&bc=31&abxe=1&lmt=1622385962&dt=1622385962436&dlt=1622385958316&idt=265&frm=20&biw=1600&bih=1200&oid=3&adxs=215%2C1093%2C215%2C245&adys=204%2C579%2C1852%2C1472&adks=3574223832%2C325510651%2C2325226627%2C3033280548&ucis=3%7C4%7C5%7C6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x0%7C292x0%7C877x0%7C802x0&msz=970x90%7C160x600%7C336x280%7C640x360&ga_vid=308863201.1622385959&ga_sid=1622385959&ga_hid=206844708&ga_fc=false&fws=132%2C132%2C132%2C132&ohw=1600%2C1600%2C1600%2C1600&btvi=0%7C0%7C1%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a00da1bf6244986b3c85e83b54e290a6db98f9efe9d4cc249ba811970e450317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 213202,213202,211995,213202
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11518
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: 327881
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sunstar.com.ph
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D41C 0
0 43ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssisx_1HpsRBhMpw4ZhOiwefyVh27l0wpyqJvHpvItlvX7t-RSGTYRy4CNfgH3-eYTeD7jsdFq-CHoacS8kNMhZJPtnhaQKVeAuD57Ej4yndyoJL23-YCart9DCU0vCM1yXfeGYUUnuyJteYoJM8HXfHLFinKD-tcqhfG-Si-VyPMMdajHFdwDmuCVp7S0BuaErYq5V7D3jlMNvnil--FMeFgNeGawQq5YWsvzTC9ffENHPZJ4iEwBmYte1SFInGy2RIwPhNdLCLNl1Rk1Y_Xwmtrr-1PIfXEbkUDtsvgVwb8qypLc9HaV23ocyCQ&sig=Cg0ArKJSzBqhPKWcFV92EAE&adurl=

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 May 2021 14:46:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame D41C 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:44:58 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame D41C 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:38:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D41C 121 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sun, 30 May 2021 14:46:02 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame D41C 0
0 14ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSthcwP-obory5a65CER4d5-a3p4UA5XkJqv2PMITOVgu3dOlLcRoVt02IW0RAj58TKyZZoGh2CT-fGitj-ZTos0o7tiQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 6561087489088659950
tpc.googlesyndication.com/simgad/ Frame D41C 107 KB
107 KB 7ms
7ms Image
image/gif 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6561087489088659950

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9613d159c5d76254cc9227e9e3543bf159655971dfe69391d910a6b211f6ea7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 06:42:09 GMT
x-content-type-options: nosniff
age: 547433
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109531
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 10:51:06 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 May 2022 06:42:09 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D41C 0
0 67ms
53ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutkQL5y3gW-0-lKI2GeCbqrpVfXTeSWiOMX6VbbSE-Z7guBxNmafVHst_BXuYvQVOR73v-NopC1a0xh1CBFZMnl0uyqM__CLIES1wZrMgmRKsIFVHSbt_g88AEDnvhwx-6eC3MOy0Dn9gvDSlUzIBKdZDMVYt8q6KTJkobjo0mpwQfG4p9yH0v1Q6wMNE4NiZxmU7ZOtNLFBW3T-TAZh1jhgWeVbuCny6Y5vTnpECjuISXy4mBcpOYQbui3nS6sSBEmb1yr3oCdcElamwwbYJrki0bndcVoNN1Mk45M4YTK7SIrC30o1DPoXePcAwN&sig=Cg0ArKJSzHIRiIx5H_G3EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 May 2021 14:46:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 30 May 2021 14:46:02 GMT

GET
DATA 200
OK truncated
/ Frame D41C 222 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eb0080f95c6264346c5a82662600603e2f71bdbdde17992c13369f1086fb9d1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 batch Show response
services.insurads.com/dfp/mapping/ Frame 172B 921 B
563 B 114ms
114ms Script
application/javascript 54.208.64.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/dfp/mapping/batch?appId=1709&requests=[{%22eaup%22:%22/1012712/Article_Page_leaderboard%22,%22eolid%22:5659529193,%22advid%22:5006601978,%22w%22:728,%22h%22:90,%22eId%22:%22Article_Page_leaderboard_0%22}]&h=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/tg-1.4.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.64.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-64-234.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f7160026cc3c715123d9b3026932784a78474ef6675fdaa44e6d8f6ced32befe

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
content-type: application/javascript

GET
H3-29 200 container.html Show response
c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 82EC 6 KB
3 KB 22ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 30 May 2021 14:46:02 GMT
expires: Mon, 30 May 2022 14:46:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2BEE 6 KB
3 KB 17ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 30 May 2021 14:46:02 GMT
expires: Mon, 30 May 2022 14:46:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 801E 6 KB
3 KB 14ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 30 May 2021 14:46:02 GMT
expires: Mon, 30 May 2022 14:46:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 949F 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 30 May 2021 14:46:02 GMT
expires: Mon, 30 May 2022 14:46:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2BEE 0
0 42ms
42ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cjd3WKqWzYIvwHdmtgAehzYmgDJ6hoa5cofno_p8DwI23ARABIABglfrwgYwHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBIQDT9BzP2r1ALISW1odeRqqcI8aiWB0jvUpDzbJbxgm8tYQ4pXvagP_yqWnHhHan9HcCSreADyGIDqreViK52uxpfc1HrnwqqOBaHl5odMbeI5JJqzW_RG6OfUWH98izOv9gRdQZC9fHCY4MM8THzewaJJVYNKuEbSg-q4alqnKbc73vc0azmg3fFGfLH0LO3puYlo-20ZcLwjTIYjTgAu9hVb6mJaxYGP1RwxRA9vqyp5E3iAZQqXnV0_MLb0f130MdAeUnPjz81t6xRPe_wiT7QZG6cNPZGUgUY6AT1IsQR-3FIBBopdW8go-gNoAU02EdRnZCbGzEDMAmYOLztyvzr9cdoQWu_odkJJndNNAeFKXbKvT25Fkm1MwH2brceMv7ehKY6rhoovHQJPK2BfJQOJay-tnCvUhj6j2vLehvz2EauaGzdzuatHHeSA5HPdVZEdoqFbpgH47Fw8ygEvZIRRSXW2F3mz3IBFbcXWZnnTl7dD5B6hBYy9o8IP9d9giS_M08OAEAYAGos6Zl-Hi_eZToAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTI4ODE2NDg4OTQzOTU2MjSACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MQ&sigh=G3k_VL15758
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK ifnotify Show response
a691.casalemedia.com/ Frame A2DE 39 B
286 B 296ms
17ms Document
text/html 85.91.47.62
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://a691.casalemedia.com/ifnotify?consent=1&c=1407AF0&r=B39BCF19&t=60B3A52A&u=X09DYUM4U1gtUE8tSnMxejhwQmF2d3ND&m=ac7a561ff8c697175691c0d23e28c3b7&wp=7&aid=ba24019c-3ea3-342c-c0ff-230fca8f830d&tid=14FC5&s=535D6&cp=0.07&n=www.sunstar.com.ph&pr=xx&epr=YLOlKgAIVvsK4DcIWQGYLQ
Requested by: Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.91.47.62 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e

Request headers

Host: a691.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YLOlKBDZ4lge5057QsfaJQAA; CMPS=3213; CMPRO=1150; CMST=YLOlKGCzpSoA; CMRUM3=2f60b3a52a05a0&2d60b3a52a05a0&e660b3a52a2760&2760b3a52a0b40&4960b3a52a05a0&4160b3a52a05a0&f160b3a52a05a0&6f60b3a52a05a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/

Response headers

Date: Sun, 30 May 2021 14:46:03 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache
Expires: 0
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 200 script.js Show response
d2q8xv8xf7whrd.cloudfront.net/ Frame 2BEE 113 KB
38 KB 41ms
9ms Script
application/javascript 2600:9000:2182:4c00:3:bc0d:3a40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Requested by: Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:4c00:3:bc0d:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68e6da0247ed7e7b4592fac9886d2ae471995a18d5f70c918f75d27b2983fc6e

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:40:17 GMT
content-encoding: gzip
last-modified: Sat, 29 May 2021 00:48:15 GMT
server: AmazonS3
age: 346
etag: W/"6f0ffa5fdbaafa9b8345e0bd3bab2327"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: ZY73kSy2_NGDM_4nxRn_W37ySXbuCD1w8Qs0fXrhOGaKsCROxjP7wg==

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 2BEE 1 KB
1 KB 67ms
20ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=46204019;rtbwp=YLOlKgAAAAB8fuqEJZW-oh8yy9UOOCh2ddJ3IA;rtbdata=tWV6gTg5WA7_JqMV7sweGD9obhry_6UaXY0E0LH_Uab75vMP5_f2f8xQth8qRjev_5PZVyVoPxZw3l-Xic5Jud2VcAH4pBRL1r662lypqjPAR20T2dXrIf1Kb1NkHZltqEswNyhxoNHRT8t-Lq8CyZERwPDzdTmJWYlkCkP6RVXun_hXNKN6G3Gdm-a9-qWpE1rBcXhhV1TGa6c16yCjmJvoqKERH4u71Yh3UdglQVhlJQEWbongmoxY1nrFnkGPxmb0ctcZo2J5OpygTe6no7ZY2o9sP9iJHEa9Ul8VvccO3MicAfr1b6EuVBWCp8k1ZPSVCRcBPzE1

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

64b4ca6d089859f4d6a964b42a6dbbf6bafe6bad695b2e2f742e4ab476fea057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 948
expires: -1

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 2BEE 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:38:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2BEE 121 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sun, 30 May 2021 14:46:02 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 2BEE 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:44:02 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 2BEE 0
0 15ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRI0IpKsELsXGrQxav8uWoB4pKoQhXKaIJY4yT5W9hje_OY9-PS02buqTMM562Epn7dL7ra2qtnzyXgL1a0zE8edNXKQ
Requested by: Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2BEE 22 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 16:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79746
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 May 2022 16:36:56 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 949F 0
0 23ms
22ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9MciKqWzYI3wHdmtgAehzYmgDJ6hoa5cofno_p8DwI23ARABIABglfrwgYwHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBIkDT9CgU408DvQqHTn-63KP_L5o_FqZllyThAxp3W5hcc6zH_FCOwb4GJOOecUT9p8TuEEiC2Se_EKrnutKGQ46z9F3TexTB9ITLgQAzuDDaxkF62X138bh2lciYzV41hdOix7U6I62OqL9MSX67YG4tc6xM3cGRm2PPPDqGjrFZ99twIL0brECE603PhQHQjmibT7_dphuGslfDdnbGlgVrlTTDnTrwfPhuGsQYmzh6g8BF6GLrXxPiH2kMASrMTvNNZjKaveRXbZ5MH3uyxfRCxwDwfU-QGL_WsYZhh__H33srPGpjTImsTv8TX7UgOXOYsC_HBT0BcvuHWdu6DVn9n3cs-gpS6pOEqEVEaVDoSqFdjHfU7v1INw4B0QGSyn7EhfkOU1qKfDnUsLihBW2biJNhQ108U6cphrdoo4g_brTWRMz1cixGCMlZ0nxolp2j6S4B95KCUO_6CVdFaTR7vGOpUtAcfIntzFvaeI2d4tVmyMZQnhCh5edNQBlrkkMPKPN5TQyYmPj4AQBgAbf0oPfqr6C2uwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTI4ODE2NDg4OTQzOTU2MjSACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MQ&sigh=3_MYRBjQyyE
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK ifnotify Show response
a330.casalemedia.com/ Frame E13B 39 B
286 B 3103ms
17ms Document
text/html 185.80.37.242
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://a330.casalemedia.com/ifnotify?consent=1&c=1407AC2&r=DE47C52B&t=60B3A52A&u=X09DYUM4U1gtUE8tSnMxejhwQmF2d3ND&m=dc3292f7b50177cc8079c0d9f23cdc93&wp=5&aid=cf7140d5-6bc8-3abc-3834-88cc58df59fe&tid=14FC5&s=535D6&cp=0.05&n=www.sunstar.com.ph&pr=xx&epr=YLOlKgAIbgIKe6rRYA2W0A
Requested by: Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.37.242 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e

Request headers

Host: a330.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YLOlKBDZ4lge5057QsfaJQAA; CMPS=3213; CMPRO=1150; CMST=YLOlKGCzpSoA; CMRUM3=2f60b3a52a05a0&2d60b3a52a05a0&e660b3a52a2760&2760b3a52a0b40&4960b3a52a05a0&4160b3a52a05a0&f160b3a52a05a0&6f60b3a52a05a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/

Response headers

Date: Sun, 30 May 2021 14:46:05 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache
Expires: 0
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 200 script.js Show response
d2849lw36e7cot.cloudfront.net/ Frame 949F 113 KB
38 KB 40ms
9ms Script
application/javascript 2600:9000:2182:8200:19:ba84:7f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2849lw36e7cot.cloudfront.net/script.js
Requested by: Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:8200:19:ba84:7f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68e6da0247ed7e7b4592fac9886d2ae471995a18d5f70c918f75d27b2983fc6e

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:39:24 GMT
content-encoding: gzip
last-modified: Sat, 29 May 2021 00:48:15 GMT
server: AmazonS3
age: 399
etag: W/"6f0ffa5fdbaafa9b8345e0bd3bab2327"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: U-XZ6hvMhqKt-8Onc61TFwqyKjV4oHCZrbJXB5U0-XEeh1Tonj0wSw==

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 949F 1 KB
1 KB 64ms
21ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=46204026;rtbwp=YLOlKgAAAABi1BmN71Ik8PUfXv8ZP8pXnWqWtA;rtbdata=DSSzFeZbOCPiQ3Ipi6hOJrayubekYnQPbiIAI0dssp6GegfC0d8wCZn-4zQy6hgL_5PZVyVoPxZw3l-Xic5Jud2VcAH4pBRL1r662lypqjPAR20T2dXrIf1Kb1NkHZltqEswNyhxoNHRT8t-Lq8CyZERwPDzdTmJWYlkCkP6RVXun_hXNKN6G3Gdm-a9-qWpE1rBcXhhV1SitbQ57Noqk6wntI6Wdobd1Yh3UdglQVjKuAVx5_TIy10jUKMvuKTsrO-x9Q0bhBMpifyFOpkPMg2El5VOSSJ_CeqVdYrwH2gMqHinVmuPrii2WzliTu304UFuhV40q881

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b07a77a75961dc1ebd449578fc16b083b8314d8635b9490b2db1d0473474181e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 946
expires: -1

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 949F 2 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:38:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 949F 121 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sun, 30 May 2021 14:46:02 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 949F 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:44:02 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 949F 0
0 16ms
15ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5VPJJBnVsPHR0lrb0p3AK80Xc9CO-qnPiSq1gYO8XIbHKPf4dKQQ-dkqwe6as9YCCGGP3-r3g6nVJqD-d7S4ZBsHA_A
Requested by: Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 949F 22 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 16:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79746
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 May 2022 16:36:56 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 82EC 0
0 68ms
68ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6URRKqWzYIrwHdmtgAehzYmgDJ6hoa5cofno_p8DwI23ARABIABglfrwgYwHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBN0CT9Bp3SJD5ozpNpJrK_9VzKEw_UrufeQyqYE07sms0YdKG2Nji_qWyPh40ynQOOw5HBEAuTOGIQRpkaJhs5Ls_g0bW7HJvfJ8I_fqdIrJz7i7LhHj1Xy2S8xCldekCcR_E_dh7bRUxv4YafjS3NWQLK6jhCjrS7ValTJ6yGqGqlBwH5nFdEzPeTwXhAU495Q6-qorBIzPEyd5zvF4swcIi8VR0ZpuGnyu4TEUQK3eOKcpym3SjWWbu8z4Bn2W445g030ggwvvMyoYiVaUdgP2tWQeOmzgdHpD6WxCdcAkANx-1ZUbh_se-LW_s-9rW1zhQCog_nUvk_R4cRMZOWEkPdwzHpvdXDeEl3YxO_I8KJysJ_kvg0tqt-q52ZdRwQe1blwDukZOhUaHYj1u94nKU9WE89g3rQxMFmONT24vUx-vRpZSAEGZqtGKGSjrwm1khoOYD1X0ntl96rjfkOAEAYAGt-7q-feHrI9VoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTI4ODE2NDg4OTQzOTU2MjSACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MQ&sigh=Sv-0djQmMlg
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK ifnotify Show response
a5125.casalemedia.com/ Frame 854F 39 B
286 B 1061ms
10ms Document
text/html 85.91.45.39
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://a5125.casalemedia.com/ifnotify?consent=1&c=179AB13&r=CA1FC3E0&t=60B3A52A&u=X09DYUM4U1gtUE8tSnMxejhwQmF2d3ND&m=fd5f8bb2033261dff33cbf9e4273f268&wp=7&aid=fb9b0fdc-db3d-301a-25d1-1a478d9737b0&tid=14FC5&s=535D6&cp=0.07&n=www.sunstar.com.ph&pr=xx&epr=YLOlKgAIUJAIEdTIQAHAKw
Requested by: Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.91.45.39 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e

Request headers

Host: a5125.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YLOlKBDZ4lge5057QsfaJQAA; CMPS=3213; CMPRO=1150; CMST=YLOlKGCzpSoA; CMRUM3=2f60b3a52a05a0&2d60b3a52a05a0&e660b3a52a2760&2760b3a52a0b40&4960b3a52a05a0&4160b3a52a05a0&f160b3a52a05a0&6f60b3a52a05a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/

Response headers

Date: Sun, 30 May 2021 14:46:03 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache
Expires: 0
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 82EC 1 KB
1 KB 61ms
21ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=46204024;rtbwp=YLOlKgAAAAD0IbEFoRGtd7gfkw8HkciDiGXVuA;rtbdata=WH0HVrhA8QDzRgTA3xn5ZE_n4f7VwAg4l8dQi3b2_RIPpYo53_iDj-IME3BGXP7y_5PZVyVoPxZw3l-Xic5Jud2VcAH4pBRL1r662lypqjPAR20T2dXrIf1Kb1NkHZltqEswNyhxoNHRT8t-Lq8CyZERwPDzdTmJWYlkCkP6RVXun_hXNKN6G3Gdm-a9-qWpE1rBcXhhV1SoQfiEbiwYHElTJiMX4qh31Yh3UdglQVggH6BVgeGWWJRlz667j-8WGGurJg66wE15OpygTe6no7ZY2o9sP9iJHEa9Ul8VvccO3MicAfr1byeheoegvN1zZPSVCRcBPzE1

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b852cce5e51aa084251a37c8b363e5635410ab148c988762b58b7098f0ef9c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 948
expires: -1

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 82EC 2 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:38:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82EC 121 KB
37 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sun, 30 May 2021 14:46:02 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 82EC 13 KB
6 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:44:02 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 82EC 0
0 26ms
13ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZm7eNUjMHnlQRTdTIMc6YL8iuHd9RUNcckdWKSzbC32l6SwZiD565Ce95MdcZaPiydixmk9Oy-67x9OHP26_JdSHzZg
Requested by: Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 82EC 22 KB
7 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 16:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79746
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 May 2022 16:36:56 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 801E 0
0 22ms
17ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CpyT3KqWzYIzwHdmtgAehzYmgDO6StZNcv6KFx-QFwI23ARABIABglfrwgYwHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBOkCT9Bz16DPG1DwplzeB1TCJZsOMb5GZX8_yn9G0Qxvt5S8l_vz_yEONFVK_rztFvT8KkFIz20my4y34kfMSA06zZ02FEAMxdx7B_x_zadQOq3aT5IvEiRbq_Nrl0WcCSopYam4dhOBDWs0eozmYGfDb1KNiu-oDAozJKf5obP_Rql630yV5EqPbqXZDiuMMvP1MUte4yc5tHn2iZ_DAPie503Z5xlAqGRSRkdAu-FDpPW9EM9ptLNfImEw8KZAW4KszkfH9wy6WIdW6IOrdHfrMGjqqWh0aGLa-6QpBpAqEFCftYGQdqp7sKxKK90enBiIru-IfPU9ehtRNfyQgFg8C9HMhYKxYnbXwSFMgG3zUs4SE-aSPu-OyiHcUqro602wsqcgYMwvyjIkCvaonynIHuLnyz6ZMekCR8NfpHffgB2ItS_mZOc2k01Xz4MXHr3MYoLt2hDsflRjsbeHE1Buw5tkY2pLI6a94uAEAYAGjJnu9oPjtL1XoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTI4ODE2NDg4OTQzOTU2MjSACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MQ&sigh=sVvSWyoJU04
Requested by: Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 801E 8 KB
3 KB 1061ms
10ms Script
application/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Requested by: Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-49.fra50.r.cloudfront.net
Software: /
Resource Hash: 9a3c9ae060403a0720085252fb36dc10c803044db10aa4573dedcd56113c76f4

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:37:35 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
age: 509
etag: "05a648ed160edfc4b6bcf4569d246b28"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
content-encoding: gzip
content-length: 2573
x-amz-cf-id: JEvshIk2kYyX4eAJAru1uuP3AZem0Oz_I5yMCi3CrWYdf3frQ1V80g==

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 801E 2 KB
1 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:38:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 801E 121 KB
37 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sun, 30 May 2021 14:46:02 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 801E 13 KB
6 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 14:44:02 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 801E 22 KB
7 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 16:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79746
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 May 2022 16:36:56 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 801E 37 B
184 B 1054ms
7ms Image
image/gif 18.195.54.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=YLOlKgAHeAwK4BbZAAJmoQvg8XLUXmwNfsvsGQ&ts=1622385962&aid=124223675504226899100&ec=2409_15064_70_46204031&n=GgDyAqUBCAASFTEyNDIyMzY3NTUwNDIyNjg5OTEwMBgAIAEo6RIw2HVAAUgAUABgCmgAcOWSEJABAJgBAKgBALABOrgBCcABMMgBOuABE%2FABAPgBOoACMIgCE5ECAAAAAAAA8D%2BZAsP1KFyPwsU%2FoQIAAAAAAADwP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4AvAkgAOsAogD%2BgGQAwCYAwCgAwC4A5cCwAMA%2BAIFiAMAkgMEZDNkMw%3D%3D
Requested by: Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.54.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA23 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuquZ-ZThKfBGBI2Wha-udUOS7rXQiH5YN0kNqMPW5-QmsBLX0eOuahaBwASSKOpgb7c50jLLOgq0qbWBCawv1dP3kCFexigKBn1w_HmdrvglaU8_hw3jYHE0rzq28_bUbeqbmUvRkui7MPDzt5UBdsiR1lFd6R1E5jHNFWLQoM7VXCzax60ko-ao6vXd8djPnlETFL9npa4jgMiVGedFm-atUVy1Ez8Y5ZrumOqArBPIszlJmgNrjFIV33ut0PLnWNmmaxEHo7hg9bST8w4JNuvxudtLgDSlc3TDeR0xWBhYanTA&sig=Cg0ArKJSzD_bhlj0u4QyEAE&urlfix=1&adurl=

Requested by

Host: www.sunstar.com.ph
URL: https://www.sunstar.com.ph/article/1877981/Bacolod/Local-News/2-trucks-collide-catch-fire-4-dead

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 May 2021 14:46:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BA23 134 KB
47 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48356
x-xss-protection: 0
server: cafe
etag: 3890051329819667200
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 30 May 2021 14:46:02 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA23 121 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Sun, 30 May 2021 14:46:02 GMT

POST
H2 200 1a Show response
i.clean.gg/ Frame 2BEE 0
104 B 93ms
92ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 109ms
92ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Sun, 30 May 2021 14:46:02 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 200 1a Show response
i.clean.gg/ Frame 949F 0
44 B 94ms
94ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d2849lw36e7cot.cloudfront.net
URL: https://d2849lw36e7cot.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 94ms
92ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Sun, 30 May 2021 14:46:02 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 82EC 35 KB
17 KB 314ms
20ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=46204024;rtbwp=YLOlKgAAAAD0IbEFoRGtd7gfkw8HkciDiGXVuA;rtbdata=WH0HVrhA8QDzRgTA3xn5ZE_n4f7VwAg4l8dQi3b2_RIPpYo53_iDj-IME3BGXP7y_5PZVyVoPxZw3l-Xic5Jud2VcAH4pBRL1r662lypqjPAR20T2dXrIf1Kb1NkHZltqEswNyhxoNHRT8t-Lq8CyZERwPDzdTmJWYlkCkP6RVXun_hXNKN6G3Gdm-a9-qWpE1rBcXhhV1SoQfiEbiwYHElTJiMX4qh31Yh3UdglQVggH6BVgeGWWJRlz667j-8WGGurJg66wE15OpygTe6no7ZY2o9sP9iJHEa9Ul8VvccO3MicAfr1byeheoegvN1zZPSVCRcBPzE1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f6248573434a6b4f50dbfe3166d5892c7e62ee1296a2328d50006fe88510cecf

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 13:03:07 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 31 May 2021 18:27:52 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 2BEE 35 KB
17 KB 327ms
38ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f6248573434a6b4f50dbfe3166d5892c7e62ee1296a2328d50006fe88510cecf

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 13:03:07 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 31 May 2021 18:27:52 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 949F 35 KB
17 KB 328ms
44ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: d2849lw36e7cot.cloudfront.net
URL: https://d2849lw36e7cot.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f6248573434a6b4f50dbfe3166d5892c7e62ee1296a2328d50006fe88510cecf

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 13:03:07 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 31 May 2021 18:27:52 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ Frame BA23 232 KB
86 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9392826248043988&plah=www.sunstar.com.ph&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87658
x-xss-protection: 0
server: cafe
etag: 5316214545020586774
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 30 May 2021 14:46:02 GMT

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame BA23 204 B
216 B 29ms
15ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.sunstar.com.ph&callback=_gfp_s_&client=ca-pub-9392826248043988&cookie=ID%3D2696593e40a9b39c%3AT%3D1622385958%3AS%3DALNI_MYmW1gfPA0nBXGDp1t0HeuufDZxVg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

7bc3f8311f16969884903aa9dc21501a6c9bab645d437ecac663ad390ef8cc83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame BA23 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunstar.com.ph

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 May 2021 14:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame BA23 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunstar.com.ph

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 May 2021 14:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DA3F 603 B
66 B 38ms
37ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9392826248043988&output=html&h=280&slotname=8616199616&adk=654258349&adf=776189484&pi=t.ma~as.8616199616&w=336&psa=0&format=336x280&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385962957&bpp=4&bdt=89&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3D2696593e40a9b39c%3AT%3D1622385958%3AS%3DALNI_MYmW1gfPA0nBXGDp1t0HeuufDZxVg&correlator=7462738919940&frm=23&ife=4&pv=2&ga_vid=308863201.1622385959&ga_sid=1622385963&ga_hid=56005&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=1936922221&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3567983320722131&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=1&uci=1.s46kja6kbppf&fsb=1&dtd=62

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9392826248043988&output=html&h=280&slotname=8616199616&adk=654258349&adf=776189484&pi=t.ma~as.8616199616&w=336&psa=0&format=336x280&url=https%3A%2F%2Fwww.sunstar.com.ph%2Farticle%2F1877981%2FBacolod%2FLocal-News%2F2-trucks-collide-catch-fire-4-dead&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622385962957&bpp=4&bdt=89&idt=48&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3D2696593e40a9b39c%3AT%3D1622385958%3AS%3DALNI_MYmW1gfPA0nBXGDp1t0HeuufDZxVg&correlator=7462738919940&frm=23&ife=4&pv=2&ga_vid=308863201.1622385959&ga_sid=1622385963&ga_hid=56005&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=1936922221&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3567983320722131&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=1&uci=1.s46kja6kbppf&fsb=1&dtd=62
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnVzRhoUeWsg2cacFsUCWsXl-2MfKZ-srMkDwY7jCyYtSMFVwmxD8IK111TLXA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 30 May 2021 14:46:03 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA23 73 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028727180027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Sun, 30 May 2021 14:46:03 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA23 0
0 63ms
43ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuu2A9kbrpjfrLjKzX_1OrrshmSaF13wivgQfolEdc5LQDJKnjKK5hJoy7OcYW_WlNfTzD9XI7GWDNfXXtkCowu_HAkakZV0CxaRsHa-y21jhCXWBu22qio9VTyeYxPgBKqcUF9w-kE3veaZqQlRkDJAg3haX8FdiM7np88B5tmL77F0Zoo8OsYMjVWCwD_X979DAnFNUwiOnCHomTAXPw4AY0I3mfwGFuGFO_FrsH9TgGkxTwIdZR6-AIUuKshUN3iU_j2hhJX1Uvma_-SjqEbvMxx_eBhdOvmY9XcnGHb9w4xYwa_&sig=Cg0ArKJSzLBcag5PYUpwEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 May 2021 14:46:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 30 May 2021 14:46:03 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BA23 11 KB
8 KB 19ms
18ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

299bac079c4a282b027a72b2fd983fdca00f4cfd12a312b8353b02dd4411383b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 May 2021 14:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8230
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BA23 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 30 May 2021 14:46:03 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 6E7F 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 30 May 2021 14:41:48 GMT
expires: Mon, 30 May 2022 14:41:48 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 255
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F61A 783 B
778 B 16ms
14ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

05dd140f66560572fa02b859d9980b90e3ca3a4696fa0827bbeaa8f39af8a81d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MJLn6uq9UbfqsSd10i1aOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sunstar.com.ph/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sunstar.com.ph/

Response headers

expires: Sun, 30 May 2021 14:46:03 GMT
date: Sun, 30 May 2021 14:46:03 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-MJLn6uq9UbfqsSd10i1aOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E7F 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 1344
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5771
x-xss-protection: 0
expires: Mon, 30 May 2022 14:23:39 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BA23 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=3567983320722131&bg=!paalpuLNAAaMan2LjGo7ACkAdvg8WjXoqif8ESFEtZr869F3i8tvlg085dGtLeocSizLV-9PHlF4tgIAAABbUgAAAA5oAQeZAnw-9-cmJ1CGS4a-9EQCvyRJZ8vkGrG_Khlz7s8jg3gbPEh-h73mVbGSyGXWA63UUKVnVRDopHQndILFLaSXqOHg9RXM5eSkD_XQpIxW-gaJIwj9zwLp64QEF1gjiQIlR4_8Jw0j_6gsc4l9NdhAYEcsmG6XAqbSnCOFC26O5mP53nqOoCO5vBDNkFlgLJ-B5NsGkF_avvBsPvBcDnk-SQrJzYRv62IiBXqNkEC_d-IBlxAtQ1odKclfBRDApZ0Zjnompmp4OGUB6QDu19xOzRJdA7cid0qb5viGylzJWOAzdYONFdXMp-b6S7Pphbh6OveAkDbZ_vEEmniZtKpDw4JdjtoO5ivfY0vhHCRo-la2xH2H3khUG1FNvtWvCvgPyW_PPxQi_QsUiFF9KHq7xOA0UCEc53gLS9NeeYp_XxW1UNiUGP805iT_uZGvIgXYfDTveoLn3zgzRzGf95YwIPkjROZb4rcVs-zl5T-p3L1as_4zSWEPe1WzLLV-LlKLDnKyvrqfW3WfY31jRubcRZjw_O8Vnizuy60NIPEq9cL3boaXamfvaA3PRpajcO3z2aBj-9mV_kHpidtBP8OVUcnYM_Yj5--2pf4XlLkzxJ4BnQkVuCNY89l5HxVOuG2Xn0nv9NxescEuFblOtwRXnbrBPTxM44lnJzhZhysrtcDazS-KgddkBX6aQNhyo2ZB4nrpx0aaqyraucprD3ADNODeOyPPve3MBG6x0O0IE8Ft2mna9kMshQyqOaSKz0NfG7d6Nd-SdXAxPNmh4B-WEOBrEjIh4EtUEe8YdwwHpfZDlL9K_5kqg6UKefZCeSv_S3Td8kJme-TRc5MBpwo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 82EC 5 KB
2 KB 21ms
21ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=46204024;rtbwp=YLOlKgAAAAD0IbEFoRGtd7gfkw8HkciDiGXVuA;rtbdata=WH0HVrhA8QDzRgTA3xn5ZE_n4f7VwAg4l8dQi3b2_RIPpYo53_iDj-IME3BGXP7y_5PZVyVoPxZw3l-Xic5Jud2VcAH4pBRL1r662lypqjPAR20T2dXrIf1Kb1NkHZltqEswNyhxoNHRT8t-Lq8CyZERwPDzdTmJWYlkCkP6RVXun_hXNKN6G3Gdm-a9-qWpE1rBcXhhV1SoQfiEbiwYHElTJiMX4qh31Yh3UdglQVggH6BVgeGWWJRlz667j-8WGGurJg66wE15OpygTe6no7ZY2o9sP9iJHEa9Ul8VvccO3MicAfr1byeheoegvN1zZPSVCRcBPzE1;js=1;adfxid=1x;6767;set=en-US|en-US|1600X1200|0|950|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.sunstar.com.ph

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ef3493bd6dba30d282b354d7f52121d58f78caef177b49287dafb4d5f3a7f147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2219
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 2BEE 5 KB
2 KB 21ms
21ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=46204019;rtbwp=YLOlKgAAAAB8fuqEJZW-oh8yy9UOOCh2ddJ3IA;rtbdata=tWV6gTg5WA7_JqMV7sweGD9obhry_6UaXY0E0LH_Uab75vMP5_f2f8xQth8qRjev_5PZVyVoPxZw3l-Xic5Jud2VcAH4pBRL1r662lypqjPAR20T2dXrIf1Kb1NkHZltqEswNyhxoNHRT8t-Lq8CyZERwPDzdTmJWYlkCkP6RVXun_hXNKN6G3Gdm-a9-qWpE1rBcXhhV1TGa6c16yCjmJvoqKERH4u71Yh3UdglQVhlJQEWbongmoxY1nrFnkGPxmb0ctcZo2J5OpygTe6no7ZY2o9sP9iJHEa9Ul8VvccO3MicAfr1b6EuVBWCp8k1ZPSVCRcBPzE1;js=1;adfxid=2x;7195;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.sunstar.com.ph

Requested by

Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f32bae9e83d55e7b11bbcde16f3c39c35084bf49e3af28dd0af403c443fc9348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2206
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 949F 5 KB
2 KB 22ms
21ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=46204026;rtbwp=YLOlKgAAAABi1BmN71Ik8PUfXv8ZP8pXnWqWtA;rtbdata=DSSzFeZbOCPiQ3Ipi6hOJrayubekYnQPbiIAI0dssp6GegfC0d8wCZn-4zQy6hgL_5PZVyVoPxZw3l-Xic5Jud2VcAH4pBRL1r662lypqjPAR20T2dXrIf1Kb1NkHZltqEswNyhxoNHRT8t-Lq8CyZERwPDzdTmJWYlkCkP6RVXun_hXNKN6G3Gdm-a9-qWpE1rBcXhhV1SitbQ57Noqk6wntI6Wdobd1Yh3UdglQVjKuAVx5_TIy10jUKMvuKTsrO-x9Q0bhBMpifyFOpkPMg2El5VOSSJ_CeqVdYrwH2gMqHinVmuPrii2WzliTu304UFuhV40q881;js=1;adfxid=3x;5602;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.sunstar.com.ph

Requested by

Host: d2849lw36e7cot.cloudfront.net
URL: https://d2849lw36e7cot.cloudfront.net/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

60fa0d0e29a3c63db6a2aef1429a82131bfc9a4d24536f6528f6fb573caa6bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2211
expires: -1

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EDEF 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 30 May 2021 03:14:09 GMT
expires: Mon, 31 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 41514
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 82EC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c930275e8f4e2807ba22e011d7eb1dc1e9e8bd5d5a670e41fe1065c1c4b90b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 2803
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
821 B

8ms
8ms

Script
text/html

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:46:03 GMT
X-Proxy-Origin: 152.89.163.12; 152.89.163.12; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.16:80
AN-X-Request-Uuid: dae17840-94cd-4086-8eb0-e647f676bb5e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 May 2021 14:46:03 GMT
X-Proxy-Origin: 152.89.163.12; 152.89.163.12; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.14:80
AN-X-Request-Uuid: 61027dbc-291e-4e8c-b373-9e7150ca5762
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CB94 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 30 May 2021 03:14:09 GMT
expires: Mon, 31 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 41514
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2BEE 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52227a62d79175c6ca43ee4dd2d0fb96bf4d9f1e2c5492620fc565be6b0e45d9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5F92 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 30 May 2021 03:14:09 GMT
expires: Mon, 31 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 41514
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 949F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 307be074524b862e1d3118e21c8bbaa78cdf73d34bda6be628be6fa20e5ea6ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 82EC 85 KB
36 KB 26ms
26ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9bb78f632f67780c00b07e1164aec256155ae77de114a65df8dd39f8088cd83c

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 13:03:07 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 31 May 2021 17:53:45 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 2BEE 85 KB
36 KB 25ms
25ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9bb78f632f67780c00b07e1164aec256155ae77de114a65df8dd39f8088cd83c

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 13:03:07 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 31 May 2021 17:53:45 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 949F 85 KB
36 KB 28ms
28ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: d2849lw36e7cot.cloudfront.net
URL: https://d2849lw36e7cot.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9bb78f632f67780c00b07e1164aec256155ae77de114a65df8dd39f8088cd83c

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 13:03:07 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 31 May 2021 17:53:45 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EDEF
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECGz30HcnvsFlUf3wZw-xo8&google_cver=1&google_push=AQvitUJg0xbZARl--IgDaibtMOCZwz40HsJR8GRAyh3xQ2RJoZCF43oQvoI1XZDyt3yT6MI8ey3D6VvacveKZkrJsfWCgHHW9we5
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CCD4D6690881496ABCA6BC9F9CACFC53&google_push=AQvitUJg0xbZARl--IgDaibtMOCZwz40HsJR8GRAyh3xQ2RJoZCF43oQvoI1XZDyt3yT6MI8ey3D6VvacveKZkr...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CCD4D6690881496ABCA6BC9F9CACFC53&google_push=AQvitUJg0xbZARl--IgDaibtMOCZwz40HsJR8GRAyh3xQ2RJoZCF43oQvoI1XZDyt3yT6MI8ey3D6VvacveKZkr...

170 B
188 B

16ms
15ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CCD4D6690881496ABCA6BC9F9CACFC53&google_push=AQvitUJg0xbZARl--IgDaibtMOCZwz40HsJR8GRAyh3xQ2RJoZCF43oQvoI1XZDyt3yT6MI8ey3D6VvacveKZkrJsfWCgHHW9we5&google_tc=

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CCD4D6690881496ABCA6BC9F9CACFC53&google_push=AQvitUJg0xbZARl--IgDaibtMOCZwz40HsJR8GRAyh3xQ2RJoZCF43oQvoI1XZDyt3yT6MI8ey3D6VvacveKZkrJsfWCgHHW9we5&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 430
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EDEF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMTAOGSAJwvBJqZc5pgjhGw&google_cver=1&google_push=AQvitUL4v6XYR8B9gpAYjrUw5E-d2uUQkI4kT3HUok6AQgDQuK53yPS-hlbmXOXFPFrs6V9e9oJb3xiVuqiLzo...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MTY3MzEwOA%3D%3D&google_push=AQvitUL4v6XYR8B9gpAYjrUw5E-d2uUQkI4kT3HUok6AQgDQuK53yPS-hlbmXOXFPFrs6V9e9oJb3xiVuqiLzo--Fg...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MTY3MzEwOA%3D%3D&google_push=AQvitUL4v6XYR8B9gpAYjrUw5E-d2uUQkI4kT3HUok6AQgDQuK53yPS-hlbmXOXFPFrs6V9e9oJb3xiVuqiLzo--Fg...

170 B
188 B

16ms
16ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MTY3MzEwOA%3D%3D&google_push=AQvitUL4v6XYR8B9gpAYjrUw5E-d2uUQkI4kT3HUok6AQgDQuK53yPS-hlbmXOXFPFrs6V9e9oJb3xiVuqiLzo--FgxSo7JLffRG&google_tc=

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MTY3MzEwOA%3D%3D&google_push=AQvitUL4v6XYR8B9gpAYjrUw5E-d2uUQkI4kT3HUok6AQgDQuK53yPS-hlbmXOXFPFrs6V9e9oJb3xiVuqiLzo--FgxSo7JLffRG&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 427
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EDEF
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOHwq5lEnCiYoV07p0y6-a4&google_cver=1&google_push=AQvitUJbPIIogIdYhfJrfucR8cw6gWbSl7CdPJLrwF7IL0bWgxhiO8UoeUifXFPKxS7iwUS8jX-EJRreNiESmBA3-GI7...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOHwq5lEnCiYoV07p0y6-a4&google_cver=1&google_push=AQvitUJbPIIogIdYhfJrfucR8cw6gWbSl7CdPJLrwF7IL0bWgxhiO8UoeUifXFPKxS7iwUS8jX-EJRreNiESmB...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJbPIIogIdYhfJrfucR8cw6gWbSl7CdPJLrwF7IL0bWgxhiO8UoeUifXFPKxS7iwUS8jX-EJRreNiESmBA3-GI7uolZiQAf&google_hm=hWUFrfaqSj6UO2j3jNO4Eg==

170 B
188 B

16ms
16ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJbPIIogIdYhfJrfucR8cw6gWbSl7CdPJLrwF7IL0bWgxhiO8UoeUifXFPKxS7iwUS8jX-EJRreNiESmBA3-GI7uolZiQAf&google_hm=hWUFrfaqSj6UO2j3jNO4Eg==

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJbPIIogIdYhfJrfucR8cw6gWbSl7CdPJLrwF7IL0bWgxhiO8UoeUifXFPKxS7iwUS8jX-EJRreNiESmBA3-GI7uolZiQAf&google_hm=hWUFrfaqSj6UO2j3jNO4Eg==
date: Sun, 30 May 2021 14:46:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EDEF 0
49 B 15ms
14ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KUT7JJg3se_mBiHknquiVEq_3mwrd8zUiXPcAbFn79MA

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame CB94
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECGz30HcnvsFlUf3wZw-xo8&google_cver=1&google_push=AQvitUJ8BQ9KqnXNa4vmlkik4wRKoMXaSQxln4V8VcTm9sqX_j9u3qMPuAZZAR79Xp3MnIqXPgmZIGCX9ykk4zVu0f2BkGvlqB6c
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6F505FF9BB9840A080E8E6BF267647C7&google_push=AQvitUJ8BQ9KqnXNa4vmlkik4wRKoMXaSQxln4V8VcTm9sqX_j9u3qMPuAZZAR79Xp3MnIqXPgmZIGCX9ykk4zV...

170 B
188 B

17ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6F505FF9BB9840A080E8E6BF267647C7&google_push=AQvitUJ8BQ9KqnXNa4vmlkik4wRKoMXaSQxln4V8VcTm9sqX_j9u3qMPuAZZAR79Xp3MnIqXPgmZIGCX9ykk4zVu0f2BkGvlqB6c

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 30 May 2021 14:46:03 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6F505FF9BB9840A080E8E6BF267647C7&google_push=AQvitUJ8BQ9KqnXNa4vmlkik4wRKoMXaSQxln4V8VcTm9sqX_j9u3qMPuAZZAR79Xp3MnIqXPgmZIGCX9ykk4zVu0f2BkGvlqB6c
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 29 May 2021 14:46:03 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame CB94
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMTAOGSAJwvBJqZc5pgjhGw&google_cver=1&google_push=AQvitUIzFXabEn0oh6wAdArChG9bJRbu5Mq3uGCjVMNHIIG2-Dp-s8RhRUnUl4dGAcmH-1jfjvZ6gXadEeW81l...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MTgwNDE4MA%3D%3D&google_push=AQvitUIzFXabEn0oh6wAdArChG9bJRbu5Mq3uGCjVMNHIIG2-Dp-s8RhRUnUl4dGAcmH-1jfjvZ6gXadEeW81lCErM...

170 B
188 B

16ms
16ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MTgwNDE4MA%3D%3D&google_push=AQvitUIzFXabEn0oh6wAdArChG9bJRbu5Mq3uGCjVMNHIIG2-Dp-s8RhRUnUl4dGAcmH-1jfjvZ6gXadEeW81lCErMlaut8s5dn-

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MTgwNDE4MA%3D%3D&google_push=AQvitUIzFXabEn0oh6wAdArChG9bJRbu5Mq3uGCjVMNHIIG2-Dp-s8RhRUnUl4dGAcmH-1jfjvZ6gXadEeW81lCErMlaut8s5dn-
Date: Sun, 30 May 2021 14:46:03 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame CB94
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOHwq5lEnCiYoV07p0y6-a4&google_cver=1&google_push=AQvitULTW9734y-k51xpfHsq3CG7nIkfoT_c1uKQr6RRxm93908iZBPj9IfslHR3RJGWCCuZZq0vvWZCIUTF1x7ZGK4V...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOHwq5lEnCiYoV07p0y6-a4&google_cver=1&google_push=AQvitULTW9734y-k51xpfHsq3CG7nIkfoT_c1uKQr6RRxm93908iZBPj9IfslHR3RJGWCCuZZq0vvWZCIUTF1x...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULTW9734y-k51xpfHsq3CG7nIkfoT_c1uKQr6RRxm93908iZBPj9IfslHR3RJGWCCuZZq0vvWZCIUTF1x7ZGK4VVE6Y-HTz&google_hm=YqAwOnhCQTi0wzDAAHJ9HQ==

170 B
188 B

17ms
16ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULTW9734y-k51xpfHsq3CG7nIkfoT_c1uKQr6RRxm93908iZBPj9IfslHR3RJGWCCuZZq0vvWZCIUTF1x7ZGK4VVE6Y-HTz&google_hm=YqAwOnhCQTi0wzDAAHJ9HQ==

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULTW9734y-k51xpfHsq3CG7nIkfoT_c1uKQr6RRxm93908iZBPj9IfslHR3RJGWCCuZZq0vvWZCIUTF1x7ZGK4VVE6Y-HTz&google_hm=YqAwOnhCQTi0wzDAAHJ9HQ==
date: Sun, 30 May 2021 14:46:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CB94 0
40 B 15ms
14ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXZK5RTpnF7oRUWWBngaHyTpl3DG9p049lRR9TfFcRwg

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5F92
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECGz30HcnvsFlUf3wZw-xo8&google_cver=1&google_push=AQvitUKE4DPee39LiMc4hC8ditJaAjdZVD9dBFx5Xsjh6QDk0jWa1W73RZZqAjRGI7NWxi-dalYK8U05x5oS5x_0PnfAX4wZXOQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7EB3BBA917F040CE9CA5647332357BB3&google_push=AQvitUKE4DPee39LiMc4hC8ditJaAjdZVD9dBFx5Xsjh6QDk0jWa1W73RZZqAjRGI7NWxi-dalYK8U05x5oS5x_...

170 B
188 B

16ms
16ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7EB3BBA917F040CE9CA5647332357BB3&google_push=AQvitUKE4DPee39LiMc4hC8ditJaAjdZVD9dBFx5Xsjh6QDk0jWa1W73RZZqAjRGI7NWxi-dalYK8U05x5oS5x_0PnfAX4wZXOQ

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 30 May 2021 14:46:03 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7EB3BBA917F040CE9CA5647332357BB3&google_push=AQvitUKE4DPee39LiMc4hC8ditJaAjdZVD9dBFx5Xsjh6QDk0jWa1W73RZZqAjRGI7NWxi-dalYK8U05x5oS5x_0PnfAX4wZXOQ
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 29 May 2021 14:46:03 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5F92
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMTAOGSAJwvBJqZc5pgjhGw&google_cver=1&google_push=AQvitUIETJ7zhUMy_w1gweF20IUX0luTYF_bvCo_fyxakPaqn0to5uWKG2fti3sbsAytD8llgo5ovYIbwJz2Gr...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MjA2NjMyNA%3D%3D&google_push=AQvitUIETJ7zhUMy_w1gweF20IUX0luTYF_bvCo_fyxakPaqn0to5uWKG2fti3sbsAytD8llgo5ovYIbwJz2Gr5DIu...

170 B
188 B

17ms
16ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MjA2NjMyNA%3D%3D&google_push=AQvitUIETJ7zhUMy_w1gweF20IUX0luTYF_bvCo_fyxakPaqn0to5uWKG2fti3sbsAytD8llgo5ovYIbwJz2Gr5DIu23oyZ0nBg

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MjA2NjMyNA%3D%3D&google_push=AQvitUIETJ7zhUMy_w1gweF20IUX0luTYF_bvCo_fyxakPaqn0to5uWKG2fti3sbsAytD8llgo5ovYIbwJz2Gr5DIu23oyZ0nBg
Date: Sun, 30 May 2021 14:46:03 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5F92
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOHwq5lEnCiYoV07p0y6-a4&google_cver=1&google_push=AQvitUJc5h59UrO1nqAEaBRGUQI55kKjoRjdp3PMHaKvgjo5UxeB0leNMF8GoCQVfe4giO_V7pVVnGXS7cbMx4HQVTxH...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOHwq5lEnCiYoV07p0y6-a4&google_cver=1&google_push=AQvitUJc5h59UrO1nqAEaBRGUQI55kKjoRjdp3PMHaKvgjo5UxeB0leNMF8GoCQVfe4giO_V7pVVnGXS7cbMx4...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJc5h59UrO1nqAEaBRGUQI55kKjoRjdp3PMHaKvgjo5UxeB0leNMF8GoCQVfe4giO_V7pVVnGXS7cbMx4HQVTxHx6KeYQ&google_hm=gQ87k_rMSaunAZMzmh0s9A==

170 B
188 B

18ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJc5h59UrO1nqAEaBRGUQI55kKjoRjdp3PMHaKvgjo5UxeB0leNMF8GoCQVfe4giO_V7pVVnGXS7cbMx4HQVTxHx6KeYQ&google_hm=gQ87k_rMSaunAZMzmh0s9A==

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJc5h59UrO1nqAEaBRGUQI55kKjoRjdp3PMHaKvgjo5UxeB0leNMF8GoCQVfe4giO_V7pVVnGXS7cbMx4HQVTxHx6KeYQ&google_hm=gQ87k_rMSaunAZMzmh0s9A==
date: Sun, 30 May 2021 14:46:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5F92 0
49 B 14ms
14ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KMS6gXLJVxXXBcEBeLuUzLLuaBe6VJU3snajvd01vAcQ

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 /
track.adform.net/csimpr/ Frame 82EC 35 B
502 B 20ms
20ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=46204024&csi=tcnfN8seKV6xvSsuumMEZqKnnposdNna7vr6wHdDkh7ZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 41278444.jpg
s1.adform.net/Banners/41278444/ Frame 82EC 73 KB
73 KB 21ms
20ms Image
image/jpeg 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/41278444/41278444.jpg?bv=2

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a173c4de7a3b31147421cf349e4230ddbcd5e4038aa901a2b449a524b49b2337

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
last-modified: Fri, 16 Oct 2020 13:06:57 GMT
server: nginx
etag: "5f899af1-123af"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 74671

POST
H2 200 /
track.adform.net/csimpr/ Frame 2BEE 35 B
502 B 20ms
20ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=46204019&csi=fLSPOb-LEUsX3b2nDxOHJ7VUEVuCtwyR7vr6wHdDkh7ZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 41278451.jpg
s1.adform.net/Banners/41278451/ Frame 2BEE 66 KB
67 KB 21ms
20ms Image
image/jpeg 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/41278451/41278451.jpg?bv=2

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

26be6d319d9d4c5ef76c5c921f40e4c1bf76a7b17a0a0072fada2f75b1c5954a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
last-modified: Fri, 16 Oct 2020 13:06:57 GMT
server: nginx
etag: "5f899af1-1099a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 67994

POST
H2 200 /
track.adform.net/csimpr/ Frame 949F 35 B
502 B 21ms
20ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=46204026&csi=f20kf6vGY3nGaH6vo24x3kxKNdUGqy2b-Q4UcwCyl5XZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 41371955.jpg
s1.adform.net/Banners/41371955/ Frame 949F 49 KB
49 KB 21ms
20ms Image
image/jpeg 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/41371955/41371955.jpg?bv=2

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d66cfa52063105bea54ef067d7b3aea76077aac4d4186c70994bb4bda29ee1c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
last-modified: Sat, 24 Oct 2020 14:09:47 GMT
server: nginx
etag: "5f9435ab-c4ac"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 50348

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D41C 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQnt441Rg_1u86Xz6C-wG4J1dj-xLFFUo278j8pD66n0DqrCLLI_oBwksX3s6IId6Y6MN4E7ZYNwNeKBePGby2OUfu6bGFu463aEdWhts&sig=Cg0ArKJSzB3POCuH-bymEAE&id=lidar2&mcvt=1000&p=224,436,314,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210526&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3725394775&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622385962525&dlt=0&rpt=50&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunstar.com.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/a7836486dad9b6f536951a0bd3701a2b115161fd/dist/ Frame 801E 235 KB
75 KB 9ms
9ms Script
text/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/a7836486dad9b6f536951a0bd3701a2b115161fd/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-49.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f956a0742320dab9eaf5b5cb735cb3c154690460fb7faecea3ca032af16c250e

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 20:02:29 GMT
content-encoding: gzip
last-modified: Wed, 19 May 2021 20:01:36 GMT
server: AmazonS3
age: 931415
etag: "d1ec0d1e283dc5040d84d7723f23c403"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 76135
x-amz-cf-id: NQnRIBmeEMY-6rbP5IeNfRsco9vC6hwqT11rxWB9SFD2raIT-ZxW0g==

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1669 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 30 May 2021 03:14:09 GMT
expires: Mon, 31 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 41514
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 801E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f69ea0d211e14a10a9cff18abf0bbb80704f1ee277ab03c448a81643d384be9e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1669
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECGz30HcnvsFlUf3wZw-xo8&google_cver=1&google_push=AQvitUJf-Fgy5o9V6dKbT936hzGzIctrHtQcm8n3u-JZbdrzCT9MNR7Hzqz0c49UB0e1fUOoqaSvG9jLxwegYHBdFV-xr3RCqTxw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7EB3BBA917F040CE9CA5647332357BB3&google_push=AQvitUJf-Fgy5o9V6dKbT936hzGzIctrHtQcm8n3u-JZbdrzCT9MNR7Hzqz0c49UB0e1fUOoqaSvG9jLxwegYHB...

170 B
188 B

16ms
16ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7EB3BBA917F040CE9CA5647332357BB3&google_push=AQvitUJf-Fgy5o9V6dKbT936hzGzIctrHtQcm8n3u-JZbdrzCT9MNR7Hzqz0c49UB0e1fUOoqaSvG9jLxwegYHBdFV-xr3RCqTxw

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 30 May 2021 14:46:03 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7EB3BBA917F040CE9CA5647332357BB3&google_push=AQvitUJf-Fgy5o9V6dKbT936hzGzIctrHtQcm8n3u-JZbdrzCT9MNR7Hzqz0c49UB0e1fUOoqaSvG9jLxwegYHBdFV-xr3RCqTxw
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 29 May 2021 14:46:03 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1669
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMTAOGSAJwvBJqZc5pgjhGw&google_cver=1&google_push=AQvitUJ3nEV7iFtxikLCIaqTPbSU_g8ebDIa6waUDkI2StZahPKkCSyKPUV58hS36dSsZBXy_zmFTHjmgN-iUb...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MjA2NjMyNA%3D%3D&google_push=AQvitUJ3nEV7iFtxikLCIaqTPbSU_g8ebDIa6waUDkI2StZahPKkCSyKPUV58hS36dSsZBXy_zmFTHjmgN-iUbugzo...

170 B
188 B

16ms
15ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MjA2NjMyNA%3D%3D&google_push=AQvitUJ3nEV7iFtxikLCIaqTPbSU_g8ebDIa6waUDkI2StZahPKkCSyKPUV58hS36dSsZBXy_zmFTHjmgN-iUbugzoSyheMyPJY

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA5NDY1MjU4MjA2NjMyNA%3D%3D&google_push=AQvitUJ3nEV7iFtxikLCIaqTPbSU_g8ebDIa6waUDkI2StZahPKkCSyKPUV58hS36dSsZBXy_zmFTHjmgN-iUbugzoSyheMyPJY
Date: Sun, 30 May 2021 14:46:03 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1669
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOHwq5lEnCiYoV07p0y6-a4&google_cver=1&google_push=AQvitULLm8O9bBO0OSzfaPQwKmKS1k-QSO9xxcrsn6mxCdujS-5GaGvMbyoZFaEVmOo3myXmnBAj3uxlylfND5gm1ZM9...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=89b65c08-8b96-462a-9c21-c50acb0e1584&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULLm8O9bBO0OSzfaPQwKmKS1k-QSO9xxcrsn6mxCdujS-5GaGvMbyoZFaEVmOo3myXmnBAj3uxlylfND5gm1ZM9wxqu3sSk&google_hm=YqAwOnhCQTi0wzDAAHJ9HQ==

170 B
188 B

18ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULLm8O9bBO0OSzfaPQwKmKS1k-QSO9xxcrsn6mxCdujS-5GaGvMbyoZFaEVmOo3myXmnBAj3uxlylfND5gm1ZM9wxqu3sSk&google_hm=YqAwOnhCQTi0wzDAAHJ9HQ==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULLm8O9bBO0OSzfaPQwKmKS1k-QSO9xxcrsn6mxCdujS-5GaGvMbyoZFaEVmOo3myXmnBAj3uxlylfND5gm1ZM9wxqu3sSk&google_hm=YqAwOnhCQTi0wzDAAHJ9HQ==
date: Sun, 30 May 2021 14:46:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 1669 0
12 B 16ms
15ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KCcstYM2c18mZ9iB1Ix2w0_p_2x35YwMA2_Tvraf4nCw

Requested by

Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sce
eb2.3lift.com/ Frame 801E 37 B
140 B 24ms
7ms Image
image/gif 18.158.191.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sce?inv_code=adasia_allpublishers_display&aid=124223675504226899100&rev=a783648&e=Error%20getting%20_tcfapiLocator%3A%20SecurityError%3A%20Blocked%20a%20frame%20with%20origin%20%22https%3A%2F%2Fc10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com%22%20from%20accessing%20a%20cross-origin%20frame.&block=render&lvl=1&dc=%7B%22stack%22%3A%22Error%3A%20Error%20getting%20_tcfapiLocator%3A%20SecurityError%3A%20Blocked%20a%20frame%20with%20origin%20%5C%22https%3A%2F%2Fc10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com%5C%22%20from%20accessing%20a%20cross-origin%20frame.%5Cn%20%20%20%20at%20https%3A%2F%2Fib.3lift.com%2Frev%2Fa7836486dad9b6f536951a0bd3701a2b115161fd%2Fdist%2Fbundle.js%3A1%3A201506%5Cn%20%20%20%20at%20y%20(https%3A%2F%2Fib.3lift.com%2Frev%2Fa7836486dad9b6f536951a0bd3701a2b115161fd%2Fdist%2Fbundle.js%3A1%3A52181)%5Cn%20%20%20%20at%20Function.t.getTcfapiWindow%20(https%3A%2F%2Fib.3lift.com%2Frev%2Fa7836486dad9b6f536951a0bd3701a2b115161fd%2Fdist%2Fbundle.js%3A1%3A201483)%5Cn%20%20%20%20at%20Function.t.getCmpApiWindow%20(https%3A%2F%2Fib.3lift.com%2Frev%2Fa7836486dad9b6f536951a0bd3701a2b115161fd%2Fdist%2Fbundle.js%3A1%3A201672)%5Cn%20%20%20%20at%20It%20(https%3A%2F%2Fib.3lift.com%2Frev%2Fa7836486dad9b6f536951a0bd3701a2b115161fd%2Fdist%2Fbundle.js%3A1%3A233173)%5Cn%20%20%20%20at%20https%3A%2F%2Fib.3lift.com%2Frev%2Fa7836486dad9b6f536951a0bd3701a2b115161fd%2Fdist%2Fbundle.js%3A1%3A239837%5Cn%20%20%20%20at%20l%20(https%3A%2F%2Fib.3lift.com%2Frev%2Fa7836486dad9b6f536951a0bd3701a2b115161fd%2Fdist%2Fbundle.js%3A1%3A2551)%5Cn%20%20%20%20at%20Generator._invoke%20(https%3A%2F%2Fib.3lift.com%2Frev%2Fa7836486dad9b6f536951a0bd3701a2b115161fd%2Fdist%2Fbundle.js%3A1%3A2339)%5Cn%20%20%20%20at%20Generator.next%20(https%3A%2F%2Fib.3lift.com%2Frev%2Fa7836486dad9b6f536951a0bd3701a2b115161fd%2Fdist%2Fbundle.js%3A1%3A2976)%5Cn%20%20%20%20at%20n%20(https%3A%2F%2Fib.3lift.com%2Frev%2Fa7836486dad9b6f536951a0bd3701a2b115161fd%2Fdist%2Fbundle.js%3A1%3A286)%22%7D&cb=96308
Requested by: Host: c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
URL: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.191.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-191-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 14:46:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2BEE 42 B
64 B 39ms
38ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxaLB6n_FOX3E5Xf2vHVZSvnfgSrkPreWeID4IJvqSMgc_ESlkieiDUL8DVeGIGr5mDvA5v40te_LlZ0eDyqKBNtB0XpzHIA&sig=Cg0ArKJSzPTYCUpRmPsXEAE&cid=CAASF-Ro-qNTLsIAISvTdqDEVRrx5NhJ31hN&id=lidar2&mcvt=1000&p=741,1159,1341,1319&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=0.77&if=1&app=0&itpl=20&adk=325510651&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622385962792&dlt=13&rpt=0&isd=0&msd=0&r=v&fum=1

Requested by

Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 2BEE 35 B
502 B 21ms
20ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@46204019,2230694197999953250,77|1201|0|0|0|0|0|0|0||46|1|1538|ba24019c-3ea3-342c-c0ff-230fca8f830d_1|||1|0|0|sHklM2SCauji5nP9TebYOumn3tQYot-A0|||11|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame 2BEE 35 B
303 B 21ms
21ms Image
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=46204019&event=178&time=1&baid=41278451&name=Viewable%20impressions&imprid=2230694197999953250&icid=0&eData=fLSPOb-LEUtpFxJgJV5FXXPQTISnUM8aumjmAI-8sjxo4kOyoBiwbg2&rtbdata=tWV6gTg5WA7_JqMV7sweGD9obhry_6UaXY0E0LH_Uab75vMP5_f2f8xQth8qRjev_5PZVyVoPxZw3l-Xic5Jud2VcAH4pBRL1r662lypqjPAR20T2dXrIf1Kb1NkHZltqEswNyhxoNHRT8t-Lq8CyZERwPDzdTmJWYlkCkP6RVXun_hXNKN6G3Gdm-a9-qWpE1rBcXhhV1TGa6c16yCjmJvoqKERH4u71Yh3UdglQVhlJQEWbongmoxY1nrFnkGPxmb0ctcZo2J5OpygTe6no7ZY2o9sP9iJHEa9Ul8VvccO3MicAfr1b6EuVBWCp8k1ZPSVCRcBPzE1&rtbwp=YLOlKgAAAAB8fuqEJZW-oh8yy9UOOCh2ddJ3IA&rnd=195074138

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:04 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 82EC 35 B
502 B 21ms
21ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@46204024,8742010059253990599,100|1100|0|0|0|0|0|0|0||50|1|1538|fb9b0fdc-db3d-301a-25d1-1a478d9737b0_1|||1|0|0|--okBa0jGnTi5nP9TebYOumn3tQYot-A0|||11|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame 82EC 35 B
303 B 21ms
20ms Image
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=46204024&event=178&time=2&baid=41278444&name=Viewable%20impressions&imprid=8742010059253990599&icid=0&eData=tcnfN8seKV7sO-XY41MEgHPQTISnUM8aumjmAI-8sjxo4kOyoBiwbg2&rtbdata=WH0HVrhA8QDzRgTA3xn5ZE_n4f7VwAg4l8dQi3b2_RIPpYo53_iDj-IME3BGXP7y_5PZVyVoPxZw3l-Xic5Jud2VcAH4pBRL1r662lypqjPAR20T2dXrIf1Kb1NkHZltqEswNyhxoNHRT8t-Lq8CyZERwPDzdTmJWYlkCkP6RVXun_hXNKN6G3Gdm-a9-qWpE1rBcXhhV1SoQfiEbiwYHElTJiMX4qh31Yh3UdglQVggH6BVgeGWWJRlz667j-8WGGurJg66wE15OpygTe6no7ZY2o9sP9iJHEa9Ul8VvccO3MicAfr1byeheoegvN1zZPSVCRcBPzE1&rtbwp=YLOlKgAAAAD0IbEFoRGtd7gfkw8HkciDiGXVuA&rnd=539593845

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:04 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 82EC 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiRzz-Rie21ph6y_MQSLoZFrIBBjQPeFcbC-pw9yvnCX92q6mCiJxxd2jNVtxfPF5qMEu31epmRKrExzyX8Z9VkMiL5WM7lQ&sig=Cg0ArKJSzMQvyfRsQ0c6EAE&cid=CAASF-RoNgAqUhX24t4RonrEOLwiGysbekBB&id=lidar2&mcvt=1000&p=225,315,315,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3574223832&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622385962790&dlt=22&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 82EC 35 B
502 B 21ms
21ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@46204024,8742010059253990599,100|4700|0|0|0|0|0|0|0||214|1|1538|fb9b0fdc-db3d-301a-25d1-1a478d9737b0_1|||1|0|0|--okBa0jGnTi5nP9TebYOumn3tQYot-A0|||01|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:08 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 2BEE 35 B
502 B 20ms
20ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@46204019,2230694197999953250,77|4900|0|0|0|0|0|0|0||187|1|1538|ba24019c-3ea3-342c-c0ff-230fca8f830d_1|||1|0|0|sHklM2SCauji5nP9TebYOumn3tQYot-A0|||01|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:08 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 949F 35 B
502 B 20ms
20ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@46204026,2749520167985463662,0|0|0|0|0|0|0|0|0||0|1|1538|cf7140d5-6bc8-3abc-3834-88cc58df59fe_1|||1|0|0|uQKec6TJSmDi5nP9TebYOumn3tQYot-A0|||11|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 May 2021 14:46:08 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YLOlKBDZ4lge5057QsfaJQAABH4AAAIB&google_push=AQvitULjE1VrVX113S0bT6GaxDhsGvZ4Bx8ypm_aB5zHVwk9V606OBYK_VhnRHwzImSMlgKlTSuItCTlGb9UYDEZRqXhiDdFHW5f&google_gid=CAESEMUvi9DO6XT7_oI5suQ58gE&google_cver=1

Verdicts & Comments Add Verdict or Comment

391 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 04:01:21	Name: IDE Value: AHWqTUnVzRhoUeWsg2cacFsUCWsXl-2MfKZ-srMkDwY7jCyYtSMFVwmxD8IK111TLXA
.sunstar.com.ph/	1970-01-19 18:41:12	Name: _gid Value: GA1.3.1181900130.1622385959
www.sunstar.com.ph/	1970-01-19 18:39:47	Name: 94273241-ehtoken Value: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=v8adWCFCm2Pj6AY5anzVgdB%2BmT5bj5fh9usJiHdw1UA%3D&se=1622387836&skn=all
www.sunstar.com.ph/	1970-01-20 04:01:29	Name: cto_bidid Value: SSMnTV9YJTJCVyUyQjlZOXhvY0ZjalBETU9NdWgydzVOU2hCNm85eSUyQkZwT1YlMkIxZ0dUT2J5a2ZUdlY5TU9LNEQ3Vk5RJTJGeTZROGNHRnBmalhKJTJGcHVnMWIwN3c0JTJCSmJnJTNEJTNE
www.sunstar.com.ph/	1970-01-19 18:39:47	Name: __atuvs Value: 60b3a526b61bf253000
www.sunstar.com.ph/	1970-01-20 04:10:00	Name: __atuvc Value: 1%7C22
.sunstar.com.ph/	1970-01-19 18:39:46	Name: _gat_gtag_UA_308175_1 Value: 1
www.sunstar.com.ph/	1970-01-19 18:39:47	Name: device Value: web
www.sunstar.com.ph/	1970-01-19 18:41:33	Name: zdSessionId_94273241 Value: d95d23ac-8672-4ccb-b8cf-238d3f356e0a
.sunstar.com.ph/	1970-01-19 18:39:49	Name: ats_referrer_history Value: %5B%22%22%5D
.sunstar.com.ph/	1970-01-19 22:58:57	Name: ___iat_vis Value: 153B3D75A2B9C15B.922352305.1622385959718.879466738.ZMZEJORBIA
www.sunstar.com.ph/	1970-01-19 19:22:56	Name: USER_COUNTRY_CODE Value: IE
www.sunstar.com.ph/	1970-01-20 04:01:29	Name: cto_bundle Value: gfN8TV9yb0VLVjNTOGRmOUtGTE5IMG90d2dCMzNsJTJGV0pWQ2hJMkNJJTJCOGRrVXN5VjJPenppN05vUlAlMkZSYm16cnBVSDNnNjdOSVh3MTBDVEVSY3NldllyR2lmOVp0ZHVEaUx3c0lubEJyR0hqTk9zYzlJSEFnaGoxMSUyRkJQeUVsNHJzR0M5
.sunstar.com.ph/	1970-01-20 04:01:21	Name: __gads Value: ID=2696593e40a9b39c-22735e054ec800ea:T=1622385958:RT=1622385958:S=ALNI_MaxIESEqBn0Y6xgZyBuhKvvR5E54Q
.sunstar.com.ph/	1970-01-19 20:49:21	Name: _fbp Value: fb.2.1622385958840.554969166
www.sunstar.com.ph/	1970-01-19 18:39:47	Name: device_type Value: web
www.sunstar.com.ph/	1970-01-19 19:22:56	Name: p_stats_monthly Value: 1877981
.sunstar.com.ph/	1970-01-20 12:10:57	Name: _ga Value: GA1.3.308863201.1622385959
.sunstar.com.ph/	1970-01-20 03:26:48	Name: __auc Value: 7c0fdae6179bdbd1ef887b166b4
.sunstar.com.ph/	1970-01-19 18:39:47	Name: __asc Value: 7c0fdae6179bdbd1ef887b166b4
www.sunstar.com.ph/	1970-01-19 19:22:57	Name: _pbjs_userid_consent_data Value: 3524755945110770
.sunstar.com.ph/	1970-01-19 18:39:47	Name: ___iat_ses Value: 153B3D75A2B9C15B.1
www.sunstar.com.ph/	1970-01-19 18:39:47	Name: device_used Value: web
www.sunstar.com.ph/article/1877981/Bacolod/Local-News	1969-12-31 23:59:59	Name: device Value: web

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.sunstar.com.ph/themes/sunstar/js/script-one.min.js?v2.44(Line 650) Message: chrome

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

60a6ae725fca.bitsngo.net
a.sportradarserving.com
a330.casalemedia.com
a5125.casalemedia.com
a691.casalemedia.com
acdn.adnxs.com
adasia-d.openx.net
ads.avct.cloud
ads.creative-serving.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
anymind360.com
as.innity.com
bidder.criteo.com
c1.adform.net
c10295ee0505378fc19f70d2d5e8bcb4.safeframe.googlesyndication.com
casale-match.dotomi.com
cdn.innity.net
cdn.insurads.com
cdn.izooto.com
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
d2849lw36e7cot.cloudfront.net
d2q8xv8xf7whrd.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.3lift.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
js-sec.indexww.com
log.outbrainimg.com
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
mcdp-nydc1.outbrain.com
messaging.insurads.com
msg-0d30238761a9e7c06.insurads.com
mug.criteo.com
mv.outbrain.com
mwzeom.zeotap.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
odr.mookie1.com
optimize.innity.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prg.smartadserver.com
prod-sb-appanalytics-us1.servicebus.windows.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb-csync.smartadserver.com
rtb.openx.net
s.amazon-adsystem.com
s1.adform.net
s7.addthis.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
services.insurads.com
simage2.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
syndication.twitter.com
tcheck.outbrainimg.com
tlx.3lift.com
tpc.googlesyndication.com
track.adform.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
v1.addthisedge.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sunstar.com.ph
x.bidswitch.net
xg4iffui.collaura.it
z.moatads.com
zsearch.zoomd.com
cm.g.doubleclick.net
104.111.224.62
104.244.42.72
104.40.187.26
104.84.56.126
119.81.3.35
13.226.159.111
13.226.159.129
13.226.159.71
142.250.185.130
143.204.98.49
149.129.240.178
151.101.114.132
151.101.114.49
159.253.128.188
178.250.0.165
178.250.2.146
178.250.2.151
18.156.0.31
18.158.191.20
18.159.17.140
18.195.105.17
18.195.54.139
185.29.135.233
185.59.220.194
185.59.220.199
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.80.37.242
185.86.137.133
185.86.137.17
192.124.249.104
2.18.232.130
2.18.232.28
2.18.233.180
2.18.234.190
2.18.234.21
2.18.235.40
2001:4de0:ac18::1:a:3b
213.155.156.183
216.58.212.130
216.58.212.162
23.37.38.181
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2600:9000:2182:4c00:3:bc0d:3a40:21
2600:9000:2182:8200:19:ba84:7f40:21
2606:2800:233:9de:380:d6:22cb:12e3
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1857
2606:4700::6810:135e
2606:4700::6812:acf
2606:4700::6812:d841
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:110:c305::8000
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9d
2a02:2638:1::13
2a02:2638::3
2a02:fa8:8806:12::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::645
3.66.135.160
34.95.69.49
34.98.64.218
34.98.67.61
35.227.252.103
37.157.2.237
37.157.6.236
37.157.6.241
37.252.173.38
40.79.44.59
51.210.112.63
52.18.11.109
52.57.230.211
54.146.254.172
54.194.211.3
54.208.64.234
54.213.1.67
54.72.102.86
64.202.112.191
66.42.103.233
69.173.144.138
72.21.206.140
76.223.111.131
85.114.159.118
85.91.45.39
85.91.47.62
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0236e9de2313bf6108beeaa098f59d409ede3cb2c2be934d21b5c6849e92bff3
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05dd140f66560572fa02b859d9980b90e3ca3a4696fa0827bbeaa8f39af8a81d
061992b47c54dbe1a6cf3523a8390a142220fd31331c3eeacf7d4cca416bdc66
078170298c5f6ea65afcceb8696ac031ab57212b6259cde3d2b99939167a2ecb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c582e20f0314afac4495fb9bff3af2d949705e90b5d3c4595fa11cdf00480c5
0e3a5c1cc2fd4fcdc3aff4cbc12bf282223b1e786830f9d877082a781166d4e8
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1149d980feaaafbf4061277dc4070b4c313ce159c29e989aec0f35ab1934c132
12b32e9b0439aa37b2170aa4c97521dea6b60bc0a50272524903314ba101c3a2
1426c56748e464a4c9a1dae580dc73acf291663684aa701711537d8709329014
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
176f3ca1ee7b655aa9f2c16e71c09dc548d315c9b77ff39d637eebb931d70d81
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
199558683c3977d73e547ba03bca17d1d65c24fdc00b053f913b76d5d3747f81
1b6a758365f36733ee318c64cbfd8d2a1aee8dae87112ed62597cdcc15fe0cfc
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1d74210a9d94f8224a0ebad0564f741b6d21014a4a342093ff6654e882ace6e6
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
1eb0080f95c6264346c5a82662600603e2f71bdbdde17992c13369f1086fb9d1
1f31df3545a3dbd5c6f919c99ecb73f9e1837f1d987917093a68a84f2ac3107a
221cfcab230ebf7c469f05c9bf27518c8dc3d5471349fd620e3a9b830bfa27c2
2334707ad893361a198494698b80017cbddd21ca1869c8af1ec00b827c5b53da
2442651ee21396390dc493d95b1fc5e9c63e749685d0fac660dd5ebb7f342bbc
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26be6d319d9d4c5ef76c5c921f40e4c1bf76a7b17a0a0072fada2f75b1c5954a
28ddce2a241e05365f0439a31ac7c67b33eb292fb18ac12b2566373c714aaa40
299bac079c4a282b027a72b2fd983fdca00f4cfd12a312b8353b02dd4411383b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bbd74d7f0fe414d91a6f8f7de5e822cf1c1fafdb98bff5308f0369ab5877c63
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
307be074524b862e1d3118e21c8bbaa78cdf73d34bda6be628be6fa20e5ea6ba
321245bf2268cd73f72a65009ea72bc13fbe334768fad8957c59367173788208
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33df66ca469e2de5ae4723c4944b20fd37d65daa2f095b6ec2ff0d70ed6c3d57
34d2701c293a921dbbaf7b206c1f4ffb541a7223c1ab3c5c6ff2b1fa011a85a0
35f0c2b5a21bdda4cd593d0c7ac31b0c8936a5a1cd350ff74d072334576d6ec7
37191f21e3dd1db20898df836eb549dff1a8969082852e8538a25a72e99e639c
37eebd1555b3e00a80956d6b32fcb52ba8c6020041f97e81d5c3a6be52b6bad7
399f8348cc63a4853d4ff0536a5e7ec0f3c1e7fb6ab5d837db6ea4858b872f4a
39aa6a77ffa7296cad911168a6000b8c39f5ab88dbf22c2b7f461c274c02cfbc
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3bc4ce90c60ac5aa710e70c1590d24d1f68e844acc88f4b1d87581cc3ae10a96
3c9e2b21829fee8ed5573f654bad63de1b8998d1d028307ae596212aa4d6f69e
3cbc91b08f13856bfdca4216f4827f45654ee8c4daa770f79767d967595194a7
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d9b4c1e21f076d905f1b85a541dda587ee989d1516f1465c6c6ded005cb99a8
3e913b4a7d16ac35ebe8a9830bdd24f0f1e6d20b92ebaf8552c9f24d319209be
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
439d49929f585df823340e807a4ae129cd3fc4fedd4cd5dc3a76566917e357a7
43a3180bf543501f3c010d886d652d3da0997798bd88b071de838fa876560c8d
44937dec5d3b29880853567f13d86fdabecc926fcd3f60929d688ff0c74110fa
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4bef65891aee5a3edfb1a7ab019d3e8cdb10223cb6c7a982e3a325822e794abd
4c062e44ef26a7b57ee5e158af4af360561ed6f3d18d96e4c1faa9b69097add0
4c930275e8f4e2807ba22e011d7eb1dc1e9e8bd5d5a670e41fe1065c1c4b90b4
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4efb5c4f6ded51edbc12ff1abf5703efcffc9279e07959a4dc19948262ad632f
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f65c38ed3681b49cf4f86c0e1fcd4143fa78015121b20e69e11c1c422dd0bfa
52227a62d79175c6ca43ee4dd2d0fb96bf4d9f1e2c5492620fc565be6b0e45d9
523b16081817475f71c997756f6f0b6b3d82dfa7ac98c788489c13f8a3c0ba07
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
57dcf8b4b8cd5a57930bf6a6b55d40b6d4a10f472c2aa42f633babe8050abb76
5ab76d970f7a9b17ae11ea4dbf0e0532e0c6ff02d50a2ac5d65ea83cbb6a55f8
5bdf881868ac7b463d2c26adb5b2191eec0ca3dcf013741fec60d7968b4c5e2b
5ccc3e785cd8e9b3f95a721637dd14595208dc56b4db19b788dc2ddc0262ede5
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
60fa0d0e29a3c63db6a2aef1429a82131bfc9a4d24536f6528f6fb573caa6bea
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
64b4ca6d089859f4d6a964b42a6dbbf6bafe6bad695b2e2f742e4ab476fea057
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
68e6da0247ed7e7b4592fac9886d2ae471995a18d5f70c918f75d27b2983fc6e
6908df60b617573b345db4aebac15147996ec9dd53f9c3265998785e859aab98
6a464584c67dbc2d82b4f7f0c0203a82330d48b368bd5c1c1c6109c349fb2d6d
6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5
6ceb80df4a2a09a64c6506bea46609e055f2043c2960b72a82e5e2388e016a86
70141b74810963b60fac0b9ffb71bab1fe4bee9a3552c2dc0fccfbdfc804afd8
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
747c61f2521fc8d26f3aff1c4b1131b6174703774fbc676e97b78bdde3da3ba5
75ccdf55dd7914e78df9b777b2e46b78bec1f105b00aff7d8d95eacd759279b8
76c90c52171d1967d833b04ff7a7e7e36a719c329398a9efb972ecf79a659a9f
7a98a93d3da2cc35938854f518019bafffbf77b8065d71bba87272203229046b
7b95b3cf0439813fbdb3b96435627d3cb9bd1ab3cc1a4a4ffbb9d643ce59157b
7bc3f8311f16969884903aa9dc21501a6c9bab645d437ecac663ad390ef8cc83
7cc13f04456886cbda69f821f3671e53c6fee1a537210e99f97ce0751d45dc71
7d7bbb7846d1e8e40356566ac70beb0125ddcbaf992ef4fda6e3d53cc3e10923
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd5077294a7b81fb7d4dd9fd9b9e5ae59592790cb23d8ef7e8965de43f97285
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
823686237069918cffd8537c4a5a77c27cd84451bef4b07624f44d7e5456c226
82bb4b6608706721f71ca285d3b341e98428830530b45b8524c624a673b8d3a5
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87b3e2271b71b1fefe56400637a37ef3fd2a66b84aee860973fa60b839d8262e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
906b8ec7d6f04c5f4a8e7a1c7f2468554f85422feb2144ae747365327432431b
937fdab3409538bd4f6164b79c2caf886f7bb6170fcc37d9bb2fa3c9c010940f
9613d159c5d76254cc9227e9e3543bf159655971dfe69391d910a6b211f6ea7c
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a3c9ae060403a0720085252fb36dc10c803044db10aa4573dedcd56113c76f4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bb78f632f67780c00b07e1164aec256155ae77de114a65df8dd39f8088cd83c
9e467dc86ab4bfe0a0a040b5719a2a10200a355dc02085995006a00ff2f55c40
9e8ea15dea24cccc8818c608809d02d3a0594b00f130ceaf48ef58da95896a73
9efa2aa6bdf90651decf2c011df2dd00ea766226e00b2cf3004c10d83a72590d
a00da1bf6244986b3c85e83b54e290a6db98f9efe9d4cc249ba811970e450317
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a173c4de7a3b31147421cf349e4230ddbcd5e4038aa901a2b449a524b49b2337
a23b3f0a07f00a92014357e56f6f0e86dd2db824b2495b9fbe3bf5c02869008b
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3d0e8870649ac921fc78e2f40b0fd4519023f8d4db694fe38df0e09406d081c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b44a01578dfcfd1798276c722f799f8aa3eefcebed07e8587025c145d611ae
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e
aa9ca6f418e06647011afb0ac588834f47fc4ae5a7716fa983a2f93ccb405225
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad4a958e9d57b4ab0323867e2b39a2297360690fd1341bca6bcd58452137b6b3
af59ea12e97b1b8a5285f78c9d5c209cb276382600e5aea9b07dfc01eab98e6d
b07a77a75961dc1ebd449578fc16b083b8314d8635b9490b2db1d0473474181e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b287c940d01af52ae21c0aa3b230d384fdbe620f8505b99b9910615711bc9b31
b4ab3afc167a24f795563b7a51fae8dfbe6efc232ccb2e2add52dacc59cec3e3
b4d6f2a59b7a98fcfb5bd04e84172fa55ec144038c10d9e5aff421da13b33766
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b852cce5e51aa084251a37c8b363e5635410ab148c988762b58b7098f0ef9c6c
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
bacf66ab856f40796dfc72fa7ae94235bc66475895549a8b34b2dcb2d6d2d2d2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbf2a527971cec70abee81dc6c0aefb363a93bce31b5237b13f389fcd489dd82
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c342b3eb0e7459d283889198caff34a00c105c3fcaad1d0bf353aa0641937727
c5068c06c792db4bfb097befce2427c85ed094392d1f9721e09ee7af0ade1387
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4
c75f65c26c8627f92d561c1574e598ce07ccfae2f3f19cb24b59437f95658259
c89e481d4474e7e8c07541503abebcc1f933cee07873802fb9bf09d3a15670f5
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
cb587591eb4362bd19e7762c7e01b1d21568c44f4bb799b76f2d2a4eed1eb982
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10052bd1bdc51bcd867bf1ef3681cb8f7d24d54e684b2d1b98e95733c4175b3
d66cfa52063105bea54ef067d7b3aea76077aac4d4186c70994bb4bda29ee1c4
d86f773cc0628268e605173f2d589ee2ec9ecfd150e454514240eb2bfcb1fb82
dbfc5965310cbe1a099f0174fbc5a2f3f648814fb2b52755d3c3e761ae28d1f9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5d9ed7562b102a9eba10fd74f7d66e9c40b988c5e5cf934e79048f1607009f
df2f130ebaf879966d5e5e8e8623f57a217befe98549db88445fea1e2e1a5797
df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f
e167c8a2724463ef585059cf9e0e1a01df907b0fd32da4cb85dbc324961ef36a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e90f5ac082cbcac78816f187958056b8ab95e16272d5a12ea33d004b382fe924
e93e3959d3e0558aaa18605044cce85af709e94bd6542adfaba733960576df08
ed8fd5966c1d769a76d49fe6929becc99ca387a013c2bbed13165f9e5bfb315c
ed9ee128d4095786ba21fd26316090475245b192a620698f44af20638139a364
ee392a7db7c7c077f737a6a0b6b5354e856268c6a72b14cdc183979743ef124a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3493bd6dba30d282b354d7f52121d58f78caef177b49287dafb4d5f3a7f147
f0915701b5111d37473a04027f9d01c78717f58cc3536c6c2a724b6a2bbf7697
f0c6eea8eb9d725d46ac2bf600e1a6318358881b990a332fb7b1225c7e15a851
f32bae9e83d55e7b11bbcde16f3c39c35084bf49e3af28dd0af403c443fc9348
f38579c50edb7a9e22a53d52a6272f6180b39cfcf6eae6fcf9009b659b0d58df
f3be3a79ccfede9d74c492fa15c59becc3759cdf870b593749e750bf1489fc85
f6248573434a6b4f50dbfe3166d5892c7e62ee1296a2328d50006fe88510cecf
f69ea0d211e14a10a9cff18abf0bbb80704f1ee277ab03c448a81643d384be9e
f7160026cc3c715123d9b3026932784a78474ef6675fdaa44e6d8f6ced32befe
f956a0742320dab9eaf5b5cb735cb3c154690460fb7faecea3ca032af16c250e
f97e6da3052ea65a676751f25040ea2edcc4b6e3288d07f755973fc3a30189e5
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fe9188bb781bd7510b839627bec1cf19ed8cf6c624c52748a76e9267135b9135

www.sunstar.com.ph Open in urlscan Pro 192.124.249.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

372 Requests

100 %HTTPS

36 %IPv6

67 Domains

116 Subdomains

90 IPs

12 Countries

3731 kBTransfer

9396 kBSize

24 Cookies

10 Outgoing links

Page URL History

Redirected requests

372 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sunstar.com.ph Open in urlscan Pro
192.124.249.104 Public Scan

Screenshot
Live screenshot

Full Image

372
Requests

100 %
HTTPS

36 %
IPv6

67
Domains

116
Subdomains

90
IPs

12
Countries

3731 kB
Transfer

9396 kB
Size

24
Cookies

372 HTTP transactions
11 data transactions