urlscan.io logo urlscan.io
SecurityTrails logo

www.gmanetwork.com Open in urlscan Pro
99.84.88.93  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Submission: On May 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 140 IPs in 15 countries across 119 domains to perform 547 HTTP transactions. The main IP is 99.84.88.93, located in United States and belongs to AMAZON-02, US. The main domain is www.gmanetwork.com. The Cisco Umbrella rank of the primary domain is 127015.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 10th 2022. Valid for: a year.
This is the only time www.gmanetwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 99.84.88.93 16509 (AMAZON-02)
1 69.16.175.10 20446 (STACKPATH...)
6 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:223... 16509 (AMAZON-02)
3 199.91.74.185 21859 (ZEN-ECN)
2 52.74.44.71 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
3 13.224.225.68 16509 (AMAZON-02)
9 23.32.185.123 16625 (AKAMAI-AS)
52 13.32.99.73 16509 (AMAZON-02)
2 2a04:4e42:600... 54113 (FASTLY)
4 23.35.237.86 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 188.65.124.90 41690 (DAILYMOTI...)
4 2a00:1450:400... 15169 (GOOGLE)
1 18.135.9.210 16509 (AMAZON-02)
1 34.107.231.31 396982 (GOOGLE-CL...)
1 69.16.175.42 20446 (STACKPATH...)
6 2a03:2880:f08... 32934 (FACEBOOK)
8 2a00:1450:400... 15169 (GOOGLE)
11 13.224.222.16 16509 (AMAZON-02)
3 23.212.89.151 16625 (AKAMAI-AS)
1 2 185.94.180.125 35220 (SPOTX-AMS)
23 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
1 2600:9000:224... 16509 (AMAZON-02)
6 2a03:2880:f17... 32934 (FACEBOOK)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 52.201.82.7 14618 (AMAZON-AES)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 6 2620:116:800d... 16509 (AMAZON-02)
7 13.32.99.50 16509 (AMAZON-02)
3 104.40.187.26 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 52.222.139.112 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
4 18.136.14.50 16509 (AMAZON-02)
2 162.19.138.116 16276 (OVH)
1 2600:9000:223... 16509 (AMAZON-02)
4 141.95.98.65 16276 (OVH)
2 35.190.39.111 15169 (GOOGLE)
2 4 2a02:2638:d::d 44788 (ASN-CRITE...)
4 64.202.112.223 23352 (SERVERCEN...)
2 2001:4860:480... 15169 (GOOGLE)
1 46.51.163.206 16509 (AMAZON-02)
2 178.250.1.11 44788 (ASN-CRITE...)
13 178.79.242.181 22822 (LLNW)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 2600:9000:225... 16509 (AMAZON-02)
1 13.224.189.48 16509 (AMAZON-02)
1 146.75.118.132 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.103.85.46 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 3.68.25.145 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.121.95 16509 (AMAZON-02)
1 9 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 20.150.88.132 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 34.107.148.139 396982 (GOOGLE-CL...)
6 147.75.84.158 54825 (PACKET)
3 188.42.196.115 7979 (SERVERS-COM)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2602:803:c003... 26667 (RUBICONPR...)
3 12 37.252.173.215 29990 (ASN-APPNEX)
1 13 34.98.64.218 396982 (GOOGLE-CL...)
3 2a02:2638:3::7 44788 (ASN-CRITE...)
3 103.132.192.30 138552 (RTBHOUSE-...)
4 9 216.52.2.30 32475 (SINGLEHOP...)
3 185.106.140.18 7979 (SERVERS-COM)
8 40.79.44.59 8075 (MICROSOFT...)
1 34.111.79.67 396982 (GOOGLE-CL...)
1 35.244.174.68 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:7... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
4 4 185.29.132.245 30419 (MEDIAMATH...)
10 19 142.250.185.66 15169 (GOOGLE)
2 3 178.250.1.9 44788 (ASN-CRITE...)
1 199.187.193.179 47043 (SMARTADSE...)
1 2 51.75.86.98 16276 (OVH)
9 9 3.126.160.30 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 23.197.149.186 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 142.250.186.70 15169 (GOOGLE)
4 4 84.200.5.215 44066 (DE-FIRSTC...)
2 167.233.13.224 24940 (HETZNER-AS)
1 110.238.107.108 136907 (HWCLOUDS-...)
1 1 2a03:2880:f08... 32934 (FACEBOOK)
3 114.119.175.30 136907 (HWCLOUDS-...)
12 35.71.131.137 16509 (AMAZON-02)
3 95.101.148.20 16625 (AKAMAI-AS)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 5 23.201.255.110 16625 (AKAMAI-AS)
2 2 35.210.53.219 19527 (GOOGLE-2)
14 216.52.2.86 32475 (SINGLEHOP...)
3 3 3.126.33.170 16509 (AMAZON-02)
1 1 3.237.52.215 14618 (AMAZON-AES)
2 2 198.148.27.139 19189 (PULSEPOINT)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 213.19.162.90 26667 (RUBICONPR...)
7 7 54.220.255.219 16509 (AMAZON-02)
6 6 213.19.147.44 26120 (RHYTHMONE)
2 2 46.228.164.11 56396 (AMOBEE)
2 8.43.72.98 26667 (RUBICONPR...)
2 3 35.204.74.118 396982 (GOOGLE-CL...)
2 98.98.134.241 21859 (ZEN-ECN)
4 7 52.95.122.74 16509 (AMAZON-02)
3 3 37.252.171.85 29990 (ASN-APPNEX)
1 34.96.105.8 396982 (GOOGLE-CL...)
4 23.32.184.192 16625 (AKAMAI-AS)
1 1 46.228.164.13 56396 (AMOBEE)
2 3 76.223.111.18 16509 (AMAZON-02)
2 5 185.64.190.78 62713 (AS-PUBMATIC)
3 4 37.157.6.254 198622 (ADFORM)
1 1 8.2.110.113 46636 (NATCOWEB)
6 135.125.163.79 16276 (OVH)
21 185.64.190.80 62713 (AS-PUBMATIC)
2 2 193.0.160.131 54312 (ROCKETFUEL)
2 2 213.155.156.164 1299 (TWELVE99 ...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 2 151.101.2.49 54113 (FASTLY)
1 1 185.86.139.103 201081 (SMARTADSE...)
1 1 52.73.187.111 14618 (AMAZON-AES)
1 35.186.193.173 15169 (GOOGLE)
1 1 35.214.153.92 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 173.231.178.81 32475 (SINGLEHOP...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
2 3 52.31.89.240 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 3.94.235.119 14618 (AMAZON-AES)
3 3 37.157.6.237 198622 (ADFORM)
3 3 3.71.149.231 16509 (AMAZON-02)
1 185.64.190.81 62713 (AS-PUBMATIC)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
2 64.158.223.140 41041 (VCLK-EU-SE)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 164.92.213.94 ()
7 11 69.173.144.139 26667 (RUBICONPR...)
2 3 52.46.155.104 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2 185.80.39.216 27381 (CASALE-MEDIA)
1 13.32.27.22 16509 (AMAZON-02)
3 119.13.101.41 ()
1 23.206.209.54 16625 (AKAMAI-AS)
6 6 67.202.105.23 ()
1 1 67.202.105.33 ()
1 67.202.105.31 ()
1 1 35.227.252.103 ()
2 18.184.88.243 ()
1 198.47.127.20 ()
4 34.117.239.71 ()
1 1 52.220.229.2 ()
1 1 141.94.242.226 ()
2 2 141.94.171.215 ()
1 23.88.86.2 ()
1 2606:4700:10:... ()
1 1 77.243.51.122 ()
1 2 50.57.31.206 ()
2 2 141.94.171.214 ()
547 140
2    99.84.88.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-93.muc50.r.cloudfront.net
www.gmanetwork.com
1    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
rtbcdn.andbeyond.media
6    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2600:9000:223c:bc00:c:3460:340:93a1 (United States)

ASN16509 (AMAZON-02, US)
aphrodite.gmanetwork.com
3    199.91.74.185 (Mexico)

ASN21859 (ZEN-ECN, US)
scripts.jixie.media
2    52.74.44.71 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-44-71.ap-southeast-1.compute.amazonaws.com
prebid.andbeyond.media
6    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    13.224.225.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-68.lhr61.r.cloudfront.net
c.amazon-adsystem.com
9    23.32.185.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-123.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
52    13.32.99.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-73.fra60.r.cloudfront.net
images.gmanetwork.com
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    188.65.124.90 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com
geo.dailymotion.com
4    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.135.9.210 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-9-210.eu-west-2.compute.amazonaws.com
mb.moatads.com
1    34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
1    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
rtbpass-us.andbeyond.media
6    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
8    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
11    13.224.222.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-222-16.lhr61.r.cloudfront.net
images.gmanews.tv
3    23.212.89.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-151.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
23    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:2057:4400:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)
rock.defybrick.com
1    2600:9000:2240:da00:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
6    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
flint.defybrick.com
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    52.201.82.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-82-7.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
1    2a02:26f0:480:980::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
6    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
7    13.32.99.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-50.fra60.r.cloudfront.net
data2.gmanetwork.com
3    104.40.187.26 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
zdwidget3-bs.sphereup.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
7    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    52.222.139.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-112.ams50.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2250:e200:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    18.136.14.50 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-14-50.ap-southeast-1.compute.amazonaws.com
ads.allaccess.com.ph
2    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    2600:9000:223c:a600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
4    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
4    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    64.202.112.223 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    46.51.163.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-163-206.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
13    178.79.242.181 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net
d99666469a0d.bitsngo.net
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    2600:9000:2251:3e00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
ws.sharethis.com
1    13.224.189.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-48.fra2.r.cloudfront.net
related.gmanews.tv
1    146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
mv.outbrain.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.103.85.46 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-85-46.deploy.static.akamaitechnologies.com
static-tagr.gd1.mookie1.com
2    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
2    3.68.25.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-25-145.eu-central-1.compute.amazonaws.com
l.sharethis.com
2    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    13.32.121.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-95.fra60.r.cloudfront.net
count-server.sharethis.com
9    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
19    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
googleads.g.doubleclick.net
1    2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
1    20.150.88.132 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prodpsus1.blob.core.windows.net
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
6    147.75.84.158 (North Holland, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
3    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
12    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
13    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
rtbdemand-d.openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
google-bidout-d.openx.net
3    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
9    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
3    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
8    40.79.44.59 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prod-sb-appanalytics-us1.servicebus.windows.net
1    34.111.79.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.79.111.34.bc.googleusercontent.com
ph-gmtdmp.mookie1.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
10    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
25    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
12    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
4    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
19    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    199.187.193.179 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
2    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
9    3.126.160.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-160-30.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    23.197.149.186 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-149-186.deploy.static.akamaitechnologies.com
www.awin1.com
1    2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
4    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ad.doubleclick.net
4    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
partner.blau.de
1    110.238.107.108 (Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-110-238-107-108.compute.hwclouds-dns.com
hb.jixie.io
1    2a03:2880:f083:6:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
web.facebook.com
3    114.119.175.30 (Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-114-119-175-30.compute.hwclouds-dns.com
traid.jixie.io
12    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
3    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
1    2606:4700:e6::ac40:c112 (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
5    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
14    216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
3    3.126.33.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-33-170.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    3.237.52.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-237-52-215.compute-1.amazonaws.com
aorta.clickagy.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    213.19.162.90 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
7    54.220.255.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-255-219.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
6    213.19.147.44 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
7    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
4    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    8.2.110.113 (United States)

ASN46636 (NATCOWEB, US)
as.ck-ie.com
6    135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu
user-sync.adxpremium.services
21    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    213.155.156.164 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    85.114.159.118 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    52.73.187.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-187-111.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    173.231.178.81 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
3    52.31.89.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-89-240.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    3.94.235.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-235-119.compute-1.amazonaws.com
a.audrte.com
3    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
cm.adform.net
3    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    2a05:d018:d29:3605:cad5:de8f:a90a:79bc (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    64.158.223.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-nessy-float2.dotomi.com
pubmatic-match.dotomi.com
33across-match.dotomi.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    164.92.213.94 (None, )

ASN- ()
match.adsby.bidtheatre.com
11    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
3    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
vpaid.vidoomy.com
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum.casalemedia.com
1    13.32.27.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-22.fra56.r.cloudfront.net
partnerrsc.jixie.io
3    119.13.101.41 (None, )

ASN- ()
prebid.jixie.io
1    23.206.209.54 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-209-54.deploy.static.akamaitechnologies.com
accounts.tokopedia.com
6    67.202.105.23 (None, )

ASN- ()
ssc-cms.33across.com
1    67.202.105.33 (None, )

ASN- ()
de.tynt.com
1    67.202.105.31 (None, )

ASN- ()
hde.tynt.com
1    35.227.252.103 (None, )

ASN- ()
rtb.openx.net
2    18.184.88.243 (None, )

ASN- ()
a.vidoomy.com
1    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
4    34.117.239.71 (None, )

ASN- ()
events-ssc.33across.com
1    52.220.229.2 (None, )

ASN- ()
cm-supply-web.gammaplatform.com
1    141.94.242.226 (None, )

ASN- ()
green.erne.co
2    141.94.171.215 (None, )

ASN- ()
pixel-eu.onaudience.com
1    23.88.86.2 (None, )

ASN- ()
matching.truffle.bid
1    2606:4700:10::6816:1957 (None, )

ASN- ()
mwzeom.zeotap.com
1    77.243.51.122 (None, )

ASN- ()
uipglob.semasio.net
2    50.57.31.206 (None, )

ASN- ()
uipus.semasio.net
2    141.94.171.214 (None, )

ASN- ()
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
66 gmanetwork.com
www.gmanetwork.com — Cisco Umbrella Rank: 127015
aphrodite.gmanetwork.com — Cisco Umbrella Rank: 208916
images.gmanetwork.com — Cisco Umbrella Rank: 224055
data2.gmanetwork.com — Cisco Umbrella Rank: 367141
859 KB
49 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
ad.doubleclick.net — Cisco Umbrella Rank: 165
285 KB
40 googlesyndication.com
f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
340 KB
32 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 492
image6.pubmatic.com — Cisco Umbrella Rank: 682
simage2.pubmatic.com — Cisco Umbrella Rank: 660
image2.pubmatic.com — Cisco Umbrella Rank: 820
image4.pubmatic.com — Cisco Umbrella Rank: 955
simage4.pubmatic.com
46 KB
23 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
ce.lijit.com — Cisco Umbrella Rank: 782
38 KB
22 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 469
eus.rubiconproject.com — Cisco Umbrella Rank: 566
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2060
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 967
token.rubiconproject.com — Cisco Umbrella Rank: 573
pixel.rubiconproject.com — Cisco Umbrella Rank: 315
secure-assets.rubiconproject.com
32 KB
17 google.com
adservice.google.com — Cisco Umbrella Rank: 68
region1.analytics.google.com — Cisco Umbrella Rank: 3686
www.google.com — Cisco Umbrella Rank: 2
2 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
secure.adnxs.com — Cisco Umbrella Rank: 417
14 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 32812
ad4m.at — Cisco Umbrella Rank: 10585
assets.ad4m.at — Cisco Umbrella Rank: 43177
444 KB
14 openx.net
oajs.openx.net Failed
rtbdemand-d.openx.net — Cisco Umbrella Rank: 38683
u.openx.net — Cisco Umbrella Rank: 619
us-u.openx.net — Cisco Umbrella Rank: 436
eu-u.openx.net — Cisco Umbrella Rank: 2294
rtb.openx.net
google-bidout-d.openx.net
2 KB
13 bitsngo.net
d99666469a0d.bitsngo.net — Cisco Umbrella Rank: 91307
246 KB
13 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 286
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 950
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
67 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 306
data.adsrvr.org — Cisco Umbrella Rank: 4378
3 KB
12 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 413
mug.criteo.com — Cisco Umbrella Rank: 2837
bidder.criteo.com — Cisco Umbrella Rank: 723
dis.criteo.com — Cisco Umbrella Rank: 575
17 KB
12 gmanews.tv
images.gmanews.tv — Cisco Umbrella Rank: 194888
related.gmanews.tv — Cisco Umbrella Rank: 318733
6 MB
10 33across.com
ssc-cms.33across.com
events-ssc.33across.com
4 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 373
218 KB
10 moatads.com
z.moatads.com — Cisco Umbrella Rank: 476
mb.moatads.com — Cisco Umbrella Rank: 731
px.moatads.com — Cisco Umbrella Rank: 546
147 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
3 KB
9 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 10551
user-sync.adxpremium.services — Cisco Umbrella Rank: 14847
12 KB
9 windows.net
prodpsus1.blob.core.windows.net — Cisco Umbrella Rank: 167292
prod-sb-appanalytics-us1.servicebus.windows.net — Cisco Umbrella Rank: 86365
3 KB
9 sharethis.com
ws.sharethis.com — Cisco Umbrella Rank: 9442
l.sharethis.com — Cisco Umbrella Rank: 4441
count-server.sharethis.com — Cisco Umbrella Rank: 10907
94 KB
9 google.de
adservice.google.de — Cisco Umbrella Rank: 9037
www.google.de — Cisco Umbrella Rank: 6080
2 KB
8 jixie.io
hb.jixie.io — Cisco Umbrella Rank: 42665
traid.jixie.io — Cisco Umbrella Rank: 43335
partnerrsc.jixie.io — Cisco Umbrella Rank: 71240
prebid.jixie.io
8 KB
8 gstatic.com
fonts.gstatic.com
180 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 562
dmp.adform.net — Cisco Umbrella Rank: 2844
cm.adform.net — Cisco Umbrella Rank: 1155
3 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 520
4 KB
7 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
web.facebook.com — Cisco Umbrella Rank: 228
15 KB
7 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1399
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3415
mv.outbrain.com — Cisco Umbrella Rank: 1929
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5858
100 KB
6 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 855
964 B
6 media.net
prebid.media.net — Cisco Umbrella Rank: 1346
contextual.media.net — Cisco Umbrella Rank: 599
25 KB
6 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2758
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 19744
creativecdn.com — Cisco Umbrella Rank: 531
4 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 970
pixel.quantserve.com — Cisco Umbrella Rank: 790
cms.quantserve.com — Cisco Umbrella Rank: 686
11 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 862
id5-sync.com — Cisco Umbrella Rank: 421
36 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
289 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
5 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 272
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423
2 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 514
3 KB
5 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1351
mp.4dex.io — Cisco Umbrella Rank: 1975
26 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1025
bcp.crwdcntrl.net — Cisco Umbrella Rank: 863
sync.crwdcntrl.net — Cisco Umbrella Rank: 755
13 KB
5 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 9205
log.outbrainimg.com — Cisco Umbrella Rank: 2537
images.outbrainimg.com — Cisco Umbrella Rank: 2408
12 KB
4 onaudience.com
pixel-eu.onaudience.com
pixel.onaudience.com
2 KB
4 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2323
vpaid.vidoomy.com — Cisco Umbrella Rank: 2900
a.vidoomy.com
20 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1870
3 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 482
2 KB
4 allaccess.com.ph
ads.allaccess.com.ph — Cisco Umbrella Rank: 304835
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 157
203 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
244 KB
4 andbeyond.media
rtbcdn.andbeyond.media — Cisco Umbrella Rank: 29689
prebid.andbeyond.media — Cisco Umbrella Rank: 23867
rtbpass-us.andbeyond.media — Cisco Umbrella Rank: 33114
142 KB
3 semasio.net
uipglob.semasio.net
uipus.semasio.net
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 26762
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26468
898 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 358
888 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 722
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 812
d.turn.com — Cisco Umbrella Rank: 1144
1 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 961
2 KB
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1572
2 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 199
40 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2230
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 639
71 KB
3 sphereup.com
zdwidget3-bs.sphereup.com — Cisco Umbrella Rank: 112521
18 KB
3 defybrick.com
rock.defybrick.com — Cisco Umbrella Rank: 8384
flint.defybrick.com — Cisco Umbrella Rank: 7904
20 KB
3 jixie.media
scripts.jixie.media — Cisco Umbrella Rank: 43578
89 KB
2 tynt.com
de.tynt.com
hde.tynt.com
3 KB
2 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1248
2 KB
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3044
33across-match.dotomi.com
207 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 742
s.tribalfusion.com — Cisco Umbrella Rank: 1808
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 606
771 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4789
562 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
2 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 607
374 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 550
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4604
744 B
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 797
134 KB
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 78256
685 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 80054
442 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 729
489 B
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 724
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 592
777 B
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 141178
static-de.ad4mat.net — Cisco Umbrella Rank: 183763
4 KB
2 mookie1.com
static-tagr.gd1.mookie1.com — Cisco Umbrella Rank: 60021
ph-gmtdmp.mookie1.com — Cisco Umbrella Rank: 266715
2 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 3109
380 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 939
810 B
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1238
c.go-mpulse.net — Cisco Umbrella Rank: 615
49 KB
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 677
451 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 694
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 80
63 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 344
2 KB
1 zeotap.com
mwzeom.zeotap.com
382 B
1 truffle.bid
matching.truffle.bid
1 erne.co
green.erne.co
412 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com
641 B
1 tokopedia.com
accounts.tokopedia.com — Cisco Umbrella Rank: 39059
2 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 339
648 B
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3605
462 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2066
308 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1253
283 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5565
277 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 849
226 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5255
369 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 645
940 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1470
524 B
1 ck-ie.com
as.ck-ie.com — Cisco Umbrella Rank: 7607
484 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1812
173 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1040
460 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1733
428 B
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 15269
3 KB
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 128549
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 91562
1 KB
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 81468
474 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16768
696 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 375
98 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 817
6 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 918
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2334
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2631
2 KB
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 26743
3 KB
1 adlooxtracking.com
p.adlooxtracking.com — Cisco Umbrella Rank: 23428
8 KB
1 dailymotion.com
geo.dailymotion.com — Cisco Umbrella Rank: 6225
14 KB
0 cloudfront.net Failed
d31qbv1cthcecs.cloudfront.net Failed
547 119
Domain Requested by
52 images.gmanetwork.com www.gmanetwork.com
25 tpc.googlesyndication.com www.gmanetwork.com
f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
23 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.gmanetwork.com
cdnjs.cloudflare.com
19 cm.g.doubleclick.net 10 redirects f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
ap.lijit.com
us-u.openx.net
14 ce.lijit.com ap.lijit.com
us-u.openx.net
ads.pubmatic.com
13 simage2.pubmatic.com ads.pubmatic.com
13 pagead2.googlesyndication.com d99666469a0d.bitsngo.net
f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
cdnjs.cloudflare.com
tpc.googlesyndication.com
www.googletagservices.com
13 d99666469a0d.bitsngo.net zdwidget3-bs.sphereup.com
12 ib.adnxs.com 3 redirects rtbpass-us.andbeyond.media
cdnjs.cloudflare.com
11 match.adsrvr.org cdnjs.cloudflare.com
us-u.openx.net
ads.pubmatic.com
partnerrsc.jixie.io
11 images.gmanews.tv www.gmanetwork.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
9 x.bidswitch.net 9 redirects
9 ap.lijit.com 4 redirects rtbpass-us.andbeyond.media
cdnjs.cloudflare.com
ads.pubmatic.com
9 www.google.com 1 redirects www.gmanetwork.com
f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
8 image2.pubmatic.com ads.pubmatic.com
8 prod-sb-appanalytics-us1.servicebus.windows.net www.gmanetwork.com
cdnjs.cloudflare.com
8 fonts.gstatic.com fonts.googleapis.com
7 pixel.rubiconproject.com 3 redirects adxbid.info
7 aax-eu.amazon-adsystem.com 4 redirects ap.lijit.com
ads.pubmatic.com
7 match.prod.bidr.io 7 redirects
7 adservice.google.com securepubads.g.doubleclick.net
7 adservice.google.de securepubads.g.doubleclick.net
7 data2.gmanetwork.com www.gmanetwork.com
6 ssc-cms.33across.com 6 redirects
6 user-sync.adxpremium.services adxbid.info
ads.pubmatic.com
vid.vidoomy.com
6 assets.ad4m.at as.ad4m.at
6 prebid.a-mo.net rtbpass-us.andbeyond.media
cdnjs.cloudflare.com
6 px.moatads.com www.gmanetwork.com
6 ws.sharethis.com www.gmanetwork.com
ws.sharethis.com
6 www.facebook.com www.gmanetwork.com
connect.facebook.net
6 www.googletagservices.com rtbcdn.andbeyond.media
f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
6 fonts.googleapis.com www.gmanetwork.com
aphrodite.gmanetwork.com
zdwidget3-bs.sphereup.com
securepubads.g.doubleclick.net
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
5 sync.1rx.io 5 redirects
5 aphrodite.gmanetwork.com www.gmanetwork.com
aphrodite.gmanetwork.com
4 events-ssc.33across.com hde.tynt.com
4 token.rubiconproject.com 4 redirects
4 a.audrte.com 3 redirects ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 us-u.openx.net 1 redirects ap.lijit.com
us-u.openx.net
4 ads.pubmatic.com ap.lijit.com
ads.pubmatic.com
adxbid.info
4 eus.rubiconproject.com rtbpass-us.andbeyond.media
eus.rubiconproject.com
hde.tynt.com
4 ad.doubleclick.net 4 redirects
4 ad4m.at as.ad4m.at
ad4m.at
4 sync.mathtag.com 4 redirects
4 cms.quantserve.com 3 redirects f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
4 as.ad4m.at f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 gum.criteo.com 2 redirects static.criteo.net
4 id5-sync.com cdn.id5-sync.com
cdnjs.cloudflare.com
4 ads.allaccess.com.ph www.gmanetwork.com
4 connect.facebook.net www.gmanetwork.com
connect.facebook.net
images.gmanetwork.com
4 www.googletagmanager.com www.gmanetwork.com
www.googletagmanager.com
3 prebid.jixie.io partnerrsc.jixie.io
hde.tynt.com
3 s.amazon-adsystem.com 2 redirects
3 ups.analytics.yahoo.com 3 redirects
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 eb2.3lift.com 2 redirects adxbid.info
3 secure.adnxs.com 3 redirects
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 rtb.mfadsrvr.com 3 redirects
3 u.openx.net rtbpass-us.andbeyond.media
3 contextual.media.net rtbpass-us.andbeyond.media
3 traid.jixie.io cdnjs.cloudflare.com
3 dis.criteo.com 2 redirects f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
3 rtb.adxpremium.services rtbpass-us.andbeyond.media
cdnjs.cloudflare.com
3 prebid-asia.creativecdn.com rtbpass-us.andbeyond.media
cdnjs.cloudflare.com
3 bidder.criteo.com rtbpass-us.andbeyond.media
cdnjs.cloudflare.com
3 rtbdemand-d.openx.net rtbpass-us.andbeyond.media
cdnjs.cloudflare.com
3 fastlane.rubiconproject.com rtbpass-us.andbeyond.media
cdnjs.cloudflare.com
3 mp.4dex.io rtbpass-us.andbeyond.media
cdnjs.cloudflare.com
3 ads.betweendigital.com rtbpass-us.andbeyond.media
cdnjs.cloudflare.com
3 prebid.media.net rtbpass-us.andbeyond.media
cdnjs.cloudflare.com
3 cdnjs.cloudflare.com zdwidget3-bs.sphereup.com
3 static.criteo.net securepubads.g.doubleclick.net
rtbpass-us.andbeyond.media
cdnjs.cloudflare.com
3 zdwidget3-bs.sphereup.com www.gmanetwork.com
3 widgets.outbrain.com www.gmanetwork.com
3 z.moatads.com www.gmanetwork.com
z.moatads.com
images.gmanetwork.com
3 c.amazon-adsystem.com rtbcdn.andbeyond.media
c.amazon-adsystem.com
3 scripts.jixie.media www.gmanetwork.com
scripts.jixie.media
2 pixel.onaudience.com 2 redirects
2 uipus.semasio.net 1 redirects
2 pixel-eu.onaudience.com 2 redirects
2 a.vidoomy.com
2 cm.adform.net 2 redirects
2 ssum.casalemedia.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 p.rfihub.com 2 redirects
2 eu-u.openx.net us-u.openx.net
2 pixel-sync.sitescout.com ap.lijit.com
ads.pubmatic.com
2 pixel-us-east.rubiconproject.com ap.lijit.com
eus.rubiconproject.com
2 ad.turn.com 2 redirects
2 creativecdn.com 2 redirects
2 bh.contextweb.com 2 redirects
2 pool.admedo.com 2 redirects
2 static.xx.fbcdn.net www.facebook.com
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 onetag-sys.com 1 redirects f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
2 script.4dex.io rtbpass-us.andbeyond.media
script.4dex.io
2 images.outbrainimg.com www.gmanetwork.com
2 mcdp-nydc1.outbrain.com widgets.outbrain.com
2 www.google.de www.gmanetwork.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 l.sharethis.com ws.sharethis.com
www.gmanetwork.com
2 f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 mug.criteo.com www.gmanetwork.com
2 log.outbrainimg.com widgets.outbrain.com
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
cdnjs.cloudflare.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 cdn.id5-sync.com www.gmanetwork.com
securepubads.g.doubleclick.net
2 flint.defybrick.com rock.defybrick.com
www.gmanetwork.com
2 sync.search.spotxchange.com 1 redirects www.gmanetwork.com
2 www.youtube.com www.gmanetwork.com
www.youtube.com
2 cdn.jsdelivr.net www.gmanetwork.com
securepubads.g.doubleclick.net
2 prebid.andbeyond.media rtbcdn.andbeyond.media
2 www.gmanetwork.com www.gmanetwork.com
1 uipglob.semasio.net 1 redirects
1 mwzeom.zeotap.com
1 matching.truffle.bid ads.pubmatic.com
1 green.erne.co 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 33across-match.dotomi.com hde.tynt.com
1 secure-assets.rubiconproject.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 rtb.openx.net 1 redirects
1 hde.tynt.com partnerrsc.jixie.io
1 de.tynt.com 1 redirects
1 accounts.tokopedia.com partnerrsc.jixie.io
1 partnerrsc.jixie.io scripts.jixie.media
1 vpaid.vidoomy.com vid.vidoomy.com
1 vid.vidoomy.com adxbid.info
1 px.ads.linkedin.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 ad.mrtnsvr.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 as.ck-ie.com 1 redirects
1 d.turn.com 1 redirects
1 tr.blismedia.com ap.lijit.com
1 data.adsrvr.org ap.lijit.com
1 sync.targeting.unrulymedia.com 1 redirects
1 pixel-eu.rubiconproject.com ap.lijit.com
1 aorta.clickagy.com 1 redirects
1 adxbid.info rtbpass-us.andbeyond.media
1 web.facebook.com 1 redirects
1 hb.jixie.io cdnjs.cloudflare.com
1 partner.blau.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.conrad.de as.ad4m.at
1 www.awin1.com 1 redirects
1 googleads.g.doubleclick.net www.gmanetwork.com
1 static-de.ad4mat.net as.ad4m.at
1 ssbsync.smartadserver.com f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
1 prod-rtb.ad4mat.net www.gmanetwork.com
1 idsync.rlcdn.com prodpsus1.blob.core.windows.net
1 ph-gmtdmp.mookie1.com www.gmanetwork.com
1 maxcdn.bootstrapcdn.com www.gmanetwork.com
1 prodpsus1.blob.core.windows.net zdwidget3-bs.sphereup.com
1 c.go-mpulse.net s.go-mpulse.net
1 count-server.sharethis.com ws.sharethis.com
1 region1.analytics.google.com www.googletagmanager.com
1 static-tagr.gd1.mookie1.com images.gmanetwork.com
1 mv.outbrain.com widgets.outbrain.com
1 related.gmanews.tv www.gmanetwork.com
1 pixel.quantserve.com www.gmanetwork.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 region1.google-analytics.com www.googletagmanager.com
1 rules.quantcount.com secure.quantserve.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 secure.quantserve.com images.gmanetwork.com
1 s.go-mpulse.net images.gmanetwork.com
1 wrappers.geoedge.be rtbpass-us.andbeyond.media
1 rock.defybrick.com widgets.outbrain.com
1 widget-pixels.outbrain.com www.gmanetwork.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 rtbpass-us.andbeyond.media rtbcdn.andbeyond.media
1 p.adlooxtracking.com rtbcdn.andbeyond.media
1 mb.moatads.com z.moatads.com
1 geo.dailymotion.com www.gmanetwork.com
1 rtbcdn.andbeyond.media www.gmanetwork.com
0 oajs.openx.net Failed oa.openxcdn.net
0 d31qbv1cthcecs.cloudfront.net Failed images.gmanetwork.com
547 204
Subject Issuer Validity Valid
*.gmanetwork.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-10 -
2023-06-10		 a year crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2023-02-14 -
2024-03-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.jixie.media
Sectigo RSA Organization Validation Secure Server CA		 2022-08-28 -
2023-09-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.dailymotion.com
ZeroSSL ECC Domain Secure Site CA		 2023-03-25 -
2023-06-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2023-05-22 -
2023-08-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-01 -
2023-05-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.gmanews.tv
Amazon RSA 2048 M01		 2023-04-27 -
2024-05-25		 a year crt.sh
*.outbrainimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-02 -
2024-03-02		 a year crt.sh
rock.defybrick.com
Amazon RSA 2048 M01		 2023-04-09 -
2024-05-08		 a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-10		 8 months crt.sh
*.defybrick.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-26 -
2023-07-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.sphereup.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-10 -
2023-11-10		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-03-30 -
2023-06-28		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.allaccess.com.ph
Amazon RSA 2048 M01		 2023-04-13 -
2024-05-11		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
quantserve.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.bitsngo.net
Sectigo RSA Domain Validation Secure Server CA		 2022-05-04 -
2023-06-04		 a year crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-20 -
2024-06-17		 a year crt.sh
static-tagr.gd1.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-01 -
2023-12-01		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2023-03-19 -
2024-03-19		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-05-09 -
2023-08-07		 3 months crt.sh
*.a-mo.net
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
servicebus.windows.net
Microsoft Azure TLS Issuing CA 06		 2023-04-16 -
2024-04-10		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-04-09 -
2023-07-08		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.jixie.io
Sectigo RSA Organization Validation Secure Server CA		 2022-04-30 -
2023-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
adxbid.info
E1		 2023-04-12 -
2023-07-11		 3 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-04-12 -
2023-07-11		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
jixie.io
Amazon RSA 2048 M02		 2023-03-06 -
2024-04-03		 a year crt.sh
*.tokopedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-02 -
2023-09-02		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
truffle.bid
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh

This page contains 68 frames:

Primary Page: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Frame ID: 66E70DA5549230CDC426E855C78643B8
Requests: 295 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 9A5A9E37B43B9D1E96671639FFF95285
Requests: 1 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/FG65A-Y848M-3TACG-B2LGY-Y72BW
Frame ID: 42843BB14AF2E3CE503306B23D2FCF7C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.gmanetwork.com
Frame ID: 6CFD550DF0A56B48A605EAB1B0263052
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3C44DB86CC6201915A6039BB6E2FA721
Requests: 1 HTTP requests in this frame

Frame: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FF33ECD62AFF76881CB3E9374C834B91
Requests: 1 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/711123.html?partner_uid=07dbbd25-4a7e-4391-9b4f-7e4a47f2d5ca
Frame ID: 8D2EADF1F60D3F0434407FB010CAC1CB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs
Frame ID: 15CBC27F561C73B81A6BB941B4469636
Requests: 16 HTTP requests in this frame

Frame: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C44C29C51AB730AF5B1C9F37903B21DF
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j7krcjbpa2k15ya27v1ncnrhtj5nmw1htq9457gbd2wh9yt8c9e8s5k55wpmxkcbgj64txvqxy3xm2dwbh061tj9ctqq1t6xz8s6jqs89ptn7s4gwf16wdgmandqtbzr1ts2hr2qgxr6y6fry0k7nq0h61shq06208fqamgb4scn9b26b8vwxd0p6dhk6fknrct6p5tf9wq4kqrzragaddxgxz9m4apasdjahyc3drc6gzgb97ww8d66m51h0xfwbky4d822ggw78meznc22c2fhksje9qexmsg3w57y19zrr0grm9gj1ytb1gzj6hh3hg5hzqe2jypqddj74p6yp2k7vsgh7vhw1ygmegscb4wx99cem8b5ay98g0b3k4164dqmszj23x56f4p7cbxneg2jga3d440sfk7tqtxjfnft3vasacem&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Frame ID: 3D2627E5B4045272AB835FF96AA8E15E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 29801C6751C75170E6DA1BC088919C4E
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 80EAD6232054D6E21B68A025689CB310
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs
Frame ID: 8454165072E6E3BF614969DF5C863E9D
Requests: 13 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=76a958e8438986ea4c2fb98ffd04d2bc%2F1539789417791976244&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684786859869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kgcqqqa593qqzg7hasqm1btbbjvf2c1bhp7tm34bk2kava2dya8zw7wc6w9ybevj925cxn820npsyvqa2xy8bjfrmja0a2yhk5fj1za6ekcs7yq4yffrn9xdx8zd6v3cx47bpg3xy9xa9hsw1c98w64tgwz7bqk0mngd6b14yay418ba0bve5pc7sksbqarwmtxrzvm8jcv1r6v1gczvcgg076na3k4zjcsj0e28es2t448hfeccab4w9fh9zasb8204vdezrpmyfrexrhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%2526client%253Dca-pub-8731210765202237%2526adurl%253D&y=1&s=&z=0
Frame ID: 73DCE7E8702E7B657D34852A17B7DD8A
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaad977c4fe604%26domain%3Dwww.gmanetwork.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2f5bb75d704718%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720&_rdc=1&_rdr
Frame ID: 9F5944753DC082CBD87E3D059EA21252
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DE9B5AF31C274D04DBD7DCE869AE0517
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 23CFAD3EE1BAB342AE31F97541D1CE0E
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvh563iF2ZavPxDG1IXMqethOltkCweyDfotU382qT4f6uyOU2SXWknt5w08r9Nkcgbh1SkOHavRvJ9DNV61RK6lgmkLqUiF-_ASp1EROxLL7GyOGmZMwDUUrMH2xePFwnm6eAjIoV7WBT99DaBi4gUTzD1kmOKv6Y4aLLNk9zjK6zfG469nrFavF-5ZzC58eMazB-FLpFNyb5JIMLExv2b14H6s8J5WtwG0Sd7-5hdhb53Hcx0Zz8SzWVn3ddgJGhLp-Lko3-TvaMmoCijuAEn0NeWXOoWMMyCuQFS4KXkV0b06H3Jpy9ZCkPSbEWD6k3n1kZsu64u5_ryfJU&sai=AMfl-YQ4P95Y2NOhLqvhQPP4UwxKmj6aYq5fRdMhxpL7waukJzsKcZAo0t0z3cQTtUlme8u-ve0YNbNReaCJLOLDVsD5UWoqztncNThExgE7cjIMC_1-Bz09rf53t1KKiRw&sig=Cg0ArKJSzN8kEMrn2rUFEAE&uach_m=[UACH]&adurl=
Frame ID: 4876713DED8DEB5F82D50C30378C7495
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulUCppIMf2aMgx-Qfn_FmveZ82HSSRQnc9GWjc7Gl-QV4WlmYh1mxGfewdbwg0Alqh8vXirl28ucf3b7eHJwPof3U88jEBxJzqn3suMy2yDfdSuMjAvId6YoWKujUqPa1MC-prbdLzPbC7PF5glweQZNJ2KcgyX3Ps16EVEW_jew4VWaSwA8Yk6pmniHUCx-dPNG4_79VZtQbsq-paTWJaScksXCf-f63fZ8U3TL8PlYIMSjqP0xNtbqCy46EzBXGoEoWFQDqWPv2Ji1iSyeKcEfmcAdokhDGuM2gaWbgHCi3NW2Wek1tDfZ5e3fSgkKdpTz1FS-AQvBUBJOjB&sai=AMfl-YQffU0f6IPLmVZOnBFBUQAEXvHSbM7GSWmYguHXiUYaELUoomCNhMWHxGUrxqpkHAulcvkWizZK_qOZKzbNGls7crschh57BDmzaNqtOcEs7NBVeYD6-KhNHJ9wIFk&sig=Cg0ArKJSzIHw2PCbAhB7EAE&uach_m=[UACH]&adurl=
Frame ID: 2D857CC13758F2DFFACE6092D6496283
Requests: 9 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure/index.html
Frame ID: 7E9EC2E6180C13C138EC88363F26422C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRb3I0jiCDoiqEhtOQqNxZQ8gpu5A1ndkOAdZDZNzAMxeSnahJdOdFqTsg_W6JXZB-RG1XzG0BffuruvTdxCvFDB6a61O-6Eq3rH5yzatbg22-yx84t2gixy5RGD056iiNkOp63WfKPmRLam_S2CIp5u2epHknboYjyVmuRic93Mt9AAjcDI02MxFMejb4K6l0Gh4AxytyP56_i55cCbpQp7il8kv3SjMyLq6k_LlwvdqsHSJoTidfvFGj6VA9jvF2ZFG9CDVVona1mT1yHhKk4A_WpQ9uh3GOFAK9V6wU-UALx38PObUx-7HbyFP0V0lHRviqMMxpj0WgAb4d&sai=AMfl-YTKP3veAJKofsccBg0KttnUBuKWXrnaoP7v_7WPJY3GcH6Mhoi6wRQ5J2NtF-xpNshkiJ_3C2pB9Ubj3hptdpQZwvSrM5dzw37-NwVn33pfhI1SG9WSVKWqT-mPeQ0&sig=Cg0ArKJSzBdpx_MFGHD_EAE&uach_m=[UACH]&adurl=
Frame ID: 1BE8054616C0BCE9B7BBA41C17531CAF
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gmanetwork.com
Frame ID: CECE93EF285BD7CD99D9B0BB5B77FFEC
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvS8ETU921t5k_wgXRJ8jYwwj5YEfWxFtNAXnS0YjCeFczD5YtUZ-Cbxjc1R7B8pTLxL46aFFa0Qa502SoXcJKnlBxJ3c4Mb-5fJ6_TCMspQcuWSgyazYMFNEjsL_l6IKjP2nhD-EFUEq6bdTclPh4eAAyVHCXzR8DV4Np0-e4TWYl6Huugg7Z63HrYU9sSijGvXNf_tbFhHUdgrZg6Al0mpztzWTrCcZjR-rbbHtA57iNJTR8WdEoiUN_Y8aCMJASx7XqtpJ_w7QTHOYAEPTWEf_PqKL_JO63ED4TvSTxivsPa36JizVnYIC31K6qxfpC5OeIchYLg4_oot9G&sai=AMfl-YRGcSwhhOoINLp9ip3-udVLarjmGdHxBwYibH-JLOLDYP8uVJJ2CFZ9gal_OTcCdzdDv-BPF80PbOg-5EqMoA_MhEuiyXK45Tdr5NrbC7XPSP5nybv3aFkC31oeEeY&sig=Cg0ArKJSzFLvVBzV16NKEAE&uach_m=[UACH]&adurl=
Frame ID: CCC7D957F015408F35E17C7FB07244C0
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 8E5C99AF42D0D2117642C233796C6C1E
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 6E2D908AEEAEDE2AF4F35999CB42AF0A
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: A86909CAE1B6FE5EF6C9E3DCA40B1181
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0E230F0E98981D150FD314050FAF0680
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: ADD0F9AA7E89B3D08704F011C8D6D380
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13413210
Frame ID: 666BEC8091508E43601979D415F32AEF
Requests: 20 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: B67FE103744E0CE7AC4AB0D69FC5D5BF
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A4C8522FA3BA651B87BA77C5D288E87F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 50F9F49089020A0DED0F2888343B665B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 8A6E7F82B63BF10FB8514B3AED0A6F31
Requests: 5 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=4481141920767445440&gdpr=0&gdpr_consent=
Frame ID: E8FADA740B56158D4866126670A1A295
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: C9BD78BA22D6E743A53768AB2F93C9CB
Requests: 20 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: D5BDAC575BD1D715FDE7B0F42484B1B8
Requests: 8 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1990646b-ceac-4e00-af76-c19142a94aff&gdpr=0&gdpr_consent=
Frame ID: 8394BC8789A9418EAD163EE96C40A20D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727881588728
Frame ID: 3DC6516FF64B0DD127A894D31C31B03B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: C55A18C8B77D7DF0AECFED927C83A85B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6444126673705367398
Frame ID: 04DEA455E78EA78A4AA4B831F52C6D93
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=82334AC2-ACE7-4C10-A065-4F70405E53CF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 29AF8730E2399CDCC39A48CB4B89C44A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ef-Wk0SuwZAK-MSXRP2NwBTyk5UK_ZKUQf2Te9Wp
Frame ID: F2B02D5EF971A3D6CE03F19B27FA2088
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6211424790572879189&gdpr=0&gdpr_consent=
Frame ID: DA30BD9C0D577455FB82D7A8E261F9B1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7236104481632286872&gdpr=0&gdpr_consent=
Frame ID: 5BCA5A7250DF7C9B25EA2F112997D745
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGvOsAAMGou4XQBa
Frame ID: 556525473FE2883492509BDD94374CF3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADH9E7I150AAB-5Gc64Dw&gdpr=0&gdpr_consent=
Frame ID: 74F4EF7167E66F37F6095609C3EB94C6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dz0Zgdq1UfpcphIZsbr9z9lAlwk&gdpr=0&gdpr_consent=
Frame ID: 355C0193F19433501D126572453B3798
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 621671ED67EFFF5B4F127440B47EB57D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: AE057ECE16696F56E727A9C9CD12EF80
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 513AC1B206C17852BA8CBFEA10C3DACF
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: DCE131F00FA13CD7F3BDD38623DA8102
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 1AB8F2C629B4D53B3919979CB5B6D2B9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=82334AC2-ACE7-4C10-A065-4F70405E53CF&gdpr=0&gdpr_consent=
Frame ID: 5C2C37E067EBFCB04C9DBA241C8EDA26
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/merge?pid=71&3pid=82334AC2-ACE7-4C10-A065-4F70405E53CF
Frame ID: F8FF7922877289FD5413B4507BDD8FC0
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Frame ID: 150C3948AE7EC7CB9E243F9647D2E1D9
Requests: 6 HTTP requests in this frame

Frame: https://partnerrsc.jixie.io/pbs/jx-load-cookie.html?accountid=${accountId}
Frame ID: C57DE0D2D0AB51FC40D1ECCBA34B594B
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 1B99583A4EB21B3DA888D695EB295028
Requests: 2 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Frame ID: 642C17234BD32C368422BB629029670B
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 26183805C36CDC13B74DB1196D933A64
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 5347C6457AEB5536BB3FFDD39B59D466
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=82334AC2-ACE7-4C10-A065-4F70405E53CF&gdpr=0&gdpr_consent=
Frame ID: FFFAD6C1B3ECD4E6447BAFF051030791
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=161g5a3kd6cw
Frame ID: 4F644A06F9FB0E32A677EE44A4DF3A1B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVQQRbaUgMVWQjWQY&gdpr=0&gdpr_consent=
Frame ID: 5DFFFFB4392B7D5BDBD3573897B15F2B
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: D7697302E718650D2A206F47BE9FFAF5
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5550509731
Frame ID: B3C568445724D0EB22CEE4A9DC682A5A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D108878FEE5747388D74D90E74FC83F6&gdpr=0&gdpr_consent=
Frame ID: 8BA39AB7143126A4D97B2A8E1D6C6AE7
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=82334AC2-ACE7-4C10-A065-4F70405E53CF
Frame ID: 53DAA74FE2471A6B9323BBD19E89FB46
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=82334AC2-ACE7-4C10-A065-4F70405E53CF
Frame ID: 36ADECF46E76E7FC5B88B7A3404D4290
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Philippines detects 7 more Arcturus cases | GMA News Online

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

547
Requests

88 %
HTTPS

29 %
IPv6

119
Domains

204
Subdomains

140
IPs

15
Countries

11197 kB
Transfer

18970 kB
Size

155
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80
  • https://sync.search.spotxchange.com/partner?source=71084&sync_limit=7 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=71084&sync_limit=7&__user_check__=1&sync_id=2953a814-f8de-11ed-a7f5-11372f1a0406
Request Chain 146
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=gmanetwork.com&sn=ChromeSyncframe&so=0&topUrl=www.gmanetwork.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=SG66PXxWSWx6RXRoaVlxbCtaWW5DZnVFYWw5Qm5ZS1g5QXpYWlZNWkRsKzFnWW4yeFdYUnZ2eHo3R2E4WGthcFZ6YzJEZGI0eUpmVm9MQ2lpeWM2azdWbW5rb0JEaVdHSTZBd2k1SEREcFd6T0RTWDdVVUl0bkl5bkFaMkdsd1FIbU52T256cmcwK3JnRVRiYUNaTW9MREFhc1lMcThOaEtQd2xjUEp2T3ozTlE3OU0wZUlkVEo3WS8vNEpxZ0Y4MnpzVGNERTFlcXNXUk5GSEpBcXBEcXZPcmQ4Q3ZuTmYwSGdRK2RmM08rNS9PYkFyMWloQjAxNCtydWZyTyswV2VuWEhNaEJ3OEtKeFF1eEZIZWtoZDNyV2xKejNhbXZIMEJRY2Iyb0d0bHRGM3ZaQT18&cppv=2
Request Chain 308
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEElp5oDU4WaE64IMCN-JcuI&google_cver=1&google_push=ATf1kGNwUzcKyLrzGSwLhMqylfWbJganV3gIdsQuh-99QP5oymonx-T4XZC5_8FCs-RJHkJ1v6aJfNiNvqM9264BRLrjd0_eA8vy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNwUzcKyLrzGSwLhMqylfWbJganV3gIdsQuh-99QP5oymonx-T4XZC5_8FCs-RJHkJ1v6aJfNiNvqM9264BRLrjd0_eA8vy
Request Chain 309
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEB6V9NCqfUPz5c9-d0OkEkA&google_cver=1&google_push=ATf1kGMQrnYce63AvJN4LyrCUuVY5alI4xiKFHGhBvoUu8Z4RPEB8w1NC7iA05A5AHskRUSTyBMxlK2g6V3y5maxHwEBs5yOE5AS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Qq4UFawtzM2t60BEBHAzr2tnczGAlV4mZHb2ZQ&google_push=PUSH_DATA HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
Request Chain 310
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEP6Qag44bRjzHMoxbX7lTrs&google_cver=1&google_push=ATf1kGNNfeY5AZuRhyef3VNJepwwr3424bPjM3eF7aAe-me17ysGzXuunNeSQXu49YG5Zr9kC-73klhcqaZfNm-ebpMOvrZ8keKj HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNNfeY5AZuRhyef3VNJepwwr3424bPjM3eF7aAe-me17ysGzXuunNeSQXu49YG5Zr9kC-73klhcqaZfNm-ebpMOvrZ8keKj&google_hm=GsJkuBZHeFaBMTq_RMOrVZ6q
Request Chain 312
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEK9q23CKsBlWfzRYD5CGgKM&google_cver=1&google_push=ATf1kGOcB9TNtA37HyE8sRyeCrr1FfaxBD_V-9GtRDnW3z09FZGVhBj8_R9CBR58qcGuMLcrBoUX0wwF5MBaMoaHcEsyNpucPFQUSA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOcB9TNtA37HyE8sRyeCrr1FfaxBD_V-9GtRDnW3z09FZGVhBj8_R9CBR58qcGuMLcrBoUX0wwF5MBaMoaHcEsyNpucPFQUSA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 313
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAX5TCFHz89_aLyGcZgsSJU&google_cver=1&google_push=ATf1kGPmING6EmbCy3Pk5q91ETgt7xetvdZnpcWlOG_i_4UEAMD-B0jjDLqdJHo6TpDwEZBABBap37Kx5LEGCoti9y9kmEixFNt1dA HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAX5TCFHz89_aLyGcZgsSJU&google_cver=1&google_push=ATf1kGPmING6EmbCy3Pk5q91ETgt7xetvdZnpcWlOG_i_4UEAMD-B0jjDLqdJHo6TpDwEZBABBap37Kx5LEGCoti9y9kmEixFNt1dA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=852d591c-0ca6-422a-bad4-c466ea7b6833&%%GOOGLE_PUSH_PAIR%%
Request Chain 332
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 337
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1684786860_2aafdcf2-f8de-11ed-afd4-223664211a24&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 340
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLClwZLgif8CFVbjEQgdGW8Low;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023052222210085182864465X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023052222210085182864465X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Request Chain 343
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CPOmwZLgif8CFbnTEQgd2R8GrA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023052222210085182864467X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Request Chain 346
  • https://web.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaad977c4fe604%26domain%3Dwww.gmanetwork.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2f5bb75d704718%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720 HTTP 302
  • https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaad977c4fe604%26domain%3Dwww.gmanetwork.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2f5bb75d704718%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720&_rdc=1&_rdr
Request Chain 396
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gmanetwork.com&sn=ChromeSyncframe&so=3&topUrl=www.gmanetwork.com&bundle=HdCBJV9aeUdQMGwlMkYlMkZkNXp1NUlGVXlyamg0RXllWSUyRnNEUWVpNTV6JTJGOWduWmNoY05nWG9sZXdJTDZPbFR5OHBXQktJQUlscGZua2ppTFYlMkZzVmlRY3lnUzZMald2JTJCWlh0SDIlMkJUd0RXS1lRRHQlMkJxT0JOa1Z4JTJGZWZZSHltNHRaUFFOaHF0bXFzREpkaWNaT0tIbEFURHFZcTVERUElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=WOYQ6Xxtb1daYXR6a25YY3NFd0N6WE5NbFh0ejFYUW5nVWxXd0RyaWw0NHczanh0ckpZeDh6TXJSaXErZXdzV1R4SUtKQTQzbmR1M0NuY0tCaHNJQnRaWEZmYSs2VmQrRkhKNmVDdTcvR0c5NDI2cHkydVpDbDhqV0tXQjM5ZWVac2pDTExYb3FnbFJaZGhVVkhxdExrL0c4N3BYQ05qcTZhWXVlR2hrTXRCZ1FudnA1S1FiU3AvcSs4eE14RDVGY05EajI4T3JuekczOWFJNTRXK2ZnY2dDN05UaGV3Zk1ja21LSVQ1WDlzQzMrODNZNyszV3JuT3JaRmlpVXZ2WGxVWUR6Zlk4cGMvN05BSktzbHYrdVZvU1hlNVEveDZlcnRnaUJDbWdCMmhwR1RlVT18&cppv=2
Request Chain 427
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=852d591c-0ca6-422a-bad4-c466ea7b6833 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=852d591c-0ca6-422a-bad4-c466ea7b6833 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d34d3993-ae77-465c-9b5f-3e56b5a01cf0&user_group=1&ssp=fmx&bsw_param=852d591c-0ca6-422a-bad4-c466ea7b6833 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=852d591c-0ca6-422a-bad4-c466ea7b6833&gdpr=&gdpr_consent=
Request Chain 428
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=1lAoUYMBf1LNV3pVg1IzAtNdLVfNUixWhlIfMaaV
Request Chain 429
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3NKa3VCWkhlRmFCTVRxX1JNT3JWWjZx&gdpr=0
Request Chain 430
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=946aec0b-3c4c-426c-908d-15f85e44308e
Request Chain 431
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=GsJkuBZHeFaBMTq_RMOrVZ6q&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:c8d56fded8ac0ebb42defdc45a078b4e
Request Chain 432
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=TnZRYf39dQMR&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 433
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=NYdZ4MWG7iS7PNntBVVu&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 435
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AADH9E7I150AAB-5Gc64Dw&gdpr=0
Request Chain 436
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1684786864524 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6747032866 HTTP 302
  • https://sync.1rx.io/usersync/turn/4141832342675863258?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a781c553-5461-41a8-92dc-22cd95564c49-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-a781c553-5461-41a8-92dc-22cd95564c49-003 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-a781c553-5461-41a8-92dc-22cd95564c49-003
Request Chain 438
  • https://um.simpli.fi/lj_match?r=1684786864450&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=D108878FEE5747388D74D90E74FC83F6
Request Chain 440
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Request Chain 441
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D92%25263pid%253D%2524UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=5641317918713889930&gdpr=0&gdpr_consent=
Request Chain 442
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D12%25263pid%253D%2524UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=6211424790572879189&gdpr=0&gdpr_consent=
Request Chain 444
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3NKa3VCWkhlRmFCTVRxX1JNT3JWWjZx&gdpr=0
Request Chain 447
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=4481141920767445440&gdpr=0&gdpr_consent=
Request Chain 449
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Request Chain 454
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1990646b-ceac-4e00-af76-c19142a94aff
Request Chain 455
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=7JwXY7nNQGD3m0VnuZ4MMOmREmX3nhNkvJ6OrzvY
Request Chain 456
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5609970843254466368
Request Chain 459
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPu72eFmDWcNiSUXLenM8tk&google_cver=1
Request Chain 460
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=d1ec44d7427ca921b3d741442f9b917fa4b3245934f4c0ffb28b0bacae5d694f
Request Chain 462
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1990646b-ceac-4e00-af76-c19142a94aff&gdpr=0&gdpr_consent=
Request Chain 463
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727881588728
Request Chain 464
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 465
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6444126673705367398
Request Chain 466
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=82334AC2-ACE7-4C10-A065-4F70405E53CF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=82334AC2-ACE7-4C10-A065-4F70405E53CF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 467
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ef-Wk0SuwZAK-MSXRP2NwBTyk5UK_ZKUQf2Te9Wp
Request Chain 468
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6211424790572879189&gdpr=0&gdpr_consent=
Request Chain 469
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7236104481632286872&gdpr=0&gdpr_consent=
Request Chain 470
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGvOsAAMGou4XQBa
Request Chain 471
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFcGprN0kxNTBBQUNCQVlZY1BXUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADH9E7I150AAB-5Gc64Dw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADH9E7I150AAB-5Gc64Dw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADH9E7I150AAB-5Gc64Dw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2808288672165848493&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADH9E7I150AAB-5Gc64Dw&gdpr=0&gdpr_consent=
Request Chain 472
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dz0Zgdq1UfpcphIZsbr9z9lAlwk&gdpr=0&gdpr_consent=
Request Chain 474
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 477
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 478
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=82334AC2-ACE7-4C10-A065-4F70405E53CF&gdpr=0&gdpr_consent=
Request Chain 480
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gjNKwqznTBCgZU9wQF5Tzw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 482
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2845458724 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=82334AC2-ACE7-4C10-A065-4F70405E53CF
Request Chain 483
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=82334AC2-ACE7-4C10-A065-4F70405E53CF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Z2NpWDdrLW0xME1TYTJsVmVZVVNpS2dNdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5609970843254466368&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 484
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODIzMzRBQzItQUNFNy00QzEwLUEwNjUtNEY3MDQwNUU1M0NG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 485
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJYBdT0Xm_6UrU8WCSB_tQM&google_cver=1
Request Chain 487
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1268104074114771777
Request Chain 489
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=82334AC2-ACE7-4C10-A065-4F70405E53CF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=82334AC2-ACE7-4C10-A065-4F70405E53CF&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-w2EIkStE2uXw7XPbFN4trvb1N_OVl1w-~A&gdpr=0
Request Chain 491
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559727881588730&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=852d591c-0ca6-422a-bad4-c466ea7b6833&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 494
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6211424790572879189
Request Chain 495
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4213889936713791194&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 496
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:396c0837-8cc1-44a1-964b-9e38fd902e5b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 498
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/j5VAihrYf_yGXR0-d2tMhMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-9YfV5vFE2oKoLXld3BrXE0tLTIbcXUwnAuaoCQ--~A
Request Chain 499
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmY1N2Q5YmE3MGU4NjI1MzVhMTNkODdjNjQ0NTgxZDY5YmU5MTY5Mw
Request Chain 500
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xPZHzkqXQMi-e78Q40LE9Q&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xPZHzkqXQMi-e78Q40LE9Q
Request Chain 501
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iMFEXMDlQQGL03FRv0wPhw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iMFEXMDlQQGL03FRv0wPhw
Request Chain 502
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEETqWbVNxJUrIX1JVsS3kM&google_cver=1
Request Chain 503
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHZALGD8-16-14RL
Request Chain 504
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhaQUxHRDgtMTYtMTRSTA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKTkJM2YDBjEyyeMjXimf44&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhaQUxHRDgtMTYtMTRSTA==&google_push=
Request Chain 508
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1 HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZGvOsRh41TUd693eQlV4iwAA%263280
Request Chain 514
  • https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=GsJkuBZHeFaBMTq_RMOrVZ6q
Request Chain 516
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=5609970843254466368
Request Chain 522
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2630093207
Request Chain 523
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Request Chain 524
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx HTTP 302
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=bbdc948f-2b1b-06df-0855-905fa4a6155e&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
Request Chain 525
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf HTTP 303
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=5609970843254466368&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
Request Chain 528
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 529
  • https://ssc-cms.33across.com/ps/?_=1684786867053.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://prebid.jixie.io/setuid?bidder=33across&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=212131563030146
Request Chain 530
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=852d591c-0ca6-422a-bad4-c466ea7b6833&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=946aec0b-3c4c-426c-908d-15f85e44308e&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=852d591c-0ca6-422a-bad4-c466ea7b6833 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=852d591c-0ca6-422a-bad4-c466ea7b6833&ts=1684786867&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 531
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1684786867053.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=1990646b-ceac-4e00-af76-c19142a94aff
Request Chain 532
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-Pmck.RZE2uHsMBFhHu4_xwtag5CBadyo~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-Pmck.RZE2uHsMBFhHu4_xwtag5CBadyo%7EA&ts=1684786867&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 534
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2157052752319994568476 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2157052752319994568476&ts=1684786867&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 538
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.jixie.io/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=852d591c-0ca6-422a-bad4-c466ea7b6833
Request Chain 541
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=161g5a3kd6cw
Request Chain 542
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DuroLIz3lVQQRbaUgMVWQjWQY%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DuroLIz3lVQQRbaUgMVWQjWQY%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVQQRbaUgMVWQjWQY&gdpr=0&gdpr_consent=
Request Chain 544
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5550509731
Request Chain 545
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D108878FEE5747388D74D90E74FC83F6&gdpr=0&gdpr_consent=
Request Chain 548
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=82334AC2-ACE7-4C10-A065-4F70405E53CF&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipus.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=82334AC2-ACE7-4C10-A065-4F70405E53CF&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipus.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=82334AC2-ACE7-4C10-A065-4F70405E53CF&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 549
  • https://pixel.onaudience.com/?partner=214&mapped=82334AC2-ACE7-4C10-A065-4F70405E53CF&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=5dd9106af54dc4d3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

547 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/ 		455 KB
102 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-93.muc50.r.cloudfront.net
Software
eqmod_httpd v1.0 (author: mon sarmiento) /
Resource Hash
293a3d541e64582a67877ca3f6a9cdf5551b1b1b15d1d91a3f4bf25d1bac2860

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Authorization, X-Requested-With
access-control-allow-methods
POST, OPTIONS, GET, PUT
access-control-allow-origin
www.gmanetwork.com
access-control-max-age
1
cache-control
max-age=120, public
content-encoding
gzip
content-length
104107
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 20:20:56 GMT
etag
"1684815643"
p3p
CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
server
eqmod_httpd v1.0 (author: mon sarmiento)
vary
Accept-Encoding
via
1.1 4699c08b44211e17f977ca0133ec5e8e.cloudfront.net (CloudFront)
x-amz-cf-id
grYvQX-vtRB-gOA9R1TCQuSzNX8oZW6CfaT-9M6PM9C_AI21eDPONg==
x-amz-cf-pop
MUC50-C1
x-cache
Miss from cloudfront
x-elapsed-time
203 microseconds
prod-global-179580.js
rtbcdn.andbeyond.media/ 		330 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.andbeyond.media/prod-global-179580.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
f003c95b947f9138b842cd73ac71a89b5666a2ab200f39fb2414176c9e0c0ff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:20:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 May 2023 10:02:22 GMT
ETag
"1683280942"
X-HW
1684786856.dop252.lo4.t,1684786856.cds258.lo4.shn,1684786856.dop252.lo4.t,1684786856.cds259.lo4.c
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=18
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
26689
css
fonts.googleapis.com/ 		19 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?display=swap&family=PT+Sans%7CLato:300,400,700%7CUbuntu:300,400%7CSource+Sans+Pro:400,600%7CUbuntu+Condensed%7COswald:400,300,700
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
75ce2841a76eefd1eba1417073a578764c1dec1231e219040e63ca973a2a1ebf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 May 2023 20:20:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 May 2023 20:20:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 May 2023 20:20:56 GMT
css
fonts.googleapis.com/ 		26 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?display=swap&family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,500
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cd8e8ada9ef7f1fdc949ffc2066927b1eaae367e669027300df3cb2830b8a104
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 May 2023 20:20:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 May 2023 20:10:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 May 2023 20:20:56 GMT
header_style.css
aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:bc00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c705c6d5825d894ea70278cfc33854241f8f50bfc0817f95da6c5f8f050cf58c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
date
Mon, 22 May 2023 20:19:31 GMT
last-modified
Thu, 21 Jul 2022 04:32:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
87
etag
W/"48e23208f98dc678005b5df4d3be70d1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=120,public
x-amz-cf-id
C8Qq3UcJduX-mpmVDmJsUA3AMxMmt2x272lp8FKj7CzqwR3g9G5KdQ==
jx-GM31180lY1Ap.min.js
scripts.jixie.media/onescript/GM180iIHc4/ 		194 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.media/onescript/GM180iIHc4/jx-GM31180lY1Ap.min.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.91.74.185 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
d204c3f2472adebb7432052f9ba519bb403ff213a48525d0d01037514d18e6e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

nginx-hit
1
date
Mon, 22 May 2023 20:20:59 GMT
x-amz-version-id
CmfuCq5F7OlvNIY7uytDiWL95kkdywwP
via
LA-MEX-queretaro-EDGE1-CACHE3[2],LA-MEX-queretaro-EDGE1-CACHE1[0,TCP_HIT,0],LA-MEX-mexicocity-GLOBAL1-CACHE29[482],LA-MEX-mexicocity-GLOBAL1-CACHE21[263,TCP_MISS,480],EA-SGP-GLOBAL1-CACHE21[2],EA-SGP-GLOBAL1-CACHE20[0,TCP_HIT,1]
x-ccdn-cachettl
2592000
content-encoding
gzip
x-amz-request-id
MJQCDK5P4V37AGSJ
age
2833628
x-amz-server-side-encryption
AES256
x-amz-id-2
vMgZf4gFK8ucsqSlPS9698pXvB1v9iACXt+EZOvQqOYJqIutgge5wh5wDhpt6DrdTpf2b1V1d/Y=
last-modified
Thu, 20 Apr 2023 01:13:33 GMT
server
openresty
etag
W/"421c7a00f488759b511eed943ed38205"
x-amz-meta-x-amz-meta-updatedat
2023-04-20T01:13:31Z
x-amz-meta-x-amz-meta-createdat
2022-11-10T03:54:19Z
access-control-max-age
86400
content-type
text/plain
access-control-allow-origin
*
x-ccdn-expires
2350440
x-hcs-proxy-type
1
maxmind.php
prebid.andbeyond.media/ 		210 B
440 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.andbeyond.media/maxmind.php
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.44.71 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-44-71.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8da1c00d29da015e536ca3f5fbb6c127376d3d0799b1a22254a121e789d5d88c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 22 May 2023 20:20:57 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
X-Powered-By
PHP/5.3.3
Content-Length
210
Content-Type
text/html; charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d30ab86844b4c9a6189a431da6b6c48721cc5a512dc09873b86000148c53d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25337
x-xss-protection
0
server
cafe
etag
566 / 19499 / 31074710 / config-hash: 8319726746282660736
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 20:20:57 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		228 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.225.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-225-68.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:10:36 GMT
content-encoding
gzip
via
1.1 0bf3f0b7038d55ea4f178432aa6ddc52.cloudfront.net (CloudFront), 1.1 6b08baae6d8fdc124eeea9f6d807fa9a.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 19:17:46 GMT
server
AmazonS3
x-amz-cf-pop
LHR62-C4, LHR61-C2
age
622
x-amz-server-side-encryption
AES256
etag
W/"d18b57a80b57082ffb531a2e077b3016"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
GXG8VqBdQhpAjIyC2_x1tIoxpPJDi9x_EQzQZdNRHHgYgFaBUGf14w==
impstats.php
prebid.andbeyond.media/ 		69 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.andbeyond.media/impstats.php?aff=179580&type=pv
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.44.71 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-44-71.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
115e7d79f79792d43cf85101fd2bb78e7c72890db5d5af08f909a780a9ed0b3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 22 May 2023 20:20:57 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
X-Powered-By
PHP/5.3.3
Content-Length
69
Content-Type
text/html; charset=UTF-8
moatheader.js
z.moatads.com/gmanmigamheader860109928859/ 		245 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/gmanmigamheader860109928859/moatheader.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f1d10634fec833e6d79130a186feaa41719c81d08679a39f3ec9c5f5d78606f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 18:23:30 GMT
server
AmazonS3
x-amz-request-id
5CYBN8E421S3T1SB
etag
"451449d6c2d164fe10e057053415cb42"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=6893
accept-ranges
bytes
content-length
87100
x-amz-id-2
1Yb/blvoRNdENRfbjqJ0oUBe/uWrncggrV6okn+B2oHR+7rEkddI5vM+p5xju08v081+kyQeciuDPKjRuKAZ3w==
gnoadscript.gz.js
images.gmanetwork.com/res/dist/js/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/gnoadscript.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93cb662c97bc64a3dd58d587090d711213b3d60b0d938b9cade474edc3406f27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:19:38 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 14 Nov 2022 09:47:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
80
etag
"9c784a10a81b85d67db45ccbd8e73163"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
2863
x-amz-cf-id
WXGYoS0H3zdIspaMF1T7Q94ugwfiYy__a2JSHE2_yCFiHdZ_xySt4g==
moat_yield_intelligence.gz.js
images.gmanetwork.com/res/dist/js/third_party/ 		917 B
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/third_party/moat_yield_intelligence.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fe3c3849b8d63009dc4c89ff20e418ca4cea135043dd36551a9b9b2af3e41b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:19:38 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Wed, 21 Sep 2022 04:01:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
80
etag
"0efd5815415b5fa1f96b4950cdf206dc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
401
x-amz-cf-id
hppoVh9RYarLFEQL4kWZv4F8BGfTf9ub3FzwrlYzwNxSLukssb2IsA==
dfp.gz.js
images.gmanetwork.com/res/dist/js/third_party/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/third_party/dfp.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d2891aefbef7d34edcdbd40a8e6a8b4b824e0a069b8cb2874b6e12dc3af5407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:19:38 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Fri, 18 Nov 2022 07:43:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
80
etag
"39b67f07d9dd8c411d2d7b59dee1fa72"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
2035
x-amz-cf-id
Atsh_ybwuKtgvH2r_fEV9bHcGM5Vww0CmZYc12cmWba13SG2WzeEwQ==
gma_white.png
aphrodite.gmanetwork.com/assets/revamp/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/img/gma_white.png
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:bc00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8095e046d436d9957b442dad9827d0289469e91f12cd94f68ffc90198e3b4f31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
Z1a4KR1IgQCUibmGiK2ThFq69ie8hdZd
date
Mon, 22 May 2023 20:20:58 GMT
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified
Thu, 01 Feb 2018 07:44:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
"e8749bb5058882d51032084665c54c4f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
max-age=180
content-length
1428
x-amz-cf-id
L7j4T1h75P4CoEahgYMpaL1UnRqzhCty5FAYg7V2YhCtlSzLuR8Qbw==
x-amz-meta-s3b-last-modified
20180201T034941Z
my_stream.png
images.gmanetwork.com/res/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gmanetwork.com/res/img/my_stream.png
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f1a21d182b937b569183172ed61bbc084ced8c79e0d1c0cea671f0221cf189b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 14 May 2023 00:32:39 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Tue, 05 Nov 2019 09:48:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
762499
etag
"e17b32d7834a1eec803779a1dd2258de"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000,public
content-length
1056
x-amz-cf-id
IyQMHPOpeuYH7q50rA68sXn11c4UTjiXljue_y_trCqnKApp2EYMyQ==
gno_logo_svg1.svg
images.gmanetwork.com/res/img/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gmanetwork.com/res/img/gno_logo_svg1.svg
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d11b07859fd9c556a2e9382897ff4d5bb2a811327a3f75e95b071f6804d3f52c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 08 May 2023 22:41:12 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Tue, 05 May 2020 08:50:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
1201186
etag
W/"379589077b63dbd422c97a673ecec40f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000,public
x-amz-cf-id
o24gPq_gD9mHmxnAOrzS673NL_5JnFqmTWL5w9WxXq8sCDag2Mavqg==
css
fonts.googleapis.com/ 		2 KB
606 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:400&display=swap
Requested by
Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b7506715d8ff403a7e4a56b46e757ecd12c8a59e4c48d8f0478b62186f51bb1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aphrodite.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 May 2023 20:20:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 May 2023 20:10:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 May 2023 20:20:57 GMT
polyfill.min.js
cdn.jsdelivr.net/npm/promise-polyfill@8/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e555151e63c492ea4f05ecedbcaf488acecfdf147d814e1920bcef9b028968ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 20:20:57 GMT
x-content-type-options
nosniff
content-encoding
br
age
23455
x-jsd-version
8.3.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1560
x-served-by
cache-fra-eddf8230059-FRA
x-jsd-version-type
version
etag
W/"1132-XysC4a2Vt+mONL0o6U+bsaeRjIc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
outbrain.js
widgets.outbrain.com/ 		224 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
230d073230f102ea53a23598b7146a5f381907dede4ebf9bc8f500764bb66b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2023 06:07:37 GMT
etag
"22-9f6ANTMRZkRN4mjK5ZVsHKwTtag"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14500
access-control-allow-credentials
false
x-traceid
cabf2b82aa04a43d4ef502b26b34a23
timing-allow-origin
*, *
content-length
82335
access-control-request-headers
X-OB-STG,X-OB-PRD
player_api
www.youtube.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
38233ab29e31449b78ba91b8050baed626739f5b4ec111e72a00faa2ce9a0bfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Mon, 22 May 2023 20:20:57 GMT
xbdlq.js
geo.dailymotion.com/libs/player/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.dailymotion.com/libs/player/xbdlq.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
422b46401eee8256bfb8828e8a583960d02bd57e4b457733be691834c72a0ace
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Date
Mon, 22 May 2023 20:20:57 GMT
Server
DMS/1.0.42
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary
X-DM-SSL, Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store
Server-Timing
total;dur=19, dc;desc="dc3"
Timing-Allow-Origin
*
Content-Length
13076
js
www.googletagmanager.com/gtag/ 		120 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-242242-2
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb974a43fedad70d50e255493403f306ee5ee2ea9c20dd47ba4c3d3760538d0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
47527
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 May 2023 20:20:57 GMT
header.js
aphrodite.gmanetwork.com/assets/revamp/js/build/widgets/ 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/js/build/widgets/header.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:bc00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71a241994394fa6113d383dc5e0e216bd0d5e264905f813fbb9d26c304f87658

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
date
Mon, 22 May 2023 20:20:57 GMT
last-modified
Thu, 27 Apr 2023 04:40:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
7
etag
W/"56e03b01a56c6a869ccc37ee6231e11d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120,public
x-amz-cf-id
QDNe8gMb4ksYbMM0nS3UCMqbzr20vqmXpeeR48a4To3vUYiR3m3Qlw==
initial.gz.js
images.gmanetwork.com/res/dist/js/ 		661 B
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/initial.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3bd5c300f9b36036a0be212fdb9a6184a192b5559d7d362760741e9c98cbd2d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:07:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"30d31c2c3f6f2fcb7f7a46330c3419e6"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
374
x-amz-cf-id
icWNLvdwySNrLdcqeBfLh9cJB6v5IHH5DLVAB_Tpkh1jpyONi1ycdA==
ie-emulation-modes-warning.gz.js
images.gmanetwork.com/res/dist/js/btstrap/ 		613 B
782 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/btstrap/ie-emulation-modes-warning.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3c25479d7c2977020822fb709b73ef277fe1bdf7d18ae1cd15af9f8c097e504

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:06:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"81e3eb8e6aa9920776d28dc26e3cb7d1"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
413
x-amz-cf-id
esqUvQfgvNOyiSKOgoIHNX3-MMoBfOCZ8pWtl4foBlOr026VqF2Seg==
global.gz.js
images.gmanetwork.com/res/dist/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/global.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d44431f242eb5a8eedb6c603382f7a7a6f2389f253d3fa18fdee940f19cf7048

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 08:41:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"f0925f55d5904147820ca40c0e1205ea"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
4178
x-amz-cf-id
4IHJSkfu6zy5dSa7NcNFmCsBRGvSa2r2nU3U6MYhhV9lBHF85EEhUQ==
jquery-ui.gz.js
images.gmanetwork.com/res/dist/js/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/jquery-ui.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
139da75dd27ce3e72eb0511df6e68f3a42e8db2b96effb3750a27e2e3dd3167a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:07:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"170d25c8708980170d78e5b5ef7a229e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
60002
x-amz-cf-id
Ury6b9MhwpeW4pPqqhMh81Jdmt6wtZzC4DV1cWxWJ9LKiDu5QvoUBA==
lazyload.gz.js
images.gmanetwork.com/res/dist/js/plugins/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/plugins/lazyload.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afbfe8e368a2051af8391ea4c832a3d1e6784c254621e2bedf3e20b241164fe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:07:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"8b285b0a12ded44bd51aa7f7a2c3d5c9"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
1228
x-amz-cf-id
i-KWZFkGND2hsPYq0bdoPPK-RsDnKs7ro26bj9QdaPL98HqlVIdlsQ==
jquery.dotdotdot.gz.js
images.gmanetwork.com/res/dist/js/plugins/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/plugins/jquery.dotdotdot.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d362b60418a5963fe304088ba49ebdc91d1a9279c47ae8a044ddfbee6f52eccd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 07:20:01 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:06:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
2034057
etag
"c4062848b8422fb3070d7e9e1a5ccdbb"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
content-length
2344
x-amz-cf-id
k4VMmYuj1vueY_A1RdnLhKDNaHcUbTS3Fif1_D1axoZ2NA82otEFqg==
jquery.marquee.gz.js
images.gmanetwork.com/res/dist/js/plugins/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/plugins/jquery.marquee.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05c173701f520cc53fcf2fba4ea74aa600c4daf76ee7d7fc321c1f00c7097603

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 15 May 2023 02:50:35 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:06:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
667823
etag
"606383148e2e9ba47bdc72de62ea37a6"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
content-length
1757
x-amz-cf-id
KXB9O63itSB4LZkLfYS2FW2zwKvYTIryhyiRScCf3Q3j4Gn2nRmwKg==
jquery.mousewheel.gz.js
images.gmanetwork.com/res/dist/js/plugins/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/plugins/jquery.mousewheel.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad09eb4f381f7bdd2df06a98dde61dd1a8d88c01170865914f972ceefcc45037

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 15 May 2023 02:50:34 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:06:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
667823
etag
"71de83afe805e0504093ba18c73586c8"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
content-length
1010
x-amz-cf-id
Rz5K8VgB16i3W6QIgpWb0w2L1oGyHNm_IPEgps42cEtqYaFXzHQuGA==
jscrollpane.gz.js
images.gmanetwork.com/res/dist/js/plugins/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/plugins/jscrollpane.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cdbfc4262e966041c8dd26a5ba6996cff3991b180fd01f3d24f726ef4f780a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:20 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:07:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
38
etag
"1ea209c965722c81601907a1da338d5a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
4738
x-amz-cf-id
aIUknp3xoCHiz0ntAXnychnRG-IvtvGhcVUPDtLZDXX_pgwI-JxhnA==
jstorage.gz.js
images.gmanetwork.com/res/dist/js/plugins/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/plugins/jstorage.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e362a1e3d92a5cbd936c2ae0460c62af5f231a2edadd05034e13e6b0ee9b1f81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:20 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:07:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
38
etag
"517567054b5dff1db5c251d20e82cfa0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
2787
x-amz-cf-id
acIWqUh40zEY1POzkY-NHsUeFpNhBI8VomftH7OxETqlDtytyEZI9g==
jquery.ck.gz.js
images.gmanetwork.com/res/dist/js/plugins/ 		1 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/plugins/jquery.ck.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e9422dcae50c91ac6103d603a3621effc774cf7c3ba15916710963e742282a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 16 May 2023 08:19:37 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:06:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
561681
etag
"8d2c5fa6bc8f9108ad9f30bce21f1cb9"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
content-length
671
x-amz-cf-id
a9P-PQCcZbJD8VL6TuSjts99imet18SFFodgh23NRHmB1PUvtB8Wgg==
common_screen_sizes.gz.js
images.gmanetwork.com/res/dist/js/ 		935 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/common_screen_sizes.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6cf5572d330c48ded59c2e625cf42b167ccc4119b3d7391440c2defa931a8b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:19:42 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Thu, 09 Jun 2022 08:30:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
76
etag
"6a56b88f7a042508379b392e7b8ff85b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
235
x-amz-cf-id
f3O-8W9PyDyx1pdwNpVhcbYjd9pf9cYLvT1_uNPv8eSAtq-sWVb-Ww==
lazyload_initial.gz.js
images.gmanetwork.com/res/dist/js/ 		605 B
688 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/lazyload_initial.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80a67a582fed34d5f1c3a3cbd37d3fb1866c6f02cd05d9dac1cec59d97be1d07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:07:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"0a96b8324a4c4f4f5b21d18be11a791c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
320
x-amz-cf-id
0b2x-dkMapckv8HN2I56ic2iC7OG-Fz7QRaRHlZEVh6vU13uuucjEw==
adsTracking.gz.js
images.gmanetwork.com/res/dist/js/ 		2 KB
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/adsTracking.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3bc2947b3cb9aab23eb5ef3b20b4b80aec5d43f4d4c4ef0717d9a09570fdd3ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:31 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:06:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
27
etag
"9c0397cf47f532a8d16948b3bfb4a950"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
563
x-amz-cf-id
fidSJ_-ecX7UGip27LEhpvn1Djhr6FgikriOwRUQZ2ezOD0fzJ7LXQ==
breaking_banner.gz.js
images.gmanetwork.com/res/dist/js/widgets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/widgets/breaking_banner.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4070c1c35c3cb4f19867416e6d9b56926099239caf027ad165fda5fd61c4d7fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:07:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"94f8052040aa9a16d55ce7234bbcbef4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
2243
x-amz-cf-id
5KFQGj2IQZ4r66aWz4SFUjMcAtlfhZskI3wYffLIAlyqYpo26-t9-Q==
moment.gz.js
images.gmanetwork.com/res/dist/js/plugins/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/plugins/moment.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42396341ae3c3d0cc59c90dc48397115f409545f964e955b9deceabe50b9aecf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:22 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:07:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
37
etag
"41897dff557a153d46e53a20ebe0a534"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
10811
x-amz-cf-id
uDgZNvFzhZX8v0du2KoGOuavz4vtYWP9fQs1nplvYZ1cvGp7sX8WqQ==
interactjs-1.10.11.gz.js
images.gmanetwork.com/res/dist/js/plugins/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/plugins/interactjs-1.10.11.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ef1e5267f753165f8dd582205b3d562f90ff47bccbd2a6c81b22b557643ac0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 13 May 2023 23:16:36 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Thu, 09 Jun 2022 08:30:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
767062
etag
"432140178d28229013f8f61d099665b2"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
content-length
33584
x-amz-cf-id
KmsrExZkTl3fy3qO33Kcf3_QZoN0zFUua4106vT0NKHRzgZeTFQsrA==
custom_analytics.gz.js
images.gmanetwork.com/res/dist/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/custom_analytics.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d5614eade664bb8d85611b0ede6dd5b1676d37c2a262a7c87685b41e5bda10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:19:57 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Tue, 09 May 2023 03:16:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
61
etag
"2dbd54c8a63d71fb59c78bade38767c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
1391
x-amz-cf-id
xRSpFJKLGweDGbxzd85V2mUXqR1XEa4LXOBMAZR3H80a1z3-TfjxMA==
listen_new_ad_exec.gz.js
images.gmanetwork.com/res/dist/js/third_party/ 		927 B
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/third_party/listen_new_ad_exec.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
881c83b3b2713d24d5b5d0c45043c5c67e6b1c21a9fc821cab1b5223f3c654e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:19:42 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:07:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
76
etag
"74f0c11cc633ff13566411f659faa472"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
460
x-amz-cf-id
UoRAvDI9IVPnEtGqsGCOIrDhDhW4wNAlM-Vq3BHzA9AxYtqa7f50bw==
moat_content_tag.gz.js
images.gmanetwork.com/res/dist/js/third_party/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/third_party/moat_content_tag.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcd9b5232e83a460316b49b7ae2c1bd73222f00167bc9b70adda941919c6be1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:07:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"0b4b153fd3a293b60bccbaf737748a5e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
1321
x-amz-cf-id
Yi3hmu3w8N8GAzwR3Df9cjTg2-dpyCV9hlJDO84RxkDUG1-zW0ckmQ==
alexa.gz.js
images.gmanetwork.com/res/dist/js/third_party/ 		298 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/third_party/alexa.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0bb2cc51ed094008a0c4720b3086c1c7ddea74192c32aad90439e23c00a64bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:19:42 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:07:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
76
etag
"893321cb47a9ef2ec1c76f308f4d4207"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
245
x-amz-cf-id
q6HSnRDVj_xM9szbmjVxmZl7OpPYPNWTOAspD3tZ5wB8cEn3i5LDXw==
akamai.gz.js
images.gmanetwork.com/res/dist/js/third_party/ 		913 B
911 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/third_party/akamai.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1626bb546b447d9ef6b8772bae92b22e6613ef7b65b21444c7efe3437ef48677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:19:57 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:07:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
61
etag
"0cad3e3c9bc0d45810de347990ef3417"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
549
x-amz-cf-id
wmRrwni1DkSlkXR2_wK50nNZ76Oj0tA6XDcykH60Qp5ZISmETRli5Q==
allianz_message_listener.gz.js
images.gmanetwork.com/res/dist/js/third_party/ 		1 KB
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/third_party/allianz_message_listener.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9ca5cfa847f2db04af493f6efa8cd2450766c592cb2b392a62bc69fde2dddcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:19:57 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Fri, 12 Nov 2021 07:22:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
61
etag
"55209e98c89c7e557e523eabff452db8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
471
x-amz-cf-id
aM56fkTaPZILeMw9bxAd7Y2A4ootYshiSJmr_btr_adu4FZvMrinVQ==
quantcast.gz.js
images.gmanetwork.com/res/dist/js/third_party/ 		384 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/third_party/quantcast.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
233073d24ab74b28a2f0c051016d0ef42f03d4b57fdf1883874af69e19111edb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jan 2022 05:25:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"93bd1b1a11dec865caf08efc94550141"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
284
x-amz-cf-id
FcIihRKWruUXLIWVo-BMD4I_PQfhQagPhZrROboBsYdwUjx65GS2rQ==
facebook_sdk.gz.js
images.gmanetwork.com/res/dist/js/third_party/ 		645 B
780 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/third_party/facebook_sdk.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c42d6ce4f1cd8d3f0361d8b67c24f9024c7efe81bfbac8a7e399bd11a405a388

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Tue, 12 Oct 2021 03:43:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"656f4e9e5c2fc7df733002adb3c8ac87"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
411
x-amz-cf-id
baUZUZz6TaUIkq_vQU4tJotJNWhugQakZpaxPx_Vl0hv58FDYEfo-g==
google_em_scripts.gz.js
images.gmanetwork.com/res/dist/js/third_party/ 		605 B
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/third_party/google_em_scripts.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e48cc4cf8eb3beb05c3bb4134506241bee34991f71e09f1189a2657d4cf049da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:19:42 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Tue, 04 Jan 2022 03:02:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
76
etag
"3dc481a15bcf93b639bd220663a433cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
366
x-amz-cf-id
AdwTYZrk19qx0l9g4gqU4Ug6Y0OPAC88_5kiFSk_70oG0QlIoQdrpA==
_ie_notification.gz.js
images.gmanetwork.com/res/dist/js/partials/ 		1 KB
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/partials/_ie_notification.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89919930da4c7d0f027496907625bb5d97db45b07ca75582ca850b72cad1a44b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:19:42 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:07:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
76
etag
"bc6537e63416f283eb46b93327683187"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
519
x-amz-cf-id
D1iNX8uA81nhylJde2zN70p_D8q7P4241EujKDhDccWxsoGWYW3IKQ==
interstitial_ads.gz.js
images.gmanetwork.com/res/dist/js/ads/ 		679 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/ads/interstitial_ads.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5018d5569c0c42f79e1e328bb38970d99db37f953c4f808914df067c48646cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Fri, 07 Oct 2022 02:38:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"7a817cca2f592a3b0868efb936854a5f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
330
x-amz-cf-id
eua0uaym1b8zNc4T5C1bFwnbSbwbGUgOaABZTJPt4SLlt7IvY3xXkQ==
intermittent_pushdown_ad.gz.js
images.gmanetwork.com/res/dist/js/ads/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/ads/intermittent_pushdown_ad.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
345ad66923e7f7b48f86dcc2714e686010a89be0a05450c1984a6f9bd0720526

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:06 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 03:48:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
52
etag
"40a1e975822891d79e5c95e13418df06"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
1245
x-amz-cf-id
XTJFQh9yn7LeDar_BUPLhWHuqGd5WAG15dPWB21_QqY9K6SbgGP-cQ==
permanent-url.gz.js
images.gmanetwork.com/res/dist/js/ 		1 KB
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/permanent-url.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad6f29ca8a46fd6ceea1d1ccbd28f0bcf41ae8193ca25369da72d1212bba73b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:19:57 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:07:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
61
etag
"39a14b6f41e8d76d11be7dbfd166495e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
390
x-amz-cf-id
a_lORzLcWPELiEK3By1E2JD6QK_bX2sl9t6koZUWNR0MSiLXZRyfxQ==
header.gz.js
images.gmanetwork.com/res/dist/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/header.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f52d80c8408e1a090992f244fb3a773dc504dbe0db6c2389becc92e69f69d995

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Tue, 09 Aug 2022 05:43:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"0bfd7297b163e0747df5c6ed0dabdb7e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
709
x-amz-cf-id
XSlZiiy6ZeDXS7OYQt4bDmyq4je1oc-uyo3ci05HeFTnIx_A37Lhtw==
embeds.gz.js
images.gmanetwork.com/res/dist/js/widgets/ 		950 B
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/widgets/embeds.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
341675f90e0fb7952f3627756c96675d9689146ec3a574661e7a2ae4ae61c6f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jul 2021 08:48:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"cd63b47bb8ece068e0c3b8f40e9b5a27"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
453
x-amz-cf-id
8d3h27w-74F7L7BU8JRAyTTOaYZjH4tqafvn2Vf32qTNQ1etY7JcRA==
cross_sell.gz.js
images.gmanetwork.com/res/dist/js/consolidated/ 		106 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/consolidated/cross_sell.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
902ee65306370b84a40105297672ab05a4a8451e66d33123c7349d48d7715f67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:23 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Tue, 07 Feb 2023 04:05:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
35
etag
"f4153740a875c2ab240a64e88c7147f9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
27035
x-amz-cf-id
vSkUYEzV6g_K8pCROO8-DqEj9m4Ni1blIjOLLftE2oF_9bAYbe0_Yg==
story.34093aa8d3ebe533e5c6e6c82412c40d.gz.js
images.gmanetwork.com/res/dist/js/consolidated/hash/ 		331 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/consolidated/hash/story.34093aa8d3ebe533e5c6e6c82412c40d.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11c5caed0e010209a0b5ca61124450f9c64d0d3691592f3cc7227b006689e3dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 12 May 2023 01:03:52 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Fri, 24 Mar 2023 07:07:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
933425
etag
"d286bba10d70d79200d96dbf46e97dcb"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
content-length
82727
x-amz-cf-id
0qw0y3kRHnq30y6gU6osCuOjlM2ANr8JW-mRxug5PwGV-RvesjMdqg==
fab.gz.js
images.gmanetwork.com/res/dist/js/widgets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/widgets/fab.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03a284c7bd7156ca8c83ee1d6ae74ecd32594ee6fa27b4638f7ad17561ea3f4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:19:57 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Thu, 09 Jun 2022 08:30:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
61
etag
"441193401bc2eb9cb4413494cab734da"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
999
x-amz-cf-id
ZQeR83nsspwd47_w5C0CC3I5YNrj3zIyqq7pL8rOXpbewM_JYtYprg==
base_video_player_class.gz.js
images.gmanetwork.com/res/dist/_modern_/js/commons/ 		1 KB
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/_modern_/js/commons/base_video_player_class.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8655ae9f9f536c5a94a5d219a58c34300619c1cd9f462a941d9b15993b32e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:19:42 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Tue, 24 Jan 2023 06:13:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
76
etag
"6faeb32127f0ba87ce2bfb1bbb20e8e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
410
x-amz-cf-id
_Y6EyuQgwd5y9dESkZGrOhaYfrMCGzCE4lI74rSWKKb0dSS2a6XP_A==
dailymotion_player_v2.gz.js
images.gmanetwork.com/res/dist/_modern_/js/third_party/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/_modern_/js/third_party/dailymotion_player_v2.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a96945fcf42fbe26503b3fce1f71fa301d6baf00630438f310806fd456b88407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Tue, 24 Jan 2023 06:13:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"1bb37cd82ea1a3b9170ae7761f3a5b2d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
727
x-amz-cf-id
jSY5jC9AXG5rcPqbhKKu7aBwmjCM5vAkZOkw4W1lgMzLgXXrQJylyg==
unruly.gz.js
images.gmanetwork.com/res/dist/js/third_party/ 		52 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/dist/js/third_party/unruly.gz.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c905617c98925807a6fdf98d7ead4be0f281661de8de7e061af32bbc328eeab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:25 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Mon, 31 May 2021 04:07:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
33
etag
"9c372382fb9d8cefd63250538aba09a8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
content-length
72
x-amz-cf-id
c3KiBmfDJYbIy1GVnzvk_drX4yPTn1En4V8xA6z5mWtHEfWW-YYFXg==
btstrap_min_e10-viewport_js.gz
images.gmanetwork.com/res22/js/btstrap/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res22/js/btstrap/btstrap_min_e10-viewport_js.gz
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7040f351fa93cddd426c4978c3cd5938173a69efc3365986135fda7da0cb5c67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Wed, 06 Apr 2016 11:40:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"2266bd8d5c0a99c405f3b63cdac76983"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=120
content-length
8618
x-amz-cf-id
CRBHoxFsE2_pp5-yyQhXYdsP-hGUNH9OSPxnaGRefVFBqy5PwKgGOA==
v2
mb.moatads.com/yi/ 		315 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3Fagk3M3%3Cy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-y75UUpTRfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-1IRrnTcST%2BDrDg%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&pcode=gmanmigamheader860109928859&rx=334278238441&callback=MoatNadoAllJsonpRequest_73725289
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/gmanmigamheader860109928859/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.9.210 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-9-210.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
80bf04026231be761b03042c39ab1c98cd36f95a0e78e0ca22b8fb479cf18bd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"2b1941e0d55691ede8d5fe43688944593f1acffa"
content-length
315
content-type
text/html; charset=UTF-8
iframe.html
z.moatads.com/hd09824092/ Frame 9A5A 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/gmanmigamheader860109928859/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=592
content-length
1374
content-type
text/html
date
Mon, 22 May 2023 20:20:57 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
unused62
8096267
x-amz-id-2
bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id
A3423FE5772816F0
a.js
p.adlooxtracking.com/gpt/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:18:43 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Tue, 22 Nov 2022 17:41:01 GMT
server
nginx
age
134
etag
"81c857a6c52da1ca7444f198bd33b2ea"
content-type
text/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8327
prebid7.24.0-gma.js
rtbpass-us.andbeyond.media/ 		360 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
8c01b89d7d372cf34c941c4ab7c688eb0db3090a51ad3609b6089c5de606e630

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:20:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Feb 2023 11:58:12 GMT
ETag
"1677585492"
X-HW
1684786857.dop241.lo4.t,1684786857.cds294.lo4.shn,1684786857.dop241.lo4.t,1684786857.cds224.lo4.c
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=27513431
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117466
gtm.js
www.googletagmanager.com/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2604f3bdf1f157c3e07e79a0ecbc3c25b274146ff46a5f7393dc207253a42236
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41845
x-xss-protection
0
last-modified
Mon, 22 May 2023 18:00:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 May 2023 20:20:57 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 22 May 2023 20:20:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
4tuFV4CX5e7hXqXMb6yKAEEhnoeLvHnnAS35c2qXmgiO0J42HS2sCaPk1tR2xQW1OXc7ipYVaDqvkHTpx4Rr/A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=PT+Sans%7CLato:300,400,700%7CUbuntu:300,400%7CSource+Sans+Pro:400,600%7CUbuntu+Condensed%7COswald:400,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 17:40:30 GMT
x-content-type-options
nosniff
age
182427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 17:40:30 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=PT+Sans%7CLato:300,400,700%7CUbuntu:300,400%7CSource+Sans+Pro:400,600%7CUbuntu+Condensed%7COswald:400,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 17:12:56 GMT
x-content-type-options
nosniff
age
356881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 May 2024 17:12:56 GMT
side_adv.png
images.gmanews.tv/v3/img/ 		677 B
1011 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gmanews.tv/v3/img/side_adv.png
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-16.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d85bf6dc7e193ba6aba1c7f19fa7cff8480f6a424f7511d30dd93c098fac77f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 10:20:54 GMT
via
1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
last-modified
Fri, 01 Apr 2016 01:22:17 GMT
server
AmazonS3
x-amz-cf-pop
LHR61-C2
age
23104804
etag
"d011246b48da6e449ffcef2d3d6a48f9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000,public
content-length
677
x-amz-cf-id
ELCnXTG7WzgGjXgwHeISP4yYzXliR-L8HfKJsY4tBEZC42W1zc2zrQ==
footer_new.jpg
images.gmanetwork.com/res/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gmanetwork.com/res/img/footer_new.jpg
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8dfe376a7edf2182420cdebe2a59189c015d31444851f4d5c43c05366288fd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 02:04:13 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Fri, 05 Jan 2018 06:21:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
65902
etag
"452aec533f25d9dbe2e9a75ed29dd0f3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
content-length
19568
x-amz-cf-id
ZEh8PuUFUx_gQXCDJB9SwtkTd4Y1CxmUBzCt75eOd7dIIYZAgvw0vw==
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=PT+Sans%7CLato:300,400,700%7CUbuntu:300,400%7CSource+Sans+Pro:400,600%7CUbuntu+Condensed%7COswald:400,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:23:58 GMT
x-content-type-options
nosniff
age
320219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 03:23:58 GMT
MuseoSans-500.otf
images.gmanetwork.com/res/fonts/MuseoSans/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/fonts/MuseoSans/MuseoSans-500.otf
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6017bdf5d16d3357b1bf6848ef88af9389a7cb3b4e54f5a8a276676bb0efb65

Request headers

Referer
https://www.gmanetwork.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:25 GMT
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
33
x-cache
Hit from cloudfront
content-length
63024
last-modified
Wed, 24 Mar 2021 06:49:23 GMT
server
AmazonS3
etag
"032337e82232f53e67317d5f6680d729"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, POST
content-type
application/vnd.oasis.opendocument.formula-template
access-control-allow-origin
https://www.gmanetwork.com
access-control-expose-headers
ETag
cache-control
max-age=120
access-control-allow-credentials
true
x-amz-cf-id
uGHt3NKj-BAO1VHNeaYgYAbgkjhSnlXEeQbQixKCBR_AicHRAZMzpA==
MuseoSans-700.otf
images.gmanetwork.com/res/fonts/MuseoSans/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/fonts/MuseoSans/MuseoSans-700.otf
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f0e7735adfcdf2111bdd4128aeff3912c579c0dd0fb415553327c3da059ab4d

Request headers

Referer
https://www.gmanetwork.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
RefreshHit from cloudfront
content-length
64088
last-modified
Wed, 24 Mar 2021 06:49:23 GMT
server
AmazonS3
etag
"1087c6a9da22ebf924be80a001a84d2f"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, POST
content-type
application/vnd.oasis.opendocument.formula-template
access-control-allow-origin
https://www.gmanetwork.com
access-control-expose-headers
ETag
cache-control
max-age=120
access-control-allow-credentials
true
x-amz-cf-id
uxACJkcyRZ0PXwsv8Ck2XzHRRqts-_dqhKqXt9AFQ2hVw-8VWLd04g==
Lora-Regular.ttf
images.gmanetwork.com/res/fonts/Lora/ 		121 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/fonts/Lora/Lora-Regular.ttf
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
359501180b779548ad4e1ca74f38b08474350c38bed64ad69b278837d179e792

Request headers

Referer
https://www.gmanetwork.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
RefreshHit from cloudfront
last-modified
Wed, 24 Mar 2021 06:49:23 GMT
server
AmazonS3
etag
W/"c684a3de5c014a61d5139d5b97da99fc"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, POST
content-type
application/font-sfnt
access-control-allow-origin
https://www.gmanetwork.com
access-control-expose-headers
ETag
cache-control
max-age=120
access-control-allow-credentials
true
x-amz-cf-id
v6cvXicfVxfmgJMeH--oDuyEp_9sh6eTBkw3IqtbMAx9iK5GaMzewQ==
Lora-Bold.ttf
images.gmanetwork.com/res/fonts/Lora/ 		121 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/fonts/Lora/Lora-Bold.ttf
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51906a46cedc27ed5e349475e3bf0eb36d464f0e642eaad0f3d430f5f89af2bf

Request headers

Referer
https://www.gmanetwork.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
RefreshHit from cloudfront
last-modified
Wed, 24 Mar 2021 13:03:05 GMT
server
AmazonS3
etag
W/"eec9b1b134bfc16624d240b70db7ed59"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, POST
content-type
application/font-sfnt
access-control-allow-origin
https://www.gmanetwork.com
access-control-expose-headers
ETag
cache-control
max-age=120
access-control-allow-credentials
true
x-amz-cf-id
Bts_5Ub_orkPJlpXIKcoxjWxiQ_n1DoEShsVZ3ust4psTeO6tpxBRw==
d3d3LmdtYW5ldHdvcmsuY29t
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LmdtYW5ldHdvcmsuY29t
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:20:57 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=10997
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
fe94fb21751ecdb4f225b307ce33f616
Content-Length
15
Expires
Mon, 22 May 2023 23:24:14 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Wed, 21 Jun 2023 20:20:57 GMT
date
Mon, 22 May 2023 20:20:57 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
www-widgetapi.js
www.youtube.com/s/player/e50626d8/www-widgetapi.vflset/ 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e50626d8/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b60d31e87f46e64be5c43997e8deda163ff9934c5a21d4f24381ad534459ca78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
1899
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62719
x-xss-protection
0
last-modified
Wed, 17 May 2023 00:19:54 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 21 May 2024 19:49:18 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=71084&sync_limit=7
  • https://sync.search.spotxchange.com/partner?source=71084&sync_limit=7&__user_check__=1&sync_id=2953a814-f8de-11ed-a7f5-11372f1a0406
0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=71084&sync_limit=7&__user_check__=1&sync_id=2953a814-f8de-11ed-a7f5-11372f1a0406
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Mon, 22 May 2023 20:20:57 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
60
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Mon, 22 May 2023 20:20:57 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?source=71084&sync_limit=7&__user_check__=1&sync_id=2953a814-f8de-11ed-a7f5-11372f1a0406
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
25
Connection
keep-alive
Content-Length
0
334270881323232
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/334270881323232?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1fe4db8d2b08ecb721ce843b796b2a1a5f651e8ee17fff0887734e7e387a30b5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 22 May 2023 20:20:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87941
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
t/MwsUXmMxX+al0qLE6eUNZ1iS37UNS8vQJ/3+orZ1I6CyheDWltIN++LHR6a7JpJZmM9FpwvL0DdEldZ5o9gQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 00:21:44 GMT
x-content-type-options
nosniff
age
244753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 00:21:44 GMT
fontello.woff
images.gmanews.tv/res/fonts/social/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://images.gmanews.tv/res/fonts/social/fontello.woff
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-16.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d59c24b766c8088486b920c1c36e1b3576cd415528dc01a486d3d97c776a2c8b

Request headers

Referer
https://www.gmanetwork.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:25 GMT
via
1.1 19a079cfe5fbc38f063a9e46b60b00a6.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-C2
age
61
x-cache
Hit from cloudfront
content-length
7812
last-modified
Tue, 05 Nov 2019 09:48:08 GMT
server
AmazonS3
etag
"9f972961c468281bf7ee69deec7839e9"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, POST
content-type
application/font-woff
access-control-allow-origin
https://www.gmanetwork.com
access-control-expose-headers
ETag
cache-control
max-age=120,public
access-control-allow-credentials
true
x-amz-cf-id
hLHxMA_-RqOkhMVtt6VmqQnDQ_3sHOF-OqXMCW3HdX-OYJAOW6yY0w==
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=PT+Sans%7CLato:300,400,700%7CUbuntu:300,400%7CSource+Sans+Pro:400,600%7CUbuntu+Condensed%7COswald:400,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 15:41:45 GMT
x-content-type-options
nosniff
age
189552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 15:41:45 GMT
gma-header-logo.svg
aphrodite.gmanetwork.com/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aphrodite.gmanetwork.com/gma-header-logo.svg
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:bc00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4265686660c12d10f6954d8dec60884933d680f10dd79a4ff7a76c016d62f39a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
date
Mon, 22 May 2023 00:49:17 GMT
last-modified
Fri, 03 Apr 2020 07:47:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
70301
etag
W/"6070135b0880a0cca74ba0fc1221e24f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
XJFffgv084sHQX5-izXs6mNXfE09sA7GQ0pv8jg_9ntdX5zm9PHJfg==
x-amz-meta-s3b-last-modified
20200403T073750Z
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/ 		407 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c909c28a92bf7b48807218b7eb333d2e6700bd123064a9625b63e36764ae3d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 13:26:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
24885
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128419
x-xss-protection
0
server
cafe
etag
9945815184239927542
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 21 May 2024 13:26:12 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gmanetwork.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b64e6014d44204dad4649d8394429a406f03b2f8ec2150eff55d4f151fc01a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
776
x-xss-protection
0
expires
Mon, 22 May 2023 20:20:57 GMT
placement_invocation
rock.defybrick.com/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4400:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:40:56 GMT
content-encoding
gzip
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
FRA6-C1
age
34801
etag
"bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
18460
x-amz-cf-id
A7lCCjdCwdzR1Us2N2B6mbvBRtoftWDIoFy0rw5SBD6oZSxPDjD9Kg==
expires
Mon, 22 May 2023 22:40:56 GMT
wrapper.html
wrappers.geoedge.be/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:da00:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date
Mon, 22 May 2023 00:50:19 GMT
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
70239
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
3121
x-amz-cf-id
0_DCIZJv2XO5TrkoLozahiHybDEKor3OUL0QspMragf-GAlBnS39ew==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=334270881323232&ev=PageView&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&rl=&if=false&ts=1684786857605&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1684786857604.503008083&it=1684786857461&coo=false&rqm=GET
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 22 May 2023 20:20:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=334270881323232&ev=ViewContent&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&rl=&if=false&ts=1684786857608&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1684786857604.503008083&it=1684786857461&coo=false&rqm=GET
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 22 May 2023 20:20:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=334270881323232&ev=Search&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&rl=&if=false&ts=1684786857609&sw=1600&sh=1200&v=2.9.104&r=stable&ec=2&o=30&fbp=fb.1.1684786857604.503008083&it=1684786857461&coo=false&rqm=GET
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 22 May 2023 20:20:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
config
c.amazon-adsystem.com/cdn/prod/ 		469 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.gmanetwork.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.225.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-225-68.lhr61.r.cloudfront.net
Software
Server /
Resource Hash
c84f5c94fec8629693e4bbb5d8c6810bdeee0f88ae60703782c583d3dbcf6469

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
via
1.1 6b08baae6d8fdc124eeea9f6d807fa9a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
LHR61-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
469
x-amz-cf-id
Z8TXz0Cva4C3LBtWL_bVkvei6wW0qBu3SWwmW6APhWA4hE7_Eld8IA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.225.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-225-68.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 6c75f370e2f32e8fc940abded097e39c.cloudfront.net (CloudFront)
date
Sun, 21 May 2023 21:18:02 GMT
x-amz-cf-pop
LHR61-C2
age
82976
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
aMqwMgdxN15lHhrWH1MnU1vJdMto1miuh23xFhVCTdNR0jxUAD7p_w==
show_pla
flint.defybrick.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=24808956511077771182905162281912635776352621828397050900610884976107&nc=0&tsf=0&tsfmi=&pv=0&cb=1684786857754&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=3906136775&at=&bid=e30%3D&di=W1siZWYiLDE2XSxbMTIsIntcImN0eFwiOlwid2ViZ2wyXCIsXCJ2XCI6XCJpbnRlbCBpbmMuXCIs%0D%0AXCJyXCI6XCJpbnRlbCBpcmlzIG9wZW5nbCBlbmdpbmVcIixcInNsdlwiOlwid2ViZ2wgZ2xzbCBl%0D%0AcyAzLjAwIChvcGVuZ2wgZXMgZ2xzbCBlcyAzLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJn%0D%0AbCAyLjAgKG9wZW5nbCBlcyAzLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJl%0D%0AblwiOjgsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxMjg0MzE4%0D%0ANTIxLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7%0D%0AXG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAg%0D%0AICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAg%0D%0AICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAg%0D%0AICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6%0D%0AIGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0p%0D%0AXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1d%0D%0AIl0sWy0xLCItIl0sWy0yLCI3LGVZRzlYMS9YMXRabFMyMmQ1MXg4WU5ZOU14SlFFTUNkVUJISkw4%0D%0ANkwyM0FDR1VoQkl3SVNTRUVBY0lKZlJlQWdRSUVGb0luZEN4d1FYamhvMjcxOTZtTWpPdi9yODcw%0D%0AdXhxRngiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJwYWVv%0D%0Aam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJdLFst%0D%0ANSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTEx%0D%0ALCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJ0d2l0dGVyOnRpdGxlXCIsXCJ0d2l0dGVyOmRlc2NyaXB0%0D%0AaW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcImRlc2NyaXB0aW9uXCIsXCJr%0D%0AZXl3b3Jkc1wiLFwibmV3c19rZXl3b3Jkc1wiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFst%0D%0AMTQsIntcIm9cIjowfSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAs%0D%0AMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEy%0D%0AMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIi0iXSxb%0D%0ALTIxLCJHQlJDRWNNUSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10i%0D%0AXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjIxNzAwMDAwLFwidWpoc1wiOjE5MzAwMDAwLFwi%0D%0AamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsOS42LDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwi%0D%0AZW4tVVMsZW4iXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAsMCwyLDIs%0D%0AMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJdLFstMzMs%0D%0AIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2ODQ3ODY4NTc3MjEsMF0iXSxbLTM2LCJbXCI0LzNcIixc%0D%0AIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsMCwwLDEsMCw0OSwz%0D%0AMiw5NzEsMjE2LDAsMTIwMS4yLDEyMDEuMiwxNjE5LDE2MjAiXSxbLTM5LCJbXCIyMDAzMDEwN1wi%0D%0ALDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZh%0D%0AbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00%0D%0AMywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiLSJd%0D%0ALFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIw%0D%0ALDAiXSxbLTQ5LCItIl0sWyJibmNoIiw3M11d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A1600%2C%22h%22%3A2639%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=iTST9EEV5y&sdd=%7B%7D&pto=1652
Requested by
Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
31a7d118f34c9f11e3c6f41ffee2d3a9c7832507bf8a9c8402a31b028475688b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1618
expires
Fri, 01 Jan 1990 00:00:00 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
8HGAAJ5SPG01V3HV
age
2897
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7cb7c3457c8fbc04-FRA
x-amz-id-2
f161amAWddzOEKqFyIw1z52Y5MNS/KtI81MQGyxgUMhTiDS4PahByU0RD15HxgWIBN24MAWKZrTTCx8w+NnXNA==
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.82.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-82-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 20:20:58 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.82.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-82-7.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.gmanetwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 22 May 2023 20:20:58 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
fontello.woff2
aphrodite.gmanetwork.com/assets/revamp/fonts/icons/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://aphrodite.gmanetwork.com/assets/revamp/fonts/icons/fontello.woff2
Requested by
Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:bc00:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10906b8c7ee290918a54bb5510854a38d276b9419e7f91d3781b7af6aeeaebfb

Request headers

Referer
https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 22 May 2023 20:19:04 GMT
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
119
x-cache
Hit from cloudfront
content-length
14692
last-modified
Thu, 10 Oct 2019 12:34:10 GMT
server
AmazonS3
etag
"f7d914c20b6df8faac5c74ee903a3f9b"
access-control-max-age
3000
access-control-allow-methods
GET, POST, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=120,public
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
tR19013rbJzfFaWrOXmzZ0AHu6NTu7wfZiq1BVRtdaicQgyTcjcB-Q==
moatcontent.js
z.moatads.com/gmanmicontent461752070830/ 		178 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/gmanmicontent461752070830/moatcontent.js
Requested by
Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/moat_content_tag.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5b3b78542673c46b4299265778cc870a3fe7d4bffc70cb1cac9c0e5199432c79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 16:48:35 GMT
server
AmazonS3
x-amz-request-id
C4A73E3E967220BF
etag
"5d09d15e235e777027a70f856982a114"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=25539
accept-ranges
bytes
content-length
58484
x-amz-id-2
ySWQIzwIYGwDiVfMluS5Yjbnbq4LEHGp0Rsf8Z0g2kUMTfTAF1Z3Vo7fjWlUMGG+zzveN0mJ65A=
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		0
0
FG65A-Y848M-3TACG-B2LGY-Y72BW
s.go-mpulse.net/boomerang/ Frame 4284 		202 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/FG65A-Y848M-3TACG-B2LGY-Y72BW
Requested by
Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/akamai.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:980::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9fb974b84a129972abbd1e2e5cfdf685cab5f6f22d881adf3845bc73b43eb4ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 04:38:54 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
x-n
S
timing-allow-origin
*
content-length
50141
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/quantcast.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 29 May 2023 20:20:57 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/facebook_sdk.gz.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e148913e99e99618ed4ad7bf64bf4f11a1e6d79ff1217b1448467457e406341b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 May 2023 20:20:57 GMT
content-md5
6w5kqUwLAWfoPn1NUfCpCg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
9EqgwWD5s0HhReoxYa0mkdZSKWOlNrY4U+AdV2ZKohPKIbEsGtqiAcwwwEBQe7Cx8/eBCHvmV3JxOcenmOGubA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
b5f72660b2f99eb154fd9af574f7d44f
cross-origin-opener-policy
same-origin-allow-popups
etag
"0fc39ebdd151849ea322c144118b5cbc"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Mon, 22 May 2023 20:38:09 GMT
js
www.googletagmanager.com/gtag/ 		221 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TQZBRMKGV4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242242-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a8d7dd3d0f542193a701e4c31d29bacfde4d6877c5adb0c6d3560b8bdc68a474
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79624
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 May 2023 20:20:57 GMT
51.gz
data2.gmanetwork.com/gno/embeds/ 		110 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data2.gmanetwork.com/gno/embeds/51.gz?id=51&container=body
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12e1180d7432fed998d28ca94b4a5a1754f846569df8972474ba7fbe3765b233

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:28 GMT
content-encoding
gzip
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
42
x-cache
Hit from cloudfront
content-length
119
last-modified
Thu, 17 Sep 2020 09:23:17 GMT
server
AmazonS3
etag
"4c7f0390cf4dbd23883e3c64e3982006"
access-control-max-age
3000
access-control-allow-methods
GET, POST, HEAD
content-type
text/plain
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
eipWdqAWqrGKuFL6g9f0VBzNuqSGnii7UKM7pqSfzN1KESnzkxhcbA==
home.gz
data2.gmanetwork.com/gno/widgets/at_a_glance_lists/ 		17 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://data2.gmanetwork.com/gno/widgets/at_a_glance_lists/home.gz
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ead89420cb5fc3e3679dd629520ff78aeba70152b9ce150ea675d539b214c2e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
content-encoding
gzip
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
53
x-cache
Hit from cloudfront
content-length
4524
last-modified
Mon, 22 May 2023 18:42:24 GMT
server
AmazonS3
etag
"a35491717bb6b71fa049ca29f3212d0d"
access-control-max-age
3000
access-control-allow-methods
GET, POST, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
i0zZbthyTr-U_vqlh9rBa8CqxxbbMAgfzXPBqr-LVrVgnzK8icYymg==
authors.gz
data2.gmanetwork.com/gno/authors/ 		24 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://data2.gmanetwork.com/gno/authors/authors.gz
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2b25c970973ba4ce825a2fa689b0498c4ccafd8e652027004302b657ca739b0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:11 GMT
content-encoding
gzip
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
53
x-cache
Hit from cloudfront
content-length
3442
last-modified
Thu, 16 Feb 2023 08:08:27 GMT
server
AmazonS3
etag
"04100ad8e130f5c58043af8a8bed8338"
access-control-max-age
3000
access-control-allow-methods
GET, POST, HEAD
content-type
text/plain
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
-gVSu8yBOOA1Ra76-ZyO7hPjLuUQyqg6P7GU4zeEhb3fql_-yuUvqQ==
latest_content
data2.gmanetwork.com/gno/widgets/fab/ 		2 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data2.gmanetwork.com/gno/widgets/fab/latest_content
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:19:24 GMT
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
109
x-cache
Hit from cloudfront
content-length
2
last-modified
Thu, 26 May 2022 02:25:14 GMT
server
AmazonS3
etag
"99914b932bd37a50b983c5e7c90ae93b"
access-control-max-age
3000
access-control-allow-methods
GET, POST, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
ujKFp5AiKJzrADiUo7oYrMUPjWVxS9WKbJeVWInGC-LvbEuI4FbzGQ==
Script
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fb8472babf170b2bfd35cb57a4f573ef0cb5dc0a2a618c14a7a803e1c43a4fa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:20:57 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Last-Modified
Mon, 22 May 2023 20:20:58 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript; charset=utf-8
Access-Control-Allow-Origin
*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
public, max-age=3600
Content-Length
16271
Expires
Mon, 22 May 2023 21:20:58 GMT
truncated
/ 		120 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
btb-logo-200px.svg
images.gmanetwork.com/res/img/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gmanetwork.com/res/img/btb-logo-200px.svg
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2260a0c10c2fa8903fab19e7b218e5727e4e2ab04b5a68fec7fa9a2a0753a77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 12:41:43 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Fri, 20 Dec 2019 04:01:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
4088355
etag
W/"c79fa6a925bb4a37a11558abba1f8a5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-cf-id
0LThX_AAV7eLQ0rXfK-WKdRzBN-KtAdRB3TB5rDu9-LtiIx8NCHxGw==
1681456014.png
images.gmanetwork.com/gno/widgets/promo_logo_cross_sell/img/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gmanetwork.com/gno/widgets/promo_logo_cross_sell/img/1681456014.png
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b0e5d24653f21f0938d998c32a747f7542f65cfb073b4aed33601a2991fc6c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 14 May 2023 17:30:12 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Fri, 14 Apr 2023 07:06:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
701446
etag
"87f5d40562e647388e10b42946ff11c7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
89655
x-amz-cf-id
mzBaWoESzn47Zn_bqrTAM0BPiDXWulLZGO7ac2HM3Ecqw2BdoHy5FA==
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gmanetwork.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
530 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 20:20:57 GMT
x-content-type-options
nosniff
content-encoding
br
age
32492
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230059-FRA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:11:08 GMT
via
1.1 google
age
589
x-guploader-uploadid
ADPycdvvnRzNbgz81WvJROFF-a61meF1JdJ8jP1FwldZA8dC-FHuSd-mAnHAlg73jP1VDinPyQh1ckUjqwClKSyAuFNM6w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Mon, 22 May 2023 21:11:08 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-112.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 05:55:32 GMT
content-encoding
gzip
via
1.1 ef2cb74895744344a0ea2100fbbb760a.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 00:14:05 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
51926
x-amz-server-side-encryption
AES256
etag
W/"37e703da55f96b973658b8e7aeed0e93"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
sXV5G3AU62R9ui0lw9Zmvz2TcbSfSAUvksowQR15hWoOsz1mbB6TVA==
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
QNZFRY7R9FJXK93W
age
1335
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7cb7c345fd3fbc04-FRA
x-amz-id-2
KKDhfGIrvMmWhKAufCzBC/nz7h+uhfzoYa3jYlHOyQKecIUrTE2oMNZPuo/P7zreNiWhD3nwINo=
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e200:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 02:36:56 GMT
Via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
63842
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
i_xS4n9_s_q8l7gktc1OMHnf2Ih5WIvkVU3CJHlzicskGddHVMR-6g==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 23:12:18 GMT
content-encoding
gzip
age
162519
x-guploader-uploadid
ADPycdvJ9f2JAcW_u33Wuncj8S73-G6Q6wRUusXGmU1oTYHkwdtBIiLp1LRa7LAdcbtsWxYQGd2x5956XBCXTVQq42M4_Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 19 May 2024 23:12:18 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 23 May 2023 20:20:57 GMT
870676.gz
data2.gmanetwork.com/676/gno/story/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://data2.gmanetwork.com/676/gno/story/870676.gz
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1330e89c3c4f3caa74516db197c337a24e5b7914c3c1dad696f8e8043085c5f8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
2213
last-modified
Sun, 21 May 2023 13:26:25 GMT
server
AmazonS3
etag
"99745ed2679a470f68d320c8e157f966"
access-control-max-age
3000
access-control-allow-methods
GET, POST, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
hE4HTXUeDPkVAeVRBRc0nk5YQMG60TLZu1jPhjmoNrE1u0YAtJmGng==
PBA_Images9_2023_05_21_20_05_55.JPG
images.gmanews.tv/webpics/2023/05/ 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gmanews.tv/webpics/2023/05/PBA_Images9_2023_05_21_20_05_55.JPG
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-16.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3277227489dd33365c3d5b41a680fca503f5d7d3bf03d45116ec7f22d563f61b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 12:12:01 GMT
via
1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
last-modified
Sun, 21 May 2023 12:05:55 GMT
server
AmazonS3
x-amz-cf-pop
LHR61-C2
age
115737
etag
"0b04777a44dc366b12deea7d5853f850"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
230040
x-amz-cf-id
QNt7q1RyX24P8gwOGgg-vbWXCVvSgNS5K2UjU3subeJDUldovfSc0w==
FIBA_3x3_Manila_Masters_2023_05_21_20_23_11.jpg
images.gmanews.tv/webpics/2023/05/ 		1007 KB
1009 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gmanews.tv/webpics/2023/05/FIBA_3x3_Manila_Masters_2023_05_21_20_23_11.jpg
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-16.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c517b3fe2008f33c42bc5d986ae53c0cd94b991779b9fee255737b27017931d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 12:47:49 GMT
via
1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
last-modified
Sun, 21 May 2023 12:23:12 GMT
server
AmazonS3
x-amz-cf-pop
LHR61-C2
age
113589
etag
"b03f1b6c7ed891dffd4f25c9e1802705"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
1031419
x-amz-cf-id
JMElJ5cQxN1Panud5iUbYGPMavq-Q-OMhKeX11V7ze_vIgGg57UD4g==
2023-05-05T145749Z_555531628_UP1EJ5515KB31_RTRMADP_3_GAMES-SEA-CAMBODIA-OPENING_2023_05_06_12_50_36.JPG
images.gmanews.tv/webpics/2023/05/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gmanews.tv/webpics/2023/05/2023-05-05T145749Z_555531628_UP1EJ5515KB31_RTRMADP_3_GAMES-SEA-CAMBODIA-OPENING_2023_05_06_12_50_36.JPG
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-16.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96b6b4dce8db6455fb7171fa014a4f4f96d15e05ec4d754b890d08c33f749b44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 09:47:14 GMT
via
1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
last-modified
Sat, 06 May 2023 04:50:42 GMT
server
AmazonS3
x-amz-cf-pop
LHR61-C2
age
124424
etag
"e7e6a201333c4f58c920760c2996c166"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
1231092
x-amz-cf-id
oQPhEuqg9hL0JRTtJeX8AkoJ3dW4Ct3ZaqOH7pHIOxhSadGGNtLCVw==
aheb_2023_05_22_21_41_57.png
images.gmanews.tv/webpics/2023/05/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gmanews.tv/webpics/2023/05/aheb_2023_05_22_21_41_57.png
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-16.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2457ccf5de8290b95814122470e5fca46a7a27e19836d516645821a7f4fb02a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 13:58:22 GMT
via
1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 13:41:57 GMT
server
AmazonS3
x-amz-cf-pop
LHR61-C2
age
22956
etag
"3e42a23b5920872b70b9641f2e5d93d9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
1317926
x-amz-cf-id
_dfRmKC-ti5bZzhEZ6PfYI7VG_ysRqrl6Kgr-VGRpJkuN4ZyP_WrWQ==
rambo_2023_05_22_19_25_13.jpg
images.gmanews.tv/webpics/2023/05/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gmanews.tv/webpics/2023/05/rambo_2023_05_22_19_25_13.jpg
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-16.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d85d113393f7c37fd881c0175ca072a97919207eb6b46e17ef816dcd414a7bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 12:31:19 GMT
via
1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 11:25:13 GMT
server
AmazonS3
x-amz-cf-pop
LHR61-C2
age
28179
etag
"08a3bb230ae1c8a0302ce98ac6a39583"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
110212
x-amz-cf-id
pR8dDF4RXaHEinBt9HXsPJ7GpdJi9bnbGdAYkS-f3cnJWrb-lUdCYg==
gab_2023_05_22_18_49_11.png
images.gmanews.tv/webpics/2023/05/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gmanews.tv/webpics/2023/05/gab_2023_05_22_18_49_11.png
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-16.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
339833912c6af5e3bb2fb6c593b8ba55da6eec37ea7a88c7cc40211b4c0227f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 11:14:25 GMT
via
1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 10:49:12 GMT
server
AmazonS3
x-amz-cf-pop
LHR61-C2
age
32793
etag
"32fbb44294c01b1e219b2c173d88575a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
1457680
x-amz-cf-id
PZsw2l4hKHhRpr7g8J4QMvza6EnlqDZP7nNR20ut7_ky4Hhi1R17Fw==
deliveraw.nmi
ads.allaccess.com.ph/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.allaccess.com.ph/deliveraw.nmi?zoneid=8115&sid=0012&_=1684786857169
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.14.50 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-14-50.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
deliveraw.nmi
ads.allaccess.com.ph/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.allaccess.com.ph/deliveraw.nmi?zoneid=8215&sid=0012&_=1684786857170
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.14.50 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-14-50.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
deliveraw.nmi
ads.allaccess.com.ph/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.allaccess.com.ph/deliveraw.nmi?zoneid=8315&sid=0012&_=1684786857171
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.14.50 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-14-50.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
98e575d2b309700db2d9b0d762d2adb5604b28ee50484c6eba0af050cef6c952
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Mon, 22 May 2023 20:20:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sdk.js
connect.facebook.net/en_US/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=62f923111e60526327296b3e8e70a4e2
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cf88c621b1c8d8418a771b8b0c0ac3ac5d3090eeb677a13fb9b21c8bae46ffff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.gmanetwork.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 May 2023 20:20:58 GMT
content-md5
ESr6JSaXhvMu7b1o7O/Avw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88636
x-fb-rlafr
0
x-fb-debug
I6KO1HCnrdX/KnSwzzs5rV3fB3zpfOiur257QFpQmCKpUFRrCSjtUIEM07g8Ez4zRl1qJ+QtWnf2dhrzJ9+lcg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
3b7698b835e44c0201f9742f4075a3e5
cross-origin-opener-policy
same-origin-allow-popups
etag
"c381dec0be95b2bf36e688fa7a6201d0"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 21 May 2024 19:58:52 GMT
rules-p-ernMzxMzj4rTH.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-ernMzxMzj4rTH.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
570eb26b1f69dc91b116affae587952ea205228975cec892890a16dab882124f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:26:33 GMT
content-encoding
gzip
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
3274
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 14:57:02 GMT
server
AmazonS3
etag
W/"2586e780d12e3579958caf730b2c56b5"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
jTLxt1kdsR0n5juXciB8PETOC4hufccoeCrLvAQmRkXHmvc4L6Advg==
increment
id5-sync.com/api/esp/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Mon, 22 May 2023 20:20:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.gmanetwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.gmanetwork.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Mon, 22 May 2023 20:20:58 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
626860b11d4296d5ad766f60ec9e77ef
encrypt
esp.rtbhouse.com/ 		285 B
380 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
ba057bcd64ba8cee97b0053d18101cf37f4dac5cfbc24aa94f8fb1fe46138485

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
65067bb4c310d6984ce55f03a8a8ac93
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
syncframe
gum.criteo.com/ Frame 6CFD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.gmanetwork.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 20:20:57 GMT
server
Kestrel
server-processing-duration-in-ticks
536508
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
esp
oajs.openx.net/ 		0
0
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1684786858115&sessionId=040450e9-1db9-0a7c-f200-eba44ea40d85&url=www.gmanetwork.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:20:58 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
c3751e8be5d970b8d6231fa3dd5f727d
Content-Length
4
Expires
0
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TQZBRMKGV4&gtm=45je35h0&_p=502622445&cid=1519667749.1684786858&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684786858&sct=1&seg=0&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&dt=Philippines%20detects%207%20more%20Arcturus%20cases%20%7C%20GMA%20News%20Online&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TQZBRMKGV4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
984.json
id5-sync.com/g/v2/ 		241 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/984.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
5033ac432d353b520a2c47038b2d92102d1d7135e7b3485632e97e11e0ed3cdc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Mon, 22 May 2023 20:20:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
map
bcp.crwdcntrl.net/6/ 		60 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.163.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-51-163-206.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
03be65abe7d4847e993f62b6fa94244acd0c7b0c2bdec4745bf122f8fe0d237f

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache
x-server
10.45.18.115
access-control-allow-credentials
true
content-length
60
expires
0
/
www.facebook.com/tr/ Frame 3C44 		0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.gmanetwork.com
Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.gmanetwork.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 20:20:58 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sid
mug.criteo.com/ Frame 6CFD
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=gmanetwork.com&sn=ChromeSyncframe&so=0&topUrl=www.gmanetwork.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=SG66PXxWSWx6RXRoaVlxbCtaWW5DZnVFYWw5Qm5ZS1g5QXpYWlZNWkRsKzFnWW4yeFdYUnZ2eHo3R2E4WGthcFZ6YzJEZGI0eUpmVm9MQ2lpeWM2azdWbW5rb0JEaVdHSTZBd2k1SEREcFd6T0RTWDdVVUl0bkl5bkFaMk...
454 B
660 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=SG66PXxWSWx6RXRoaVlxbCtaWW5DZnVFYWw5Qm5ZS1g5QXpYWlZNWkRsKzFnWW4yeFdYUnZ2eHo3R2E4WGthcFZ6YzJEZGI0eUpmVm9MQ2lpeWM2azdWbW5rb0JEaVdHSTZBd2k1SEREcFd6T0RTWDdVVUl0bkl5bkFaMkdsd1FIbU52T256cmcwK3JnRVRiYUNaTW9MREFhc1lMcThOaEtQd2xjUEp2T3ozTlE3OU0wZUlkVEo3WS8vNEpxZ0Y4MnpzVGNERTFlcXNXUk5GSEpBcXBEcXZPcmQ4Q3ZuTmYwSGdRK2RmM08rNS9PYkFyMWloQjAxNCtydWZyTyswV2VuWEhNaEJ3OEtKeFF1eEZIZWtoZDNyV2xKejNhbXZIMEJRY2Iyb0d0bHRGM3ZaQT18&cppv=2
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
20f4ca7bc5cb6afa1cecb7b93786f1c4ec733c84bdfc9fadde331a36316e6d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:57 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1886490
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=SG66PXxWSWx6RXRoaVlxbCtaWW5DZnVFYWw5Qm5ZS1g5QXpYWlZNWkRsKzFnWW4yeFdYUnZ2eHo3R2E4WGthcFZ6YzJEZGI0eUpmVm9MQ2lpeWM2azdWbW5rb0JEaVdHSTZBd2k1SEREcFd6T0RTWDdVVUl0bkl5bkFaMkdsd1FIbU52T256cmcwK3JnRVRiYUNaTW9MREFhc1lMcThOaEtQd2xjUEp2T3ozTlE3OU0wZUlkVEo3WS8vNEpxZ0Y4MnpzVGNERTFlcXNXUk5GSEpBcXBEcXZPcmQ4Q3ZuTmYwSGdRK2RmM08rNS9PYkFyMWloQjAxNCtydWZyTyswV2VuWEhNaEJ3OEtKeFF1eEZIZWtoZDNyV2xKejNhbXZIMEJRY2Iyb0d0bHRGM3ZaQT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
340087
content-length
0
expires
0
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1684786858212&sessionId=040450e9-1db9-0a7c-f200-eba44ea40d85&url=www.gmanetwork.com&cheqSource=1&cheqEvent=2&responseTime=680
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:20:58 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
033b1202d5ad3f9b3ed0b62e68ca855e
Content-Length
4
Expires
0
imp.gif
flint.defybrick.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e001362eac03dec4f8f959225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d65337fd78afe6d4e3474cee498fbd38e820d861c604d1042aaf7b03ab1e12557fce5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82d1b08f77f6aae97167aefdafd64ec57a917f0dd07c74cccd17cc22a2984db7299779ac0e1a688ecb74f29f47bb5b3f22a5066bb873695b110b3131054d30c0fd7d4d79d81b2c527df21d6deedc85ec54d5814aa5f0ddbc4c619238be922f901e49218c322ac2e184a069636ea098f93aa7ee8dc6cc448a7c19ccc7780191c2de84b011f7b467dcbab75a148c4c5cb25a89128f19739cbcffff36f9ea6ea4f6d7999a45247cdbc04564faeb9b060a33c85aa04b6bc77f23cf96fc010c94082ec69945e64f9a98f3b607d351e7b490f53efa3c92fcf51e6061b0036bbf0109dd1071ee2aa8befae66c3f1f6bed3a9ecae155d36fa5b94f4057c89286407ca625f7670f579a96a1ac1e2dd7e8c60d63996ad2cc9a4109a7d0b3d3d017a1380dde2db3e1649884b579fc1adcea2d641578cbabc61848a2269d2d60e2e2aacd39f0363c478c001db43bd6889189f8a56ada620a1db9ad8980a&cb=1684786858212&cri=iTST9EEV5y
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
zd_w_s_loading.css
d99666469a0d.bitsngo.net/content/ 		907 B
742 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d99666469a0d.bitsngo.net/content/zd_w_s_loading.css?ver=4.0.v20230502124137.011635.083158
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
df2f130ebaf879966d5e5e8e8623f57a217befe98549db88445fea1e2e1a5797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
last-modified
Thu, 04 May 2023 07:00:50 GMT
server
Microsoft-IIS/10.0
age
640906
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=864000
accept-ranges
bytes
content-length
470
x-llid
bf8e3c3a7821e596804d779988e7fabc
expires
Thu, 25 May 2023 10:19:12 GMT
jquery.tap.min.js
d99666469a0d.bitsngo.net/common-scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d99666469a0d.bitsngo.net/common-scripts/jquery.tap.min.js
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3d9b4c1e21f076d905f1b85a541dda587ee989d1516f1465c6c6ded005cb99a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
last-modified
Thu, 04 May 2023 07:00:48 GMT
server
Microsoft-IIS/10.0
age
278340
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=864000
accept-ranges
bytes
content-length
1130
x-llid
3c0241cbbdf92f818fd3623cb2a8501e
expires
Mon, 29 May 2023 15:01:58 GMT
zoomd.widget.loader.min.js
d99666469a0d.bitsngo.net/widget-scripts/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d99666469a0d.bitsngo.net/widget-scripts/zoomd.widget.loader.min.js?ver=4.0.v20230502124137.011635.083158
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c81f5b73270c9a90122a5b2b9038a925e15aa450ff1625c6a5ed0f1059754289

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
last-modified
Thu, 04 May 2023 07:04:38 GMT
server
Microsoft-IIS/10.0
age
372433
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=864000
accept-ranges
bytes
content-length
13105
x-llid
7511ac738abd7be44a9a925c3e493384
expires
Sun, 28 May 2023 12:53:45 GMT
pixel;r=968338869;labels=title.Philippines%20detects%207%20more%20Arcturus%20cases%2Ckeywords.news%2Ckeywords.novelcoronavirus%2Ckeywords.covid-19%20news%20philippines%2Ckeywords.covid-19%20variant...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=968338869;labels=title.Philippines%20detects%207%20more%20Arcturus%20cases%2Ckeywords.news%2Ckeywords.novelcoronavirus%2Ckeywords.covid-19%20news%20philippines%2Ckeywords.covid-19%20variants%2Ckeywords.Arcturus%20variant;rf=0;a=p-ernMzxMzj4rTH;url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-242629714-1684786858045;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=gmanetwork.com;dst=0;et=1684786858248;tzo=0;ogl=site_name.GMA%20News%20Online%2Ctitle.Philippines%20detects%207%20more%20Arcturus%20cases%2Ctype.article%2Curl.https%3A%2F%2Fwww%252Egmanetwork%252Ecom%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-m%2Cimage.https%3A%2F%2Fimages%252Egmanews%252Etv%2Fwebpics%2F2022%2F05%2Fpgc_2022_05_31_17_09_27%252Ejpg%2Cimage%3Asecure_url.https%3A%2F%2Fimages%252Egmanews%252Etv%2Fwebpics%2F2022%2F05%2Fpgc_2022_05_31_17_09_27%252Ejpg%2Cimage%3Awidth.640%2Cimage%3Aheight.480%2Cdescription.Seven%20additional%20cases%20of%20the%20COVID-19%20Omicron%20subvariant%20XBB%252E1%252E16%20or%20%26ldquo%3BArc%2Cpubdate.2023-05-21T15%3A31%3A58%2B08%3A00;ses=ba46b30b-ae26-42e8-b6cf-90f39e717351;mdl=
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=255951164473730&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=62f923111e60526327296b3e8e70a4e2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Mon, 22 May 2023 20:20:58 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
p77t9DC53jVc3u56fzbL+VdeMa2uyhAvt7k2KDODmVNUPLLfGNPm7GcTZxQemGkpmfkSaEKg8+hECmFD3A4vAw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
native_article_config.gz
data2.gmanetwork.com/gno/widgets/native_article_visibility/ 		822 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data2.gmanetwork.com/gno/widgets/native_article_visibility/native_article_config.gz
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c3b56d264497b98c23de724db15b960ca74a22834e829be05ea5de87eb4dc5c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:38 GMT
content-encoding
gzip
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
21
x-cache
Hit from cloudfront
content-length
195
last-modified
Thu, 18 May 2023 06:25:38 GMT
server
AmazonS3
etag
"2bcc64700ff27c81e68b1dc0ccf590b9"
access-control-max-age
3000
access-control-allow-methods
GET, POST, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
0bRV9XW9J3edvQbt9E4TiLmUMSEJhjt0NqOhK-n9rbWd2g21DrsO5Q==
trending_most_shared.gz
data2.gmanetwork.com/gno/widgets/most_shared/ 		22 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://data2.gmanetwork.com/gno/widgets/most_shared/trending_most_shared.gz
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b96df4aa53fdf791629e39450f0121542acdb829e61f841393ed4442e534c7c8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
RefreshHit from cloudfront
content-length
4554
last-modified
Mon, 22 May 2023 20:00:16 GMT
server
AmazonS3
etag
"c9fde05fc194438d91125b45ef75afbd"
access-control-max-age
3000
access-control-allow-methods
GET, POST, HEAD
content-type
text/plain
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
cfZUhURgODiNvPcygIH2vYTH2Td6fQpqkGvpPQ96v672GXTalASb4Q==
uuid.min.js
cdnjs.cloudflare.com/ajax/libs/node-uuid/1.4.8/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/node-uuid/1.4.8/uuid.min.js
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87b3e2271b71b1fefe56400637a37ef3fd2a66b84aee860973fa60b839d8262e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2253556
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1095
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-966"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOFllFol2c7ghPo3CYzcaEihdND7VcYRGUroGS7LS18zzFNOVDhbTQQPCpnik9m2yJHtLp%2FsQb%2B26XI84RqedmoCuDWr91%2BjWDJBEGbFTzsbj%2BC6l%2BeE%2FMcPWMYZly9X%2FEd9BgqfXInOWgHPjcTcMpbz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7cb7c348fdc23656-FRA
expires
Sat, 11 May 2024 20:20:58 GMT
/
www.gmanetwork.com/news/api/nextstory/ 		399 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gmanetwork.com/news/api/nextstory/?id=870676&site=topstories&special=1
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-93.muc50.r.cloudfront.net
Software
eqmod_httpd v1.0 (author: mon sarmiento) /
Resource Hash
0ec45db504776b90801e5cb3c0d74c5091fc3111001af139518966af1d779d25

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
via
1.1 4699c08b44211e17f977ca0133ec5e8e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
x-cache
Miss from cloudfront
p3p
CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
content-length
399
server
eqmod_httpd v1.0 (author: mon sarmiento)
etag
"1684815658"
access-control-max-age
1
access-control-allow-methods
POST, OPTIONS, GET, PUT
content-type
application/json; charset=UTF-8
access-control-allow-origin
*, www.gmanetwork.com
cache-control
max-age=120, public
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Authorization, X-Requested-With
x-amz-cf-id
mJqzIqKIETgT-fZJ-Wor6RFq9mhXV5Y4alwLznvJKarh9stgMt9OcA==
x-elapsed-time
191270 microseconds
buttons.js
ws.sharethis.com/button/ 		106 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/buttons.js?_=1684786857172
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:3e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b3ad2deeb0ecfc78350839b666a3ab1a00107ba099f0304de0ba395e4250ec96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 22:30:46 GMT
content-encoding
gzip
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P3
age
144814
x-cache
Hit from cloudfront
content-length
27572
server
nginx/1.20.1
etag
W/"64484e01-1a935"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
fPndguCawZuinuItyOUJpmUyjJYRLmlTuSTomr2SeNJeoWueGWQkaw==
expires
Wed, 24 May 2023 04:07:24 GMT
870676.json
related.gmanews.tv/12/articleTag/676/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://related.gmanews.tv/12/articleTag/676/870676.json
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-48.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd1d9904a85f86f09bdb32845a7f98868a03d28c10ebb284cd12a8f4a47b21c0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:21:00 GMT
Content-Encoding
gzip
Via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Last-Modified
Sun, 21 May 2023 13:26:39 GMT
Server
AmazonS3
ETag
W/"b6a17dca5380c327196877844b87f225"
Access-Control-Max-Age
1200
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=1200
Vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Id
Wx3VRpsJPVCkRcbl4RY3GrPneXlXmMMqWwFXrM3tU01EFfA9FEuwoQ==
get
mv.outbrain.com/Multivac/api/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&idx=0&rand=32296&widgetJSId=AR_11&va=true&et=true&format=html&clss=%2F2JpUZSIMaAVOeFrLzZOcemz%2FbrJcC%2FcjzUEfHGiNTKmYMlTLlHyGQ3pBLHP4MxLZv33xp8cvel48MKM&px=268&py=2065&vpd=865&cw=749&settings=true&recs=true&key=NANOWDGT01&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010309&sig=GBRCEcMQ&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5769485346b5776172ffd87820541855bd455fb8b2d942a2ba478e0a872139c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1684786858.467430,VS0,VE256
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21925-LGA, cache-fra-eddf8230087-FRA
x-traceid
5e0349ec9cb08a31b485a17fccdb556f
accept-ranges
bytes
content-length
8961
expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242242-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 May 2023 18:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
6319
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 22 May 2023 20:35:39 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J329KM2X1X&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242242-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
55b4da1b91cd0532cc8d4b93c255586a286e3dff278bbdb31fca9a45741cdf75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80353
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 May 2023 20:20:58 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		0
0
tagr_lib_learn_ph_v3.js
static-tagr.gd1.mookie1.com/s1/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tagr.gd1.mookie1.com/s1/tagr_lib_learn_ph_v3.js?tagid=V2_153300&id=GMA
Requested by
Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/custom_analytics.gz.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.85.46 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-85-46.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5ddadabbf40d5ed6cc3b3735f87451e0a5ec1782cec93f338005566ad060fbc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:20:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jul 2016 05:35:34 GMT
Server
nginx
ETag
"579999a6-1153"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1217
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=34&ud=false&qa=1600&qb=1200&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qi=1600&qj=1200&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qm=0&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ7Ry%5ETm_h%25G3%3C8%2BNT6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BmxAkmP%3DK%5B*xp%23Vl358YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&i=GMANMI_CONTENT1&hp=1&pl=1&zMoatIS=1&kq=1&dnt=0&bq=0&f=0&o=3&t=1684786857825&de=269386377295&m=0&ar=e687a89-clean&q=0&cb=0&cu=1684786858088&ll=2&ln=0&em=0&en=0&d=www.gmanetwork.com%2Fnews%3APhilippines%20detects%207%20more%20Arcturus%20cases%3A__page__%3A-&qs=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&vc=2&gw=gmanmicontent461752070830&fd=1&ac=1&it=500&fs=99042&na=2087423825&cs=0
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 22 May 2023 20:20:58 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gmanetwork.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		3 KB
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346727912234372&correlator=616901490689519&eid=31074171%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fifs&iu_parts=344684475%2CGNO_News_Article_Leaderboard_1%2CGNO_News_Desktop_Outstream%2CGNO_News_Mrec_1%2CGNO_News_Desktop_Pushdown%2CGNO_News_Desktop_Interstitial%2CGNO_News_Desktop_Skinning&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%2C1x1%2C300x250%7C336x280%7C250x250%7C300x600%2C1x1%2C1x1%2C1x1&ifi=1&adks=4056048591%2C238940457%2C3694305453%2C2258825539%2C4085097882%2C4031442275&didk=1953749000~4189678152~3271249305~4189678154~4189678155~4189678156&sfv=1-0-40&ists=23&prev_scp=keyword%3Dnews%2Cnovelcoronavirus%2Ccovid19newsphilippines%2Ccovid19_variants%2Carcturus_variant%26ad_pt%3DNews_Article_Inside_Page%26ad_pos%3DGNO_News_Article_Leaderboard_1_1%26site_id%3DGMA_News_Online%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cad_pt%3DNews_Article_Inside_Page%26ad_pos%3DGNO_News_Desktop_Outstream_1%26site_id%3DGMA_News_Online%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Ckeyword%3Dnews%2Cnovelcoronavirus%2Ccovid19newsphilippines%2Ccovid19_variants%2Carcturus_variant%26ad_pt%3DNews_Article_Inside_Page%26ad_pos%3DGNO_News_Mrec_1_1%26site_id%3DGMA_News_Online%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Ckeyword%3Dnews%2Cnovelcoronavirus%2Ccovid19newsphilippines%2Ccovid19_variants%2Carcturus_variant%26ad_pt%3DNews_Article_Inside_Page%26ad_pos%3DGNO_News_Desktop_Pushdown_1%26site_id%3DGMA_News_Online%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Ckeyword%3Dnews%2Cnovelcoronavirus%2Ccovid19newsphilippines%2Ccovid19_variants%2Carcturus_variant%26ad_pt%3DNews_Article_Inside_Page%26ad_pos%3DGNO_News_Desktop_Interstitial_1%26site_id%3DGMA_News_Online%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Ckeyword%3Dnews%2Cnovelcoronavirus%2Ccovid19newsphilippines%2Ccovid19_variants%2Carcturus_variant%26ad_pt%3DNews_Article_Inside_Page%26ad_pos%3DGNO_News_Desktop_Skinning_1%26site_id%3DGMA_News_Online%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1684786858464&lmt=1684786858&dlt=1684786856847&idt=924&adxs=275%2C276%2C1057%2C-12245933%2C0%2C0&adys=182%2C1143%2C185%2C-12245933%2C165%2C165&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C-1%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&frm=20&vis=1&psz=760x0%7C733x0%7C300x-1%7C0x-1%7C1600x0%7C1600x0&msz=754x0%7C733x0%7C300x-1%7C0x-1%7C1600x0%7C1600x0&fws=0%2C0%2C4%2C644%2C0%2C0&ohw=0%2C0%2C349%2C0%2C0%2C0&ga_vid=1519667749.1684786858&ga_sid=1684786858&ga_hid=502622445&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtI_9qIQxSABSAghkEhkKCnB1YmNpZC5vcmcYoJD9qIQxSABSAghqEoICCghydGJob3VzZRLsAUV4TGoyamZPZk5GcHJhQytjYU8rcitpQklMN3ZGQ0szSDdSUEhQTGJ0cGhBbkY2RFdXai9VYVBWcThjQU9pNEF1TlNQMkhnVXBEMzRrc1JhTTN4MWJ4aXd4SFBMNFFWQktLbnlFTzBmM0xkcWthSVU3akUyUEpYOFYrd1Y0NjlkMEMwZ3NHc2FoQXJudi9rVUZkNDJmaVE3aXlqRFFzTDZNNWNEenZ1c2xVM251TUZQZEE3WEVVMFlMRUF0QmZIZmxRbkwycFU3cllaZnYyeGh2TlNNZWc2YzRXSU95NkI5eGg5cG1HWHRTbjg9GKCS_aiEMUgAEh0KDmVzcC5jcml0ZW8uY29tGLSP_aiEMUgAUgIIZBIZCgp1aWRhcGkuY29tGLSP_aiEMUgAUgIIZBIUCgVvcGVueBi0j_2ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNCR_aiEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff048d2d43ca5721e81d143019fc592338253e3d83016fe7750525ed8f5a79a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
548
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FF33 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 20:20:58 GMT
expires
Tue, 21 May 2024 20:20:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		546 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346727912234372&correlator=616901490689519&eid=31074171%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fifs&iu_parts=344684475%2CGNO_News_Article_Mrec_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250&ifi=7&adks=1281224334&didk=3451667982&sfv=1-0-40&prev_scp=keyword%3Dnews%2Cnovelcoronavirus%2Ccovid19newsphilippines%2Ccovid19_variants%2Carcturus_variant%26ad_pt%3DNews_Article_Inside_Page%26ad_pos%3DGNO_News_Article_Mrec_1_1%26site_id%3DGMA_News_Online%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1684786858500&lmt=1684786858&dlt=1684786856847&idt=924&adxs=710&adys=672&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=1519667749.1684786858&ga_sid=1684786858&ga_hid=502622445&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtI_9qIQxSABSAghkEhkKCnB1YmNpZC5vcmcYoJD9qIQxSABSAghqEoICCghydGJob3VzZRLsAUV4TGoyamZPZk5GcHJhQytjYU8rcitpQklMN3ZGQ0szSDdSUEhQTGJ0cGhBbkY2RFdXai9VYVBWcThjQU9pNEF1TlNQMkhnVXBEMzRrc1JhTTN4MWJ4aXd4SFBMNFFWQktLbnlFTzBmM0xkcWthSVU3akUyUEpYOFYrd1Y0NjlkMEMwZ3NHc2FoQXJudi9rVUZkNDJmaVE3aXlqRFFzTDZNNWNEenZ1c2xVM251TUZQZEE3WEVVMFlMRUF0QmZIZmxRbkwycFU3cllaZnYyeGh2TlNNZWc2YzRXSU95NkI5eGg5cG1HWHRTbjg9GKCS_aiEMUgAEh0KDmVzcC5jcml0ZW8uY29tGLSP_aiEMUgAUgIIZBIZCgp1aWRhcGkuY29tGLSP_aiEMUgAUgIIZBIUCgVvcGVueBi0j_2ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNCR_aiEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfa39aeae63778e6e16ff300b3c92952f5d55dda6d036b53c306863f8156c15f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
277
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&qs=1&ak=https%3A%2F%2Fwww.gmanetwork.com%2F%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F-&i=GMANMI_CONTENT1&ud=false&qm=0&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ7Ry%5ETm_h%25G3%3C8%2BNT6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BmxAkmP%3DK%5B*xp%23Vl358YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=0&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=5530&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&f=0&o=3&t=1684786857825&de=269386377295&cu=1684786858088&m=565&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&pg=0&pf=0&cc=0&bw=0&bx=0&em=0&en=0&bu=1&cd=0&ah=1&am=0&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3APhilippines%20detects%207%20more%20Arcturus%20cases%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=229780059&cs=0
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 22 May 2023 20:20:58 GMT
zoomd.fingerprint.min.js
d99666469a0d.bitsngo.net/widget-scripts/ 		22 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d99666469a0d.bitsngo.net/widget-scripts/zoomd.fingerprint.min.js?ver=4.0.v20230502124137.011635.083158
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8a2153745009222f56c15f7a692545853ec35d0b8dbb20f4931a6830fca7c9e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
last-modified
Thu, 04 May 2023 07:04:40 GMT
server
Microsoft-IIS/10.0
age
372433
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=864000
accept-ranges
bytes
content-length
10689
x-llid
1f46c095eed365939a510d77568551a2
expires
Sun, 28 May 2023 12:53:45 GMT
async-buttons.js
ws.sharethis.com/button/ 		89 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/async-buttons.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js?_=1684786857172
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:3e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 01:28:48 GMT
content-encoding
gzip
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P3
age
240730
x-cache
Hit from cloudfront
content-length
18813
server
nginx/1.20.1
etag
W/"64484eb7-16245"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
mYIAC7TusZ2Il4HYKjUGLu7k9z2hfkbnqTRfJ_XG8_qQKBIUEJgiSQ==
expires
Tue, 23 May 2023 01:28:48 GMT
collect
www.google-analytics.com/j/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=502622445&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&dp=%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&ul=en-us&de=UTF-8&dt=Philippines%20detects%207%20more%20Arcturus%20cases%20%7C%20GMA%20News%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACgCI~&jid=1205483762&gjid=188735996&cid=1519667749.1684786858&tid=UA-242242-2&_gid=1059052617.1684786859&_r=1&gtm=457e35h0&cd6=article&cd7=&cd8=Nation&cd9=News&cd10=&cd11=May%2021%2C%202023&cd12=news%2C%20novelcoronavirus%2C%20covid-19%20news%20philippines%2C%20covid-19%20variants%2C%20Arcturus%20variant&z=1321831468
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pview
l.sharethis.com/ 		0
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1684786858523.12314&hostname=www.gmanetwork.com&location=%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&title=Philippines%20detects%207%20more%20Arcturus%20cases%20%7C%20GMA%20News%20Online&sop=false&description=Seven%20additional%20cases%20of%20the%20COVID-19%20Omicron%20subvariant%20XBB.1.16%20or%20%26ldquo%3BArcturus%26rdquo%3B%20were%20detected%20in%20the%20country%2C%20bringing%20the%20total%20caseload%20to%2011.&ua=&ua_mobile=false&ua_full_version_list=
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js?_=1684786857172
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.25.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-25-145.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:20:58 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://www.gmanetwork.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-J329KM2X1X&gtm=45je35h0&_p=502622445&_gaz=1&cid=1519667749.1684786858&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Philippines%20detects%207%20more%20Arcturus%20cases%20%7C%20GMA%20News%20Online&dp=%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&sid=1684786858&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.content_type=Article&ep.author=&ep.subsection=Nation&ep.audience_interest=News&ep.content_source=&ep.publish_date=May%2021%2C%202023&ep.keywords=news%2C%20novelcoronavirus%2C%20covid-19%20news%20philippines%2C%20covid-19%20variants%2C%20Arcturus%20variant&ep.content_id=870676&ep.section=News&ep.show_name=&ep.portal_section=News
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J329KM2X1X&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J329KM2X1X&cid=1519667749.1684786858&gtm=45je35h0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J329KM2X1X&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J329KM2X1X&cid=1519667749.1684786858&gtm=45je35h0&aip=1&z=1224001077
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-242242-2&cid=1519667749.1684786858&jid=1205483762&gjid=188735996&_gid=1059052617.1684786859&_u=YADAAUAAAAAAACgCI~&z=569012954
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 22 May 2023 20:20:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
zoomd.widget.logger.min.js
d99666469a0d.bitsngo.net/widget-scripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d99666469a0d.bitsngo.net/widget-scripts/zoomd.widget.logger.min.js?ver=4.0.v20230502124137.011635.083158
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
583fe4f751cc9368fc8f17eae9dfac08db4bd7d7c0d20fc963776beca3f52f33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
last-modified
Thu, 04 May 2023 07:04:40 GMT
server
Microsoft-IIS/10.0
age
372432
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=864000
accept-ranges
bytes
content-length
3808
x-llid
1f6adb4c92e02aba7334d16a05f9ac43
expires
Sun, 28 May 2023 12:53:46 GMT
reeltime5_2023_05_22_16_17_05.jpg
images.gmanews.tv/webpics/2023/05/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gmanews.tv/webpics/2023/05/reeltime5_2023_05_22_16_17_05.jpg
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-16.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eea12af431c4a89deb740d731786836cbd7024739b2ca6b36a3a3bf633cbb4bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 08:33:23 GMT
via
1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 08:17:05 GMT
server
AmazonS3
x-amz-cf-pop
LHR61-C2
age
42456
etag
"074559a6db39bc80e657fec6e3059eea"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
49307
x-amz-cf-id
knYi6FovSW6AwXEPYiTxCqksO8dY8mFRcDAeEdH5e2wjmVaHsRER4Q==
ear_2023_05_22_22_28_15.png
images.gmanews.tv/webpics/2023/05/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gmanews.tv/webpics/2023/05/ear_2023_05_22_22_28_15.png
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-16.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccd6cbc25376ef043dc9981e5a6280688a236039d3a83bf7b7f9b6fc1404ea1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 16:25:10 GMT
via
1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 14:28:15 GMT
server
AmazonS3
x-amz-cf-pop
LHR61-C2
age
14149
etag
"d6199ffdd012f2c095dc899f4f370fe3"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
1102365
x-amz-cf-id
cqzJYqnzO7b4O6X22ViFRBU2eP9Q213fMrH__EdvSxnRYXK9W_oh-A==
reeltime8_2023_05_17_22_41_50.jpg
images.gmanews.tv/webpics/2023/05/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.gmanews.tv/webpics/2023/05/reeltime8_2023_05_17_22_41_50.jpg
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-16.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82d3c15b3f0cf15ff99308b5d6a06c30e655015220a5faa0c194aebcd41851a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 14:56:41 GMT
via
1.1 4679bcdf12b82fd8e0db5832beb9e1ee.cloudfront.net (CloudFront)
last-modified
Wed, 17 May 2023 14:41:49 GMT
server
AmazonS3
x-amz-cf-pop
LHR61-C2
age
451458
etag
"8b8e5030929ad3234b9e228eb8fc47e8"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
40929
x-amz-cf-id
X3J6hNSIsXQY6uQ5C7IbStLJemmiDo79FkEVylMWCKttS8EXAM2etw==
Lora-Medium.ttf
images.gmanetwork.com/res/fonts/Lora/ 		121 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://images.gmanetwork.com/res/fonts/Lora/Lora-Medium.ttf
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35fccc04b246dd0a782a707b2437ee552e605d3e573d344d80e082f1aea5a4e6

Request headers

Referer
https://www.gmanetwork.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:19:59 GMT
content-encoding
gzip
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
75
x-cache
Hit from cloudfront
last-modified
Wed, 24 Mar 2021 13:03:05 GMT
server
AmazonS3
etag
W/"c3e2f11036e070e9ea5a4cc2c1169165"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, POST
content-type
application/font-sfnt
access-control-allow-origin
https://www.gmanetwork.com
access-control-expose-headers
ETag
cache-control
max-age=120
access-control-allow-credentials
true
x-amz-cf-id
xWwWwtwSw2h8dpsviMFKfqMhLXH4ekFmmvL16hKy3opIC6yUvFC90Q==
buttons-secure.css
ws.sharethis.com/button/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/css/buttons-secure.css
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:3e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 01:56:53 GMT
content-encoding
gzip
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 25 Apr 2023 22:05:43 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA60-P3
age
66245
etag
W/"64484eb7-5a76"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-robots-tag
noindex, nofollow
content-length
3851
x-amz-cf-id
lJMMnMA6lZ-HmGUZtNk0Is12cATZvo7FoUVjp_v56we5NpCFLs1Slg==
get_counts
count-server.sharethis.com/v2.0/ 		213 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&cb=stButtons.processCB&wd=true
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
/
Resource Hash
51db3dd90f0a2577eda77387fb632bb9444b806e7e0874d07bea434fa03d258e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P1
etag
e6ac997e947c85bb8ac6cdcaa7d0b447
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
public, max-age=900
content-length
213
apigw-requestid
FV06tgMCoAMEPIQ=
x-amz-cf-id
m9iCfvv3KwvSmUtk4ITLHpwx6J1E2jbz-p8H_gWoRDYe0lirfdXyZA==
pview
l.sharethis.com/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1684786858523.12314&hostname=www.gmanetwork.com&location=%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&title=Philippines%20detects%207%20more%20Arcturus%20cases%20%7C%20GMA%20News%20Online&sop=false&description=Seven%20additional%20cases%20of%20the%20COVID-19%20Omicron%20subvariant%20XBB.1.16%20or%20%26ldquo%3BArcturus%26rdquo%3B%20were%20detected%20in%20the%20country%2C%20bringing%20the%20total%20caseload%20to%2011.&ua=&ua_mobile=false&ua_full_version_list=&description=Seven%20additional%20cases%20of%20the%20COVID-19%20Omicron%20subvariant%20XBB.1.16%20or%20%26ldquo%3BArcturus%26rdquo%3B%20were%20detected%20in%20the%20country%2C%20bringing%20the%20total%20caseload%20to%2011.&img_pview=true
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.25.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-25-145.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:20:58 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-242242-2&cid=1519667749.1684786858&jid=1205483762&_u=YADAAUAAAAAAACgCI~&z=438959714
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-242242-2&cid=1519667749.1684786858&jid=1205483762&_u=YADAAUAAAAAAACgCI~&z=438959714
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: d99666469a0d.bitsngo.net
URL: https://d99666469a0d.bitsngo.net/widget-scripts/zoomd.widget.loader.min.js?ver=4.0.v20230502124137.011635.083158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47573
x-xss-protection
0
server
cafe
etag
864323164113620254
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 20:20:58 GMT
config.json
c.go-mpulse.net/api/ Frame 4284 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=FG65A-Y848M-3TACG-B2LGY-Y72BW&d=www.gmanetwork.com&t=5615956&v=1.667.0&if=&sl=0&si=tonqfnlb7n-rv2tuw&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,LOGN&acao=
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/FG65A-Y848M-3TACG-B2LGY-Y72BW
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 22 May 2023 20:20:58 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Content-Type
application/json
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Wed, 21 Jun 2023 20:20:58 GMT
date
Mon, 22 May 2023 20:20:58 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=5bd6964fd76fe132a4c2301671343477_3816_1684786858536&tm=1305&eT=0&widgetWidth=749&widgetHeight=36&widgetX=269&widgetY=2450&wRV=2010309&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=332&oo=true&lo=1303&obreq=1257&mvreq=2297&mvres=2628&cet=4g&to=1684786856104.3&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 22 May 2023 20:20:59 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
f7dd020070be9c1bb3ee3b22b859f583
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=448786a53b8a847932133ec98e2a64ee_3816_1684786858671&tm=1313&eT=0&widgetWidth=749&widgetHeight=343&widgetX=269&widgetY=2497&wRV=2010309&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=1303&obreq=1257&mvreq=2297&mvres=2628&re=2639&cet=4g&cs=1&to=1684786856104.3&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 22 May 2023 20:20:59 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
d559939c0ed4e3b05fa4b9cb8dd62247
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Wed, 21 Jun 2023 20:20:58 GMT
date
Mon, 22 May 2023 20:20:58 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"b79638966e0374c455e78107aee59bf4:1673369411.171576"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
7647
access-control-request-headers
X-OB-STG,X-OB-PRD
eyJpdSI6IjI1OTA1MmRmMGE0YjllNmFjNmY3NWYwZmM2ZjY4Nzk2NTk3ODNiNTZlZTQ5NDE1MDQyZWI5YTI3N2U5NjAyNWYiLCJ3IjoyMjUsImgiOjE1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI1OTA1MmRmMGE0YjllNmFjNmY3NWYwZmM2ZjY4Nzk2NTk3ODNiNTZlZTQ5NDE1MDQyZWI5YTI3N2U5NjAyNWYiLCJ3IjoyMjUsImgiOjE1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39ae29fb6a31a660ee8dc4b2d6c0f2053a43f80a645e2327f4078a38e87709d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
last-modified
Wed, 03 May 2023 21:59:46 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1772079
access-control-allow-credentials
false
x-traceid
431282ad1b7c3ed7231f11289d87f7c3
timing-allow-origin
*, *
content-length
7444
eyJpdSI6IjgyMWJjZThmYmEyZDA2Njc0MjJjNWNiMzJmMWI3MTQ3OTQ5OWQ4MmFkNGZiNzZlMGNmYTA3ZjU5OWU2ZTNlMmQiLCJ3IjoyMjUsImgiOjE1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjgyMWJjZThmYmEyZDA2Njc0MjJjNWNiMzJmMWI3MTQ3OTQ5OWQ4MmFkNGZiNzZlMGNmYTA3ZjU5OWU2ZTNlMmQiLCJ3IjoyMjUsImgiOjE1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
975c6d6f40a49af07ff3a2b8cdb81b44ec70958b8109efe0dabbf1ccf47a7cc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
last-modified
Fri, 05 May 2023 02:23:19 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1972674
access-control-allow-credentials
false
x-traceid
da65ceac31adc9137d353a37c485c6b5
timing-allow-origin
*, *
content-length
2916
gmanetwork_zoomd.js
prodpsus1.blob.core.windows.net/content/pixels/ 		860 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prodpsus1.blob.core.windows.net/content/pixels/gmanetwork_zoomd.js?userId=07dbbd25-4a7e-4391-9b4f-7e4a47f2d5ca
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.150.88.132 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d46b7712943d14b327830c345926bdb29d127f75dfd28105dd88b5f0293981b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 May 2023 20:20:58 GMT
Last-Modified
Thu, 20 May 2021 10:56:59 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
SeH3AvXe18mvsXriAhnG7g==
ETag
"0x8D91B7DFDD717B0"
x-ms-meta-CbModifiedTime
Thu, 20 May 2021 10:55:52 GMT
Content-Type
application/x-javascript
x-ms-request-id
12a3f19b-401e-006d-6aea-8cd2e3000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
860
x-ms-lease-state
available
GetToken
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 		230 B
954 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
265b793952dac20ab883221fbaba6d9e5c725ed1b3ff97982f90c15230b516db

Request headers

Accept
*/*
Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Mon, 22 May 2023 20:20:58 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private
Content-Length
325
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: d99666469a0d.bitsngo.net
URL: https://d99666469a0d.bitsngo.net/widget-scripts/zoomd.widget.loader.min.js?ver=4.0.v20230502124137.011635.083158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47580
x-xss-protection
0
server
cafe
etag
14618065574795717956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 20:20:58 GMT
css
fonts.googleapis.com/ 		3 KB
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 May 2023 20:12:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 May 2023 20:20:58 GMT
icon
fonts.googleapis.com/ 		569 B
366 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 May 2023 20:20:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 May 2023 20:20:58 GMT
masonry.pkgd.min.js
d99666469a0d.bitsngo.net/widget-scripts/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d99666469a0d.bitsngo.net/widget-scripts/masonry.pkgd.min.js?v=4.0.v201807040945
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b4ab3afc167a24f795563b7a51fae8dfbe6efc232ccb2e2add52dacc59cec3e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
last-modified
Thu, 04 May 2023 07:00:50 GMT
server
Microsoft-IIS/10.0
age
147169
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=864000
accept-ranges
bytes
content-length
10208
x-llid
9c1dcccc044d6b0d5108fdb42b8f3c76
expires
Wed, 31 May 2023 03:28:09 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
13005264
cdn-cachedat
2021-04-13 02:55:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a4c754a17577d74a872d3c9c794d1a4f
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
7cb7c34bc9d32c04-FRA
cdn-requestpullsuccess
True
core.min.js
cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/ 		86 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/core.min.js
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c062e44ef26a7b57ee5e158af4af360561ed6f3d18d96e4c1faa9b69097add0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
271990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25572
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-156f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60ZaAr31hSuvZF7pN1AT4iW0OFwL6vOESy0rMWqqhm3ECWufFYxNA3fkokqnNte42Bpkq%2BX9ZLwk5tOdax%2FCr1YnMz4gqUxMJkVMH7IB2LVaLdUFQ4Oc4PoQOtjXrrTFygjKAZA5BkUn1FPpbVaUApTa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7cb7c34baaf03656-FRA
expires
Sat, 11 May 2024 20:20:58 GMT
localstore.js
script.4dex.io/ 		483 B
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:20:58 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
6318
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4i5a3fAjmDHVOj7lpWU4IJ0BsWyRnbdN19u1gE68IjcALws6Ec4GxvCvxQDgPoI6k2SOEpj9x%2BSrV5UVI1%2BOZRmH8nOcG694s4QeZ4rtFpPTzY14iZMgiwxKwfnn2sFuHKaHGu4x%2Fa8Y4j3"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7cb7c34c0d403a98-FRA
prebid
prebid.media.net/rtb/ 		338 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
90e447211d52627783bae197748c8caedaf93898d88c9b6bc382dc7de9d629df

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Mon, 22 May 2023 20:20:58 GMT
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Mon, 22 May 2023 20:20:58 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
90
server
envoy
vary
origin, Accept-Encoding
adjson
ads.betweendigital.com/ 		2 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
c
prebid.a-mo.net/a/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Mon, 22 May 2023 20:20:58 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
90
server
envoy
vary
origin, Accept-Encoding
prebid
mp.4dex.io/ 		120 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eca20419d94311e5a49971e72cc9d0db29c36634c77e2e59257fcb118bf14596

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Mon, 22 May 2023 20:20:58 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: andbeyond72811, Process Seats Booster. unable to get the seat booster engine for organization: 1056
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cb7c34c2f8a047e-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=400198&zone_id=2242420&size_id=2&alt_size_ids=1&rp_schain=1.0,1!andbeyond.media,11791,1,,,&rf=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&tk_flint=rtbpbjs_lite_v7.24.0&x_source.tid=242aff12-2a93-4952-80ba-f2ffcda6c20f&l_pb_bid_id=1677cd193fdc9c2&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2457932844221311
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
eab2d0e498b7cc465f38912396499533252df9f9cc48efeb0c8b2f1150ff63f6

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:59 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
240
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:20:58 GMT
AN-X-Request-Uuid
e9e0028a-bf53-4552-a42c-160f5a70ea14
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
rtbdemand-d.openx.net/w/1.0/ 		72 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=242aff12-2a93-4952-80ba-f2ffcda6c20f&nocache=1684786858883&schain=1.0%2C1!rtbdemand.com%2C22608%2C1%2C%2C%2C&aus=728x90%2C468x60%2C600x100%2C640x100&divids=andbeyond72811&aucs=&auid=545695137&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3243a213014da5e30d17accce5e29848093a294a673ac6b9c2de32f26bce56cf

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gmanetwork.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:20:58 GMT
AN-X-Request-Uuid
bf08a529-e3c9-4162-b1f7-05af440b1495
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.24.0&cb=46027849204&lsavail=1&bundle=HdCBJV9aeUdQMGwlMkYlMkZkNXp1NUlGVXlyamg0RXllWSUyRnNEUWVpNTV6JTJGOWduWmNoY05nWG9sZXdJTDZPbFR5OHBXQktJQUlscGZua2ppTFYlMkZzVmlRY3lnUzZMald2JTJCWlh0SDIlMkJUd0RXS1lRRHQlMkJxT0JOa1Z4JTJGZWZZSHltNHRaUFFOaHF0bXFzREpkaWNaT0tIbEFURHFZcTVERUElM0QlM0Q
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Mon, 22 May 2023 20:20:59 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ap.lijit.com/rtb/ 		24 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.24.0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e52e925a8adc7802a757abd47d2563f63ffaf1f78cf9d88f03fe89ec525bb40e

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 20:20:58 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gmanetwork.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
2df6f88fe4dda1582c4ed948f60e98765ca33b9daebe54d77a64f701bc1fe903

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:20:59 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:20:58 GMT
AN-X-Request-Uuid
ca9ae0f6-c7dc-423e-82c2-a250d5f402a1
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		338 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7012011e8cdb2db42b0aca12c14c593d2c28e0daf761bbb795f731e623200ecf

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Mon, 22 May 2023 20:20:58 GMT
c
prebid.a-mo.net/a/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Mon, 22 May 2023 20:20:58 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
86
server
envoy
vary
origin, Accept-Encoding
adjson
ads.betweendigital.com/ 		2 B
891 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
c
prebid.a-mo.net/a/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Mon, 22 May 2023 20:20:58 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
87
server
envoy
vary
origin, Accept-Encoding
prebid
mp.4dex.io/ 		120 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27a0fa1aa88fb190d209a248726417fbcdf8fa1e2cf4ff195328723d35e36cdd

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Mon, 22 May 2023 20:20:58 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: andbeyond30016, Process Seats Booster. unable to get the seat booster engine for organization: 1056
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cb7c34c4f9f047e-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=400198&zone_id=2242416&size_id=15&alt_size_ids=13%2C13%2C14&rp_schain=1.0,1!andbeyond.media,11791,1,,,&rf=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&tk_flint=rtbpbjs_lite_v7.24.0&x_source.tid=22e94b24-ed93-4d9b-bbb1-4ed638a46a3b&l_pb_bid_id=5116da3649eee41&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.17613618765838113
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d7bc96f153ac5033f5e2606a0e005f34576b523350d315478b5dfcb6c638ebc8

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:20:58 GMT
AN-X-Request-Uuid
824bffb4-f92c-46d3-ba1b-850a05616d62
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
rtbdemand-d.openx.net/w/1.0/ 		73 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=22e94b24-ed93-4d9b-bbb1-4ed638a46a3b&nocache=1684786858922&schain=1.0%2C1!rtbdemand.com%2C22608%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C200x200&divids=andbeyond30016&aucs=&auid=557740598&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4ec18ec190bfb2ecdeefa644730ae63d1f18847a720bf38f710c33d3bfd72b08

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gmanetwork.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:20:58 GMT
AN-X-Request-Uuid
4dad1474-e1ef-4b8b-83fd-c16ae3351e90
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.24.0&cb=86178132924&lsavail=1&bundle=HdCBJV9aeUdQMGwlMkYlMkZkNXp1NUlGVXlyamg0RXllWSUyRnNEUWVpNTV6JTJGOWduWmNoY05nWG9sZXdJTDZPbFR5OHBXQktJQUlscGZua2ppTFYlMkZzVmlRY3lnUzZMald2JTJCWlh0SDIlMkJUd0RXS1lRRHQlMkJxT0JOa1Z4JTJGZWZZSHltNHRaUFFOaHF0bXFzREpkaWNaT0tIbEFURHFZcTVERUElM0QlM0Q
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Mon, 22 May 2023 20:20:59 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ap.lijit.com/rtb/ 		94 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.24.0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
2cc70921afef5cff57318874bdc7ca3139c1198514054d3625a23b6a805d52b5

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 20:20:58 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gmanetwork.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f245c95c1dba9e2d0f5d02afcaa8ac837c27aeff17a19397f1924c4169b85

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:20:59 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1984
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:20:58 GMT
AN-X-Request-Uuid
d49edac9-8f27-4e30-892c-cb7ffdb9e7b9
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gmanetwork.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346727912234372&correlator=616901490689519&eid=31074171%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fifs&iu_parts=21751243814%3A344684475%2C179580-728-90-11&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=8&adks=2151697657&didk=1483248443&sfv=1-0-40&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0&sc=1&cookie=ID%3D38b350852a74feb3%3AT%3D1684786858%3AS%3DALNI_MZgJk1t9G6IMiCZwihjTt4dItNqpw&gpic=UID%3D00000c1a0fed6a37%3AT%3D1684786858%3ART%3D1684786858%3AS%3DALNI_MaACfQmASIsx1WumrPuJamiP0PsNQ&abxe=1&dt=1684786858943&lmt=1684786858&dlt=1684786856847&idt=924&adxs=288&adys=201&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&frm=20&vis=1&psz=754x25&msz=728x0&fws=0&ohw=0&ga_vid=1519667749.1684786858&ga_sid=1684786858&ga_hid=502622445&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtI_9qIQxSABSAghkEhkKCnB1YmNpZC5vcmcYoJD9qIQxSABSAghqEoICCghydGJob3VzZRLsAUV4TGoyamZPZk5GcHJhQytjYU8rcitpQklMN3ZGQ0szSDdSUEhQTGJ0cGhBbkY2RFdXai9VYVBWcThjQU9pNEF1TlNQMkhnVXBEMzRrc1JhTTN4MWJ4aXd4SFBMNFFWQktLbnlFTzBmM0xkcWthSVU3akUyUEpYOFYrd1Y0NjlkMEMwZ3NHc2FoQXJudi9rVUZkNDJmaVE3aXlqRFFzTDZNNWNEenZ1c2xVM251TUZQZEE3WEVVMFlMRUF0QmZIZmxRbkwycFU3cllaZnYyeGh2TlNNZWc2YzRXSU95NkI5eGg5cG1HWHRTbjg9GKCS_aiEMUgAEh0KDmVzcC5jcml0ZW8uY29tGLSP_aiEMUgAUgIIZBIZCgp1aWRhcGkuY29tGLSP_aiEMUgAUgIIZBIUCgVvcGVueBi0j_2ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNCR_aiEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8af3542745a937d5feab831724fd913a804fed00e6b56298224f93fde0faf463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15660
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346727912234372&correlator=616901490689519&eid=31074171%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fifs&iu_parts=21751243814%3A344684475%2C179580-300-250-16&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=9&adks=1323550853&didk=1585714558&sfv=1-0-40&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&sc=1&cookie=ID%3D38b350852a74feb3%3AT%3D1684786858%3AS%3DALNI_MZgJk1t9G6IMiCZwihjTt4dItNqpw&gpic=UID%3D00000c1a0fed6a37%3AT%3D1684786858%3ART%3D1684786858%3AS%3DALNI_MaACfQmASIsx1WumrPuJamiP0PsNQ&abxe=1&dt=1684786858952&lmt=1684786858&dlt=1684786856847&idt=924&adxs=1057&adys=200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=349&ga_vid=1519667749.1684786858&ga_sid=1684786858&ga_hid=502622445&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtI_9qIQxSABSAghkEhkKCnB1YmNpZC5vcmcYoJD9qIQxSABSAghqEoICCghydGJob3VzZRLsAUV4TGoyamZPZk5GcHJhQytjYU8rcitpQklMN3ZGQ0szSDdSUEhQTGJ0cGhBbkY2RFdXai9VYVBWcThjQU9pNEF1TlNQMkhnVXBEMzRrc1JhTTN4MWJ4aXd4SFBMNFFWQktLbnlFTzBmM0xkcWthSVU3akUyUEpYOFYrd1Y0NjlkMEMwZ3NHc2FoQXJudi9rVUZkNDJmaVE3aXlqRFFzTDZNNWNEenZ1c2xVM251TUZQZEE3WEVVMFlMRUF0QmZIZmxRbkwycFU3cllaZnYyeGh2TlNNZWc2YzRXSU95NkI5eGg5cG1HWHRTbjg9GKCS_aiEMUgAEh0KDmVzcC5jcml0ZW8uY29tGLSP_aiEMUgAUgIIZBIZCgp1aWRhcGkuY29tGLSP_aiEMUgAUgIIZBIUCgVvcGVueBi0j_2ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNCR_aiEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dae2e8fefe15583d082b2212b7a0fa76d6017107e17737819a0ca10b392e6a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13811
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
action,authorization,clientid,content-type,sourcesenderid
Access-Control-Request-Method
POST
Origin
https://www.gmanetwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
action,authorization,clientid,content-type,sourcesenderid
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://www.gmanetwork.com
Access-Control-Max-Age
3600
Content-Length
0
Date
Mon, 22 May 2023 20:20:59 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sourcesenderId
3
accept-language
de-DE,de;q=0.9
Authorization
SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=ctf5qEDotz3IIxzAtGIZJk0i%2ByS4R%2F6x1h7gT%2BRDwEo%3D&se=1684787505&skn=all
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/atom+xml;type=entry;charset=UTF-8
Accept
*/*
clientId
"84092033"
action
pageView
Referer
https://www.gmanetwork.com/

Response headers

Access-Control-Allow-Origin
https://www.gmanetwork.com
Strict-Transport-Security
max-age=31536000
Date
Mon, 22 May 2023 20:20:58 GMT
Access-Control-Allow-Credentials
true
Server
Microsoft-HTTPAPI/2.0
Transfer-Encoding
chunked
Content-Type
application/xml; charset=utf-8
zoomd.widget.externalcontent.loader.min.js
d99666469a0d.bitsngo.net/widget-scripts/extra_content/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d99666469a0d.bitsngo.net/widget-scripts/extra_content/zoomd.widget.externalcontent.loader.min.js?ver=4.0.v20230502124137.011635.083158
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f48cb31c5ba706dd8e1c256f2b9d4c4642433f060898b31f4d371d6f28dd75fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:58 GMT
content-encoding
gzip
last-modified
Thu, 04 May 2023 07:04:42 GMT
server
Microsoft-IIS/10.0
age
372432
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=864000
accept-ranges
bytes
content-length
6776
x-llid
6b5ac4ed6d9ec6ad1e0844f29f560aa7
expires
Sun, 28 May 2023 12:53:46 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
263d8060bafe426b7104d74091838266cf2c6028102f28108db28332373bae9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25334
x-xss-protection
0
server
cafe
etag
937 / 19499 / m202305160101 / config-hash: 8319726746282660736
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 20:20:59 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 02:17:51 GMT
x-content-type-options
nosniff
age
237787
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:19:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 02:17:51 GMT
bubble_arrow_below.png
ws.sharethis.com/secure/images/ 		969 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/secure/images/bubble_arrow_below.png
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:3e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 01:04:29 GMT
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
FRA60-P3
age
5253390
etag
"64012823-3c9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
969
x-amz-cf-id
eI-OLkm5tQ8Jl9546sTknfsukq7tgm1yuNBP4s86tHS32CPx23-_2A==
expires
Fri, 22 Mar 2024 01:04:29 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:20:59 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1430516
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zr10ZCdyMIM2lGZ0BgHFggWHlIG%2Fmp5TbnID4eBJVzsioN96FRbkK60Ve3b9MmlCWuT01TAnSzW0XlfoQdOIucOath0UVpeitTW%2BBVFMUJKdlGgg4jQ26kXJMw24r7cHfvkecd99R0E5a5cB"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7cb7c34cfe3e9b4f-FRA
jquery.dfp.min.js
d99666469a0d.bitsngo.net//common-scripts/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d99666469a0d.bitsngo.net//common-scripts/jquery.dfp.min.js?v=4.0.v201807040945
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9d566d5a66973cf49495579c828f81361d994a2b2e42690b5824ef1fd7803227

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
last-modified
Thu, 04 May 2023 07:04:44 GMT
server
Microsoft-IIS/10.0
age
615974
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=864000
accept-ranges
bytes
content-length
3227
x-llid
4fa4213fddb12f91b817d04166c92efa
expires
Thu, 25 May 2023 17:14:45 GMT
runtime.js
d99666469a0d.bitsngo.net/content/4.0/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d99666469a0d.bitsngo.net/content/4.0/js/runtime.js?v=4.0.v20230502124137.011635.083158
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ccf31bcb7b2a07a4adcc4839fb1622e966485019c0db8ee1e4e03acbc569e344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
last-modified
Thu, 04 May 2023 07:08:06 GMT
server
Microsoft-IIS/10.0
age
372432
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=864000
accept-ranges
bytes
content-length
1991
x-llid
f23e39704e592d0b7ea49d2fc7c82517
expires
Sun, 28 May 2023 12:53:47 GMT
zd_top.searches.css
d99666469a0d.bitsngo.net/Content/3.0/widget-css/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d99666469a0d.bitsngo.net/Content/3.0/widget-css/zd_top.searches.css?ver=4.0.v20230502124137.011635.083158
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
14829d93b1fddff24933e2734dae992d8a79b6ab3ef96ad1ca77e82e1b49136c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
last-modified
Thu, 04 May 2023 07:00:50 GMT
server
Microsoft-IIS/10.0
age
372433
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=864000
accept-ranges
bytes
content-length
3175
x-llid
37785c21042e2fb3c17ca1b22cc1d629
expires
Sun, 28 May 2023 12:53:46 GMT
zd_top.searches.min.js
d99666469a0d.bitsngo.net/widget-scripts/extra_content/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d99666469a0d.bitsngo.net/widget-scripts/extra_content/zd_top.searches.min.js?ver=4.0.v20230502124137.011635.083158
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
11d6e70dd675e3ecffff360b6c7ffc8db2e8c10ea5f3d007f0d4a2d6a9f9e9c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
last-modified
Thu, 04 May 2023 07:04:42 GMT
server
Microsoft-IIS/10.0
age
372433
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=864000
accept-ranges
bytes
content-length
8507
x-llid
cc46ef9507e27be601d261fdd47033e6
expires
Sun, 28 May 2023 12:53:46 GMT
learn
ph-gmtdmp.mookie1.com/t/v2/ 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_153300&src.domain=www.gmanetwork.com&src.url=%252Fnews%252Ftopstories%252Fnation%252F870676%252Fphilippines-detects-7-more-arcturus-cases%252Fstory%252F&src.id=GMA&src.rand=8798231484
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.79.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.79.111.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
action,authorization,clientid,content-type,sourcesenderid
Access-Control-Request-Method
POST
Origin
https://www.gmanetwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
action,authorization,clientid,content-type,sourcesenderid
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://www.gmanetwork.com
Access-Control-Max-Age
3600
Content-Length
0
Date
Mon, 22 May 2023 20:20:58 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sourcesenderId
3
accept-language
de-DE,de;q=0.9
Authorization
SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=ctf5qEDotz3IIxzAtGIZJk0i%2ByS4R%2F6x1h7gT%2BRDwEo%3D&se=1684787505&skn=all
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/atom+xml;type=entry;charset=UTF-8
Accept
*/*
clientId
"84092033"
action
DFPLoaded
Referer
https://www.gmanetwork.com/

Response headers

Access-Control-Allow-Origin
https://www.gmanetwork.com
Strict-Transport-Security
max-age=31536000
Date
Mon, 22 May 2023 20:20:58 GMT
Access-Control-Allow-Credentials
true
Server
Microsoft-HTTPAPI/2.0
Transfer-Encoding
chunked
Content-Type
application/xml; charset=utf-8
vendor.js
d99666469a0d.bitsngo.net/content/4.0/js/ 		451 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d99666469a0d.bitsngo.net/content/4.0/js/vendor.js?v=4.0.v20230502124137.011635.083158
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
08c81648bcbad3dd665ef330cf7e792f55a7a4dd36468820a8c4412fa15f8e9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
last-modified
Thu, 04 May 2023 07:08:06 GMT
server
Microsoft-IIS/10.0
age
372433
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=864000
accept-ranges
bytes
content-length
157748
x-llid
f4239137071d67727233fcd89a87ff2e
expires
Sun, 28 May 2023 12:53:46 GMT
MultipleTopSearch
zdwidget3-bs.sphereup.com/ 		519 B
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zdwidget3-bs.sphereup.com/MultipleTopSearch?callback=jQuery111103934114438954637_1684786857173&clientId=84092033&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&query=&title=&loader=false&containerType=SR1&overrideActions=true&targetUrl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&_=1684786857174
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
771b1df94b0db9601ce7d8c9b7e0ec390bf2b8fc74dd7b1d9bcdeff89ab13d47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:20:59 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache
Content-Length
339
Expires
-1
messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sourcesenderId
3
accept-language
de-DE,de;q=0.9
Authorization
SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=ctf5qEDotz3IIxzAtGIZJk0i%2ByS4R%2F6x1h7gT%2BRDwEo%3D&se=1684787505&skn=all
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/atom+xml;type=entry;charset=UTF-8
Accept
*/*
clientId
"84092033"
action
TSrequested
Referer
https://www.gmanetwork.com/

Response headers

Access-Control-Allow-Origin
https://www.gmanetwork.com
Strict-Transport-Security
max-age=31536000
Date
Mon, 22 May 2023 20:20:59 GMT
Access-Control-Allow-Credentials
true
Server
Microsoft-HTTPAPI/2.0
Transfer-Encoding
chunked
Content-Type
application/xml; charset=utf-8
messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
action,authorization,clientid,content-type,sourcesenderid
Access-Control-Request-Method
POST
Origin
https://www.gmanetwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
action,authorization,clientid,content-type,sourcesenderid
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://www.gmanetwork.com
Access-Control-Max-Age
3600
Content-Length
0
Date
Mon, 22 May 2023 20:20:58 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
main.js
d99666469a0d.bitsngo.net/content/4.0/js/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d99666469a0d.bitsngo.net/content/4.0/js/main.js?v=4.0.v20230502124137.011635.083158
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c762d27c5c244f9d543271795ce8a39ee5cffc2359cde2f59b5527820c3ef58d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
last-modified
Thu, 04 May 2023 07:08:06 GMT
server
Microsoft-IIS/10.0
age
372416
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=864000
accept-ranges
bytes
content-length
27080
x-llid
b64c903a38ae39cfe869ead05992420b
expires
Sun, 28 May 2023 12:54:03 GMT
zone.min.js
cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Requested by
Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1684786857168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
937fdab3409538bd4f6164b79c2caf886f7bb6170fcc37d9bb2fa3c9c010940f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1212636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12870
last-modified
Mon, 04 May 2020 16:18:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04044-ac73"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JoLp0UQJqYEVhROH4es4fxg939CFENZy01IDge68s%2BZHAOhq4rqCy0L99i%2BQiA2%2BruM0ciSN6ziQNnMEW7bRghwv%2BCs2FJJfIJPnofa7x0jscjZeUh%2FZLDiB4WhiZu7EB3zvEdTDFQGJNk2e3hUA%2Fsv0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7cb7c34dafc82c55-FRA
expires
Sat, 11 May 2024 20:20:59 GMT
messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
action,authorization,clientid,content-type,sourcesenderid
Access-Control-Request-Method
POST
Origin
https://www.gmanetwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
action,authorization,clientid,content-type,sourcesenderid
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://www.gmanetwork.com
Access-Control-Max-Age
3600
Content-Length
0
Date
Mon, 22 May 2023 20:20:59 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sourcesenderId
3
accept-language
de-DE,de;q=0.9
Authorization
SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=ctf5qEDotz3IIxzAtGIZJk0i%2ByS4R%2F6x1h7gT%2BRDwEo%3D&se=1684787505&skn=all
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/atom+xml;type=entry;charset=UTF-8
Accept
*/*
clientId
"84092033"
action
TopSearchesPath-not-found-on-page
Referer
https://www.gmanetwork.com/

Response headers

Access-Control-Allow-Origin
https://www.gmanetwork.com
Strict-Transport-Security
max-age=31536000
Date
Mon, 22 May 2023 20:20:58 GMT
Access-Control-Allow-Credentials
true
Server
Microsoft-HTTPAPI/2.0
Transfer-Encoding
chunked
Content-Type
application/xml; charset=utf-8
711123.html
idsync.rlcdn.com/ Frame 8D2E 		0
98 B 		Document
General
Check archive.org
Download Go to
Full URL
https://idsync.rlcdn.com/711123.html?partner_uid=07dbbd25-4a7e-4391-9b4f-7e4a47f2d5ca
Requested by
Host: prodpsus1.blob.core.windows.net
URL: https://prodpsus1.blob.core.windows.net/content/pixels/gmanetwork_zoomd.js?userId=07dbbd25-4a7e-4391-9b4f-7e4a47f2d5ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 22 May 2023 20:20:59 GMT
via
1.1 google
deliveraw.nmi
ads.allaccess.com.ph/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.allaccess.com.ph/deliveraw.nmi?zoneid=8070&sid=0012&_=1684786857175
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.14.50 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-14-50.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
prebid
prebid.media.net/rtb/ 		338 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4a0d582d5fe3d7621ace0d261d65b09fbe3d78aba232b1692357362cb0cee90b

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Mon, 22 May 2023 20:20:59 GMT
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Mon, 22 May 2023 20:20:58 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
87
server
envoy
vary
origin, Accept-Encoding
adjson
ads.betweendigital.com/ 		2 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
c
prebid.a-mo.net/a/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Mon, 22 May 2023 20:20:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
86
server
envoy
vary
origin, Accept-Encoding
prebid
mp.4dex.io/ 		120 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d250cdc5c686635954c65f30336eb510149a52713c5489c1b31c17e3fb0474ab

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Mon, 22 May 2023 20:20:59 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: andbeyond30017, Process Seats Booster. unable to get the seat booster engine for organization: 1056
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cb7c34efab7047e-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=400198&zone_id=2242416&size_id=15&alt_size_ids=13%2C13%2C14&rp_schain=1.0,1!andbeyond.media,11791,1,,,&rf=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&tk_flint=rtbpbjs_lite_v7.24.0&x_source.tid=f57acc68-0888-43b3-b902-17d1e1661f1c&l_pb_bid_id=87b8259a9376025&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.44368632697438226
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
09a9984d809b67134760b76217aae89e6318d11e34333c8fefc6c593209db6e7

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gmanetwork.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:20:59 GMT
AN-X-Request-Uuid
5044983e-e5fd-4ead-b2e7-99d20b61db45
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
rtbdemand-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f57acc68-0888-43b3-b902-17d1e1661f1c&nocache=1684786859355&schain=1.0%2C1!rtbdemand.com%2C22608%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C200x200&divids=andbeyond30017&aucs=&auid=557740598&aumfs=10
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b164203cf2d3dafbbd8fcbcda03aaae8ab54af7a1fb1ea25808f6fca759b7357

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gmanetwork.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:20:59 GMT
AN-X-Request-Uuid
ebada6a7-28c1-4b2b-8560-3e543451b436
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.24.0&cb=10077585852&lsavail=1&bundle=HdCBJV9aeUdQMGwlMkYlMkZkNXp1NUlGVXlyamg0RXllWSUyRnNEUWVpNTV6JTJGOWduWmNoY05nWG9sZXdJTDZPbFR5OHBXQktJQUlscGZua2ppTFYlMkZzVmlRY3lnUzZMald2JTJCWlh0SDIlMkJUd0RXS1lRRHQlMkJxT0JOa1Z4JTJGZWZZSHltNHRaUFFOaHF0bXFzREpkaWNaT0tIbEFURHFZcTVERUElM0QlM0Q
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Mon, 22 May 2023 20:20:59 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ap.lijit.com/rtb/ 		23 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.24.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
78a46f492f1a658e7f2c84d08adbc95ce68f76eae4cd6533ded80da0328658e2

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 20:20:59 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gmanetwork.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
5b88cd0a2be05a47832fcf5fe1569b5b5604386ea686910bd2ec85b1c4477920

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:20:59 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:20:59 GMT
AN-X-Request-Uuid
5a836379-0990-4a1b-a84a-9ec056fe282a
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gmanetwork.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346727912234372&correlator=616901490689519&eid=31074171%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fifs&iu_parts=21751243814%3A344684475%2C179580-300-250-17&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=10&adks=576703028&didk=1585714559&sfv=1-0-40&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&sc=1&cookie=ID%3Dae4339fd1a8e2bb2%3AT%3D1684786858%3AS%3DALNI_MYWVV2eWGPukJpGO-KAdra9cPb77A&gpic=UID%3D00000c1a0f056c2a%3AT%3D1684786858%3ART%3D1684786858%3AS%3DALNI_MZSS7SIszxinLBjmAYzXmOIwa1eHA&abxe=1&dt=1684786859373&lmt=1684786859&dlt=1684786856847&idt=924&adxs=710&adys=692&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&frm=20&vis=1&psz=300x28&msz=300x0&fws=0&ohw=0&ga_vid=1519667749.1684786858&ga_sid=1684786858&ga_hid=502622445&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtI_9qIQxSABSAghkEhkKCnB1YmNpZC5vcmcYoJD9qIQxSABSAghqEoICCghydGJob3VzZRLsAUV4TGoyamZPZk5GcHJhQytjYU8rcitpQklMN3ZGQ0szSDdSUEhQTGJ0cGhBbkY2RFdXai9VYVBWcThjQU9pNEF1TlNQMkhnVXBEMzRrc1JhTTN4MWJ4aXd4SFBMNFFWQktLbnlFTzBmM0xkcWthSVU3akUyUEpYOFYrd1Y0NjlkMEMwZ3NHc2FoQXJudi9rVUZkNDJmaVE3aXlqRFFzTDZNNWNEenZ1c2xVM251TUZQZEE3WEVVMFlMRUF0QmZIZmxRbkwycFU3cllaZnYyeGh2TlNNZWc2YzRXSU95NkI5eGg5cG1HWHRTbjg9GKCS_aiEMUgAEh0KDmVzcC5jcml0ZW8uY29tGLSP_aiEMUgAUgIIZBIZCgp1aWRhcGkuY29tGLSP_aiEMUgAUgIIZBIUCgVvcGVueBi0j_2ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNCR_aiEMUgAUgIIag..
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58eea0dae803ad80cbacd40e53d6d316c5ae0ff8d07f5073f51e948d0012c7b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11556
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305051745000/ Frame 15CB 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5305e00f72123f81c8d7bf9016797c7c161b7d73a28cb4037425c93d5c50214
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 10:39:29 GMT
age
294090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61874
x-xss-protection
0
server
sffe
etag
"1f10ad03381c56f5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 May 2024 10:39:29 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 15CB 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 10:39:29 GMT
age
294090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5227
x-xss-protection
0
server
sffe
etag
"c5726c99a9d8e9d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 May 2024 10:39:29 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 15CB 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 10:39:29 GMT
age
294090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28894
x-xss-protection
0
server
sffe
etag
"e449c041a52d1404"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 May 2024 10:39:29 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 15CB 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 10:39:29 GMT
age
294090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1910
x-xss-protection
0
server
sffe
etag
"40d60bfa9b2b96dd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 May 2024 10:39:29 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 15CB 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 10:39:29 GMT
age
294090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12944
x-xss-protection
0
server
sffe
etag
"8267429d1a59707e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 May 2024 10:39:29 GMT
css
fonts.googleapis.com/ Frame 15CB 		4 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 May 2023 19:51:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 May 2023 20:20:59 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 15CB 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 22:44:13 GMT
x-content-type-options
nosniff
server
cafe
age
77806
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Mon, 22 May 2023 22:44:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 15CB 		295 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:36:41 GMT
x-content-type-options
nosniff
server
cafe
age
35058
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 23 May 2023 10:36:41 GMT
l
www.google.com/ads/measurement/ Frame 15CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTnxxrxdKhPbsuwI6Ox8Ng8BqHkJ7mvzlbGP8xknsW2o_y0jsVf8J2NylhKAJlYCJJkc1ymWlVEAiJUvF60AxuSyzsELw
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 15CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxFhAqs5rZPzFPMjE-gaEmYZwsa7C2XCo0NTv4RGBlPvtkg4QASDn3eBuYJXikIKgB6ABq_OKwwLIAQmpAqxuZVbUEoM-4AIAqAMByAMKqgTzAk_QC-mP7roUhta7vdt3A7tlvUQ-wvQ-UXGLwZHHmsuY76390jO57Lj6AJsYjJSlv6P0zNROsvsWLzBcNC7y53XX26Ej8-4agZlDdZm0ECnJs8J5pK32G-krPw3wCNaLK80fX777Tf04HJOYbCTbYPlmn0-k6CzpSDd0maxC0eCOxGqO1qif7awDg0e5cU_82lE5A8ylAsXkThlgwduGrWuUEc39oBc0kRIlS5VYKChyhwJeg4cEhrTEaqn34Bc-0Q9VQy54ziXHFojBuEb77-FCCTkIyv7MvniGAuai-RXHLzRSe8h1AJlxpv7uhbrkkJqqBeDGvPey1NTNtCgBH5td4y0yNG9A_-rgJ7iTfiawSMh97TxiqEfbGF2w4-WBlWgTcKQztK6JiFKvUekBrOk0IfOulrO4RZml3vUNeVXUmFwiV6HX7kZzdtRsTteLmqXOI8w1_tVhzXTHBvRM-es0vU5qN7PfVObQPcMWfDX2tk-FwAS9mO-WrATgBAGgBi6AB72M9bwBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQn-8B0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOIAKA8gLAbgT5APYEwPQFQGAFwGyFx4KHAgAEhRwdWItNTI1ODE2MDMzMTQ0ODg1MhiHrm4&sigh=DSLE8iTw8qQ&uach_m=[UACH]&cid=CAQSOwBygQiDSy9kHmo2RO-487dkvINoaYYlxW_ShchVk4IaQj1N1m7JI5OO_P6pY43SII08mmjMy3rRczELGAE&template_id=484
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
6592766407814317453
tpc.googlesyndication.com/simgad/644266887376337133/ Frame 15CB 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/644266887376337133/6592766407814317453
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb7329956ee55ce3b93fd58606d30fcc6321af9cc5e8fc24185890a9c6d06eff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 16:03:06 GMT
x-content-type-options
nosniff
age
15473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28487
x-xss-protection
0
last-modified
Thu, 18 May 2023 07:43:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 21 May 2024 16:03:06 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/7632860466907272279/ Frame 15CB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7632860466907272279/14763004658117789537?w=100&h=100
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f542ad41d6e85f44e6ed2a343c856025934dad4e8a8ecdb979e11204927ecbbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 17:51:41 GMT
x-content-type-options
nosniff
age
95358
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1389
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 09:45:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 20 May 2024 17:51:41 GMT
truncated
/ Frame 15CB 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82037095c748ef71614463ac45bc6891cfa88f1b2f74db856930ca2393d4bf2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 15CB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 17:04:15 GMT
x-content-type-options
nosniff
age
184604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 17:04:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 15CB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gmanetwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:06:17 GMT
x-content-type-options
nosniff
age
324882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 02:06:17 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&kq=1&lo=0&qs=1&ak=-&i=GMANMI_CONTENT1&ud=false&qm=0&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ7Ry%5ETm_h%25G3%3C8%2BNT6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BmxAkmP%3DK%5B*xp%23Vl358YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=1&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=5530&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&fy=268.8125&gp=277&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&f=0&o=3&t=1684786857825&de=269386377295&cu=1684786858088&m=1698&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=277&le=1&gm=1&io=1&ch=0&as=1&ag=1195&an=0&gf=0&gg=0&ez=1&ck=1195&kw=1135&aj=1&pg=51&pf=0&ib=0&cc=1&bw=1195&bx=0&undefined=1&ci=1195&jz=1135&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&em=0&en=0&bu=1135&cd=1&ah=1135&am=1&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3APhilippines%20detects%207%20more%20Arcturus%20cases%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=270231800&cs=0
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:59 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 22 May 2023 20:20:59 GMT
container.html
f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C44C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 20:20:58 GMT
expires
Tue, 21 May 2024 20:20:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame C44C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CF1VDq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgTxAk_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ2pGHrKPUxMzERLP_OOe286hi3dKAMYluK3whamAtxIAjs6PWshxOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04NzMxMjEwNzY1MjAyMjM3GIeubg&sigh=ZrpaxR4PRq8&uach_m=[UACH]&cid=CAQSOwBygQiDtp7kivzENnX9ps7bGJLAfHK7AWZOPdAT4963ThXuZi8jhHTbZwHMYnSs6yNCxJOquZqs4TgtGAE
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame C44C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kbwf4tkh8gry5a4hrty937rakdz8sfjx029fgtvvrps8fn7hfjt63p0pv8ckvfhn5kjz6svg4rthppgyt93esje8m35hfmejtj0cej5vfvamnbznhvb1fz3hhdmgv6rqbdpn7mtnmphx9e3tq9z2px6vycgf6w6dkexdmsr05xk4kymet7t6f2zqtcktk7bdvt57xs009f4n0zj3fcn7p6fssjgnnd4b04estk4n0tdfcp2zyb4e8ff4pxk05a9rbj4nqt08ns2jbk2d5v9hrhenbrf35bfanzj86cjwjxk4nbfx1691ybp392yrvkg5eyxmz1kewpvshsdzpstg7s8an5g7b9wr78w5kqp74syxb82gxvtj3d0s6jm84khte04xvd2gc&b=ZGvOqwAEi2EK4GeKAAZ6uzNbn2eKPkrpVSZyMw
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 20:20:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 3D26 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1j7krcjbpa2k15ya27v1ncnrhtj5nmw1htq9457gbd2wh9yt8c9e8s5k55wpmxkcbgj64txvqxy3xm2dwbh061tj9ctqq1t6xz8s6jqs89ptn7s4gwf16wdgmandqtbzr1ts2hr2qgxr6y6fry0k7nq0h61shq06208fqamgb4scn9b26b8vwxd0p6dhk6fknrct6p5tf9wq4kqrzragaddxgxz9m4apasdjahyc3drc6gzgb97ww8d66m51h0xfwbky4d822ggw78meznc22c2fhksje9qexmsg3w57y19zrr0grm9gj1ytb1gzj6hh3hg5hzqe2jypqddj74p6yp2k7vsgh7vhw1ygmegscb4wx99cem8b5ay98g0b3k4164dqmszj23x56f4p7cbxneg2jga3d440sfk7tqtxjfnft3vasacem&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Requested by
Host: f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
URL: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b65ffe1a08c37d612eaf808d99c5abd45103e8d987f12a17e4cc236556a2de2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cb7c350d90d1e6e-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 20:20:59 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame C44C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js
Requested by
Host: f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
URL: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:58:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
80530
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 21:58:49 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2980 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
URL: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
33406
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 11:04:13 GMT
etag
48472445140208031
expires
Tue, 23 May 2023 11:04:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame C44C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
URL: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:56:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
80676
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 21:56:23 GMT
l
www.google.com/ads/measurement/ Frame C44C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOaAuRtEh0OelrDlgZ5opF3JcayPzWEW2P7P3jBOwCHh2CPqOhNVJKVJX8Mf18pRIfTT5bVY80iULB4qZU5u5mDDUpIA
Requested by
Host: f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
URL: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C44C 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
URL: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
294279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 May 2024 10:36:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C44C 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
URL: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 20:20:59 GMT
truncated
/ Frame C44C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85e29b7925a5ef51e288890214ac016a32e89c87ec89d23cab6203b8345da2a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 2980 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEh2oYlo65MIPw8w9CEl7hA&google_cver=1&google_push=ATf1kGNUtxPMTutIStYsOoxxAcAfJN0OfdoUyEXimYK9z91LfTiYK0MPzs6wgsy78ennqONBYORk23t-zNHSW6xjrBnR_SZbGHhr
Requested by
Host: f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
URL: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2980
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEElp5oDU4WaE64IMCN-JcuI&google_cver=1&google_push=ATf1kGNwUzcKyLrzGSwLhMqylfWbJganV3gIdsQuh-99QP5oymonx-T4XZC5_8FCs-RJHkJ1v6aJfNiNvqM9264B...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNwUzcKyLrzGSwLhMqylfWbJganV3gIdsQuh-99QP5oymonx-T4XZC5_8FCs-RJHkJ1v6aJfNiNvqM9264BRLrjd0_eA8vy
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNwUzcKyLrzGSwLhMqylfWbJganV3gIdsQuh-99QP5oymonx-T4XZC5_8FCs-RJHkJ1v6aJfNiNvqM9264BRLrjd0_eA8vy
Requested by
Host: f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
URL: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 20:20:59 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x29 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNwUzcKyLrzGSwLhMqylfWbJganV3gIdsQuh-99QP5oymonx-T4XZC5_8FCs-RJHkJ1v6aJfNiNvqM9264BRLrjd0_eA8vy
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 22 May 2023 20:20:58 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 2980
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Qq4UFawtzM2t60BEBHAzr2tnczGAlV4mZHb2ZQ&google_push=PUSH_DATA
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
Requested by
Host: f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
URL: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:59 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
104416
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
274
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2980
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEP6Qag44bRjzHMoxbX7lTrs&google_cver=1&google_push=ATf1kGNNfeY5AZuRhyef3VNJepwwr3424bPjM3eF7aAe-me17ysGzXuunNeSQXu49YG5Zr9kC-73klhcqaZfNm-eb...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNNfeY5AZuRhyef3VNJepwwr3424bPjM3eF7aAe-me17ysGzXuunNeSQXu49YG5Zr9kC-73klhcqaZfNm-ebpMOvrZ8keKj&google_hm=GsJkuBZHeFaBMTq_RMOrVZ6q
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNNfeY5AZuRhyef3VNJepwwr3424bPjM3eF7aAe-me17ysGzXuunNeSQXu49YG5Zr9kC-73klhcqaZfNm-ebpMOvrZ8keKj&google_hm=GsJkuBZHeFaBMTq_RMOrVZ6q
Requested by
Host: f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
URL: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 20:20:59 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNNfeY5AZuRhyef3VNJepwwr3424bPjM3eF7aAe-me17ysGzXuunNeSQXu49YG5Zr9kC-73klhcqaZfNm-ebpMOvrZ8keKj&google_hm=GsJkuBZHeFaBMTq_RMOrVZ6q
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync
ssbsync.smartadserver.com/api/ Frame 2980 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPe7dTxmEE0Ko62SqQFX0dU&google_cver=1&google_push=ATf1kGMmYc-7Kwjc1GeQyH6QGD_EJmHHUDtGHKLINeMPwjQeHCGAd6Nl10ePSDJ8FxIFVcEGscAH_R2XPpd9pqLXGrtNMeIHZlNw
Requested by
Host: f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
URL: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.179 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-length
0
/
onetag-sys.com/match/ Frame 2980
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEK9q23CKsBlWfzRYD5CGgKM&google_cver=1&google_push=ATf1kGOcB9TNtA37HyE8sRyeCrr1FfaxBD_V-9GtRDnW3z09FZGVhBj8_R9CBR58qcGuMLcrBoUX0wwF5MB...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOcB9TNtA37HyE8sRyeCrr1FfaxBD_V-9GtRDnW3z09FZGVhBj8_R9CBR58qcGuMLcrBoUX0wwF5MBaMoaHcEsyNpucPFQUSA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
URL: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2980
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAX5TCFHz...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAX...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=852d591c-0ca6-422a-bad4-c466ea7b6833&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=852d591c-0ca6-422a-bad4-c466ea7b6833&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
URL: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:20:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=852d591c-0ca6-422a-bad4-c466ea7b6833&%%GOOGLE_PUSH_PAIR%%
date
Mon, 22 May 2023 20:20:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 2980 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0dbzIyzbCkzXVGcM2eGsqGEo5hz2pYgSuTp1lfOkx-IhkTh176fmX0SmmUAcCYU2I85ayaf0
Requested by
Host: f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
URL: https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 3D26 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j7krcjbpa2k15ya27v1ncnrhtj5nmw1htq9457gbd2wh9yt8c9e8s5k55wpmxkcbgj64txvqxy3xm2dwbh061tj9ctqq1t6xz8s6jqs89ptn7s4gwf16wdgmandqtbzr1ts2hr2qgxr6y6fry0k7nq0h61shq06208fqamgb4scn9b26b8vwxd0p6dhk6fknrct6p5tf9wq4kqrzragaddxgxz9m4apasdjahyc3drc6gzgb97ww8d66m51h0xfwbky4d822ggw78meznc22c2fhksje9qexmsg3w57y19zrr0grm9gj1ytb1gzj6hh3hg5hzqe2jypqddj74p6yp2k7vsgh7vhw1ygmegscb4wx99cem8b5ay98g0b3k4164dqmszj23x56f4p7cbxneg2jga3d440sfk7tqtxjfnft3vasacem&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1j7krcjbpa2k15ya27v1ncnrhtj5nmw1htq9457gbd2wh9yt8c9e8s5k55wpmxkcbgj64txvqxy3xm2dwbh061tj9ctqq1t6xz8s6jqs89ptn7s4gwf16wdgmandqtbzr1ts2hr2qgxr6y6fry0k7nq0h61shq06208fqamgb4scn9b26b8vwxd0p6dhk6fknrct6p5tf9wq4kqrzragaddxgxz9m4apasdjahyc3drc6gzgb97ww8d66m51h0xfwbky4d822ggw78meznc22c2fhksje9qexmsg3w57y19zrr0grm9gj1ytb1gzj6hh3hg5hzqe2jypqddj74p6yp2k7vsgh7vhw1ygmegscb4wx99cem8b5ay98g0b3k4164dqmszj23x56f4p7cbxneg2jga3d440sfk7tqtxjfnft3vasacem&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%26client%3Dca-pub-8731210765202237%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
16902
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mR2vYjMETG62pl36CxLjtE0klvkN0cKchWokgOOnxplkzNv7e7rGHb6vH%2FgZjw0VGC4lrwXO4dsVSRs02%2FPWz4IFMNx4tkZDcQohhEVWKXIrMbYJnvtB3m5SJl%2FDyMjIvuri42qpd%2F4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cb7c35129821e6e-FRA
expires
Mon, 22 May 2023 21:20:59 GMT
r62eglto.js
ad4m.at/ Frame 3D26 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j7krcjbpa2k15ya27v1ncnrhtj5nmw1htq9457gbd2wh9yt8c9e8s5k55wpmxkcbgj64txvqxy3xm2dwbh061tj9ctqq1t6xz8s6jqs89ptn7s4gwf16wdgmandqtbzr1ts2hr2qgxr6y6fry0k7nq0h61shq06208fqamgb4scn9b26b8vwxd0p6dhk6fknrct6p5tf9wq4kqrzragaddxgxz9m4apasdjahyc3drc6gzgb97ww8d66m51h0xfwbky4d822ggw78meznc22c2fhksje9qexmsg3w57y19zrr0grm9gj1ytb1gzj6hh3hg5hzqe2jypqddj74p6yp2k7vsgh7vhw1ygmegscb4wx99cem8b5ay98g0b3k4164dqmszj23x56f4p7cbxneg2jga3d440sfk7tqtxjfnft3vasacem&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
510417
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByEW88LZ8tmJhfTdD59x781rtFbxBIqiVJLDYhqjxwp2CyINr7%2FNCjqS079uSUqfqAqFmnlBv4HClMHR6I8WHaLTvqHkmIQXLmu%2F96ru3y6HhMQegZWAKhNfZn%2Fm7a7qUKmZiyo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7cb7c351399c1e6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 16 May 2023 13:46:07 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3D26 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2289
x-guploader-uploadid
ADPycds1SLdGXbfm0r3qDGy8sfwZXQfpj1kJA4sERetf1LIRiVzV7g41c7a-EwZMzWmu5dxBmhh2VgdQIymIU8Old3wWOUTyb-2i
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSh78q8xWcKHDnVkxbLLe002IAw5qQcGBhHy%2FCIw40OyZvNDYfiLWC%2FMDczK83LA3HLnq1D0Y85QWP6%2BFTD0RPilK3ztlrIDe6ox45ehoe3dhWBpxTotJiItp6ps6SDz9CE%2FvbZO13tMIVtFtDYBi0yE"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7cb7c351eeb42c41-FRA
expires
Mon, 22 May 2023 20:37:16 GMT
frame.html
ad4m.at/ Frame 80EA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
944664
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7cb7c351af162bfa-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Mon, 22 May 2023 20:20:59 GMT
expires
Mon, 08 May 2023 00:16:30 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BD7q174S%2BKRD8jKUorzrZFQ2A%2BV9RkPMuReX%2Fi4mRZBIrXXKN0i%2FEJuhG2kP%2FPIVeCnG9ihKl04iZ8ia3TVdEypSdetjH2ekOzYHn5NTQPVzINeADssbXaiK27RG1daF0HB4rM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cb7c35209629bb9-FRA
content-length
24
content-type
text/plain
date
Mon, 22 May 2023 20:20:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMRP%2FIrwmg4h80zTkTQtkemj14e4Vw64Ndg5qnwztarUFzWEMEyH7aTz67pwec7uZRJStGVxjdbD2Gdj4wK54mxg4bkB02Fiuksam9h5XbPGCWf0vqIZ4Ice209GmsTZDMXs1mk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-0pxx
rs
ad4m.at/ Frame 3D26 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
743975764d90a29076c15d95f339f6572e7d29829d393b249a5a2bbfd67c6124

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tkjoIGoXUqwT3E%2FS696jbXWLNPbkiIGfYjlup2dkgHwrF7UPV5ndISyw%2B0Rveop6MmKrrUXB5oLEjG3RT1Edxc4R%2FQknt1FZPXT98pIz5pvCk2%2BEeMMI2xbhdJVTTpNsRqfv2M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7cb7c35239a19bb9-FRA
x-backend-server
aa-reachservice-group-europe-west1-0pxx
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305051745000/ Frame 8454 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5305e00f72123f81c8d7bf9016797c7c161b7d73a28cb4037425c93d5c50214
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 10:39:29 GMT
age
294090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61874
x-xss-protection
0
server
sffe
etag
"1f10ad03381c56f5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 May 2024 10:39:29 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 8454 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 10:39:29 GMT
age
294090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5227
x-xss-protection
0
server
sffe
etag
"c5726c99a9d8e9d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 May 2024 10:39:29 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 8454 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 10:39:29 GMT
age
294090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28894
x-xss-protection
0
server
sffe
etag
"e449c041a52d1404"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 May 2024 10:39:29 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 8454 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 10:39:29 GMT
age
294090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1910
x-xss-protection
0
server
sffe
etag
"40d60bfa9b2b96dd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 May 2024 10:39:29 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 8454 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 19 May 2023 10:39:29 GMT
age
294090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12944
x-xss-protection
0
server
sffe
etag
"8267429d1a59707e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 May 2024 10:39:29 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8454 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 22:44:13 GMT
x-content-type-options
nosniff
server
cafe
age
77806
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Mon, 22 May 2023 22:44:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8454 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:36:41 GMT
x-content-type-options
nosniff
server
cafe
age
35058
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 23 May 2023 10:36:41 GMT
truncated
/ Frame 8454 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f14815445e508750359beaa20732b2f3f2040f8ebcead3377b9a53b14605d4a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
14939315890854264930
tpc.googlesyndication.com/simgad/ Frame 8454 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14939315890854264930
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3798e16a1a56c520a45d74e7f3c71a1477948fee472f7fe0fbe6fafd217303a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 09:07:24 GMT
x-content-type-options
nosniff
age
299615
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72037
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 14:06:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 May 2024 09:07:24 GMT
l
www.google.com/ads/measurement/ Frame 8454 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQe77QVGwOJr5rrLO0cLCDH39YpsHCof7W-n0PNkJ4p9MouVdn2hbMLBac92rq1nGJ6dFfN5oCdLovy20SRjcTTpWXTpw
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 8454 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNTrAq85rZO7NH7Wv-ga7vb3oAqGq-O5v6v__roQRxYiyzZAOEAEg593gbmCV4pCCoAegAaGV8u0CyAEDqQIebJc78yCyPuACAKgDAcgDCKoE-AJP0Ji0_8imJGCfznyYGJa5jNIb2251zQbHYPkDlzOKIJ_EE1C0nJtLu_IaAQoobMdciSLXoeAf18uAJ_lhq2Q9R55SnA9tFH4JCuRd3dS9CRE_pi_qJuf3TxGloQVkG1x06DXnFCy8rBIy-IChDlV7k0c_E7j7fQwqZkw5Qbqj8OY12ZzBKpc2cLtUGYxAk5pjdp7C9Vk8Q-Kt8dpY35HI8fz4ynHFT2S0S0OSJ_DqNNfOU_wA_Zd3pLZdKOhRbnhdrNwaWAOr6iuDnWCeVqnTnydLqpQDzhUWsn61Ifq2JsjKcVA1MghkY48RuBlxu5TnbAC6-DzfpVQTR7RtqUS2kmjY4s3YJgWcXj82DGsbKdfNah5zRsOrHNFej29vbB2ab-lsNweA-A-3WxO4UGtUucdcKuDLajcpmD4vzPF_JPviaQTS7y4QHHQNdPjbTP_LO_gSdiT7pUrmkPm86uC88pg3xM5_rVE_eEpW3F5sKxDwurMeT8lVwATkuqPqtwTgBAGSBQQIBBgBkgUECAUYBKAGA4AHx-qNkgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCxogLSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01NTk3MDM2NDY4MjQxNzA4gAoDyAsB2BML0BUBmBYBgBcBshceChwIABIUcHViLTUyNTgxNjAzMzE0NDg4NTIYh65u&sigh=JnDLV1pZ_bE&uach_m=[UACH]&cid=CAQSPABygQiDLxdwPXOSIpoG89CstjZ_gk_TYz8DIkSx0t_fSUSM6QFR6_7-2al1iLJJ0qmVlJbxolOZPeNmhxgB
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8454
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H2
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

date
Mon, 22 May 2023 20:20:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rar
as.ad4m.at/ad/ Frame 73DC 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=76a958e8438986ea4c2fb98ffd04d2bc%2F1539789417791976244&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684786859869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kgcqqqa593qqzg7hasqm1btbbjvf2c1bhp7tm34bk2kava2dya8zw7wc6w9ybevj925cxn820npsyvqa2xy8bjfrmja0a2yhk5fj1za6ekcs7yq4yffrn9xdx8zd6v3cx47bpg3xy9xa9hsw1c98w64tgwz7bqk0mngd6b14yay418ba0bve5pc7sksbqarwmtxrzvm8jcv1r6v1gczvcgg076na3k4zjcsj0e28es2t448hfeccab4w9fh9zasb8204vdezrpmyfrexrhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%2526client%253Dca-pub-8731210765202237%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6759601d5e5e19a81ee2023cdac7fded05653ab1269de029d3707f1995380d06
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1j7krcjbpa2k15ya27v1ncnrhtj5nmw1htq9457gbd2wh9yt8c9e8s5k55wpmxkcbgj64txvqxy3xm2dwbh061tj9ctqq1t6xz8s6jqs89ptn7s4gwf16wdgmandqtbzr1ts2hr2qgxr6y6fry0k7nq0h61shq06208fqamgb4scn9b26b8vwxd0p6dhk6fknrct6p5tf9wq4kqrzragaddxgxz9m4apasdjahyc3drc6gzgb97ww8d66m51h0xfwbky4d822ggw78meznc22c2fhksje9qexmsg3w57y19zrr0grm9gj1ytb1gzj6hh3hg5hzqe2jypqddj74p6yp2k7vsgh7vhw1ygmegscb4wx99cem8b5ay98g0b3k4164dqmszj23x56f4p7cbxneg2jga3d440sfk7tqtxjfnft3vasacem&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cb7c35298982bfa-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 20:20:59 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 73DC 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=76a958e8438986ea4c2fb98ffd04d2bc%2F1539789417791976244&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684786859869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kgcqqqa593qqzg7hasqm1btbbjvf2c1bhp7tm34bk2kava2dya8zw7wc6w9ybevj925cxn820npsyvqa2xy8bjfrmja0a2yhk5fj1za6ekcs7yq4yffrn9xdx8zd6v3cx47bpg3xy9xa9hsw1c98w64tgwz7bqk0mngd6b14yay418ba0bve5pc7sksbqarwmtxrzvm8jcv1r6v1gczvcgg076na3k4zjcsj0e28es2t448hfeccab4w9fh9zasb8204vdezrpmyfrexrhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%2526client%253Dca-pub-8731210765202237%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=76a958e8438986ea4c2fb98ffd04d2bc%2F1539789417791976244&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684786859869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kgcqqqa593qqzg7hasqm1btbbjvf2c1bhp7tm34bk2kava2dya8zw7wc6w9ybevj925cxn820npsyvqa2xy8bjfrmja0a2yhk5fj1za6ekcs7yq4yffrn9xdx8zd6v3cx47bpg3xy9xa9hsw1c98w64tgwz7bqk0mngd6b14yay418ba0bve5pc7sksbqarwmtxrzvm8jcv1r6v1gczvcgg076na3k4zjcsj0e28es2t448hfeccab4w9fh9zasb8204vdezrpmyfrexrhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%2526client%253Dca-pub-8731210765202237%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
16901
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H64P6PlzfFkHq6NNoaAunoFzF8N3j6q0sOTGvIo5XZq%2B5iqTPdylDcrxt0qOHDO68FY8slxbzB%2Bgpu%2BTLLi9PKcxljOcupi84qiymBol0yOboLa3m%2F2k49kYOj8XPf92I5fAzqH%2FIwA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cb7c352d8f22bfa-FRA
expires
Mon, 22 May 2023 21:20:59 GMT
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 73DC 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=76a958e8438986ea4c2fb98ffd04d2bc%2F1539789417791976244&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684786859869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kgcqqqa593qqzg7hasqm1btbbjvf2c1bhp7tm34bk2kava2dya8zw7wc6w9ybevj925cxn820npsyvqa2xy8bjfrmja0a2yhk5fj1za6ekcs7yq4yffrn9xdx8zd6v3cx47bpg3xy9xa9hsw1c98w64tgwz7bqk0mngd6b14yay418ba0bve5pc7sksbqarwmtxrzvm8jcv1r6v1gczvcgg076na3k4zjcsj0e28es2t448hfeccab4w9fh9zasb8204vdezrpmyfrexrhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%2526client%253Dca-pub-8731210765202237%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
507536
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fGqQ%2FYIJHdnHjM4lAcOptNjZJ4FwShcAvFtGP0e%2BeUw3rHUgYO00N%2F9%2FkWdvUJV%2BlIReer60kE%2BdKAlt0iZauxDvpbIzyIEtlduDu39Sc9C6Sila1nuxr72UdrT3nQ0VecBcu%2FDIUK31OuQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb7c352ece11e6e-FRA
expires
Tue, 23 May 2023 20:21:00 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 73DC 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=76a958e8438986ea4c2fb98ffd04d2bc%2F1539789417791976244&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684786859869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kgcqqqa593qqzg7hasqm1btbbjvf2c1bhp7tm34bk2kava2dya8zw7wc6w9ybevj925cxn820npsyvqa2xy8bjfrmja0a2yhk5fj1za6ekcs7yq4yffrn9xdx8zd6v3cx47bpg3xy9xa9hsw1c98w64tgwz7bqk0mngd6b14yay418ba0bve5pc7sksbqarwmtxrzvm8jcv1r6v1gczvcgg076na3k4zjcsj0e28es2t448hfeccab4w9fh9zasb8204vdezrpmyfrexrhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%2526client%253Dca-pub-8731210765202237%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
843359
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226916
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vh%2BfJhJsBt5dx%2F7A5Oo4yxvAh6qMI4jVVb2wRMq6Qq3W5BAyRZP553a59OZUEAZVo6Z7BjC2nYvamw3BnAHi%2FbrjxAP58miR8dy5KGzxqN5Ufh6fcd89nhdPdlPAQoF%2BhJixlCPBx6aOOId8"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb7c352ecdf1e6e-FRA
expires
Tue, 23 May 2023 20:20:59 GMT
ztpv.php
www.conrad.de/ Frame 73DC
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1684786860_2aafdcf2-f8de-11ed-afd4-223664211a24&insert=AW&&gdpr=0&gdpr_consent=
0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1684786860_2aafdcf2-f8de-11ed-afd4-223664211a24&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=76a958e8438986ea4c2fb98ffd04d2bc%2F1539789417791976244&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684786859869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kgcqqqa593qqzg7hasqm1btbbjvf2c1bhp7tm34bk2kava2dya8zw7wc6w9ybevj925cxn820npsyvqa2xy8bjfrmja0a2yhk5fj1za6ekcs7yq4yffrn9xdx8zd6v3cx47bpg3xy9xa9hsw1c98w64tgwz7bqk0mngd6b14yay418ba0bve5pc7sksbqarwmtxrzvm8jcv1r6v1gczvcgg076na3k4zjcsj0e28es2t448hfeccab4w9fh9zasb8204vdezrpmyfrexrhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%2526client%253Dca-pub-8731210765202237%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:00 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
cache-control
no-cache
cf-ray
7cb7c353fc4c3a72-FRA
content-length
0
expires
-1

Redirect headers

Date
Mon, 22 May 2023 20:21:00 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1684786860_2aafdcf2-f8de-11ed-afd4-223664211a24&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 73DC 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=76a958e8438986ea4c2fb98ffd04d2bc%2F1539789417791976244&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684786859869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kgcqqqa593qqzg7hasqm1btbbjvf2c1bhp7tm34bk2kava2dya8zw7wc6w9ybevj925cxn820npsyvqa2xy8bjfrmja0a2yhk5fj1za6ekcs7yq4yffrn9xdx8zd6v3cx47bpg3xy9xa9hsw1c98w64tgwz7bqk0mngd6b14yay418ba0bve5pc7sksbqarwmtxrzvm8jcv1r6v1gczvcgg076na3k4zjcsj0e28es2t448hfeccab4w9fh9zasb8204vdezrpmyfrexrhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%2526client%253Dca-pub-8731210765202237%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1815561
cf-polished
origSize=115129, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75430
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M45bOvekcuH7ue%2BAwJ1TDOljJ%2BYKTXz6ykTzZXI1XrhM6Ym8s6w7BD61gYv7Oy0nNCLGGXPmVK1GxvH74xDBLSkVJZPoyL7VH7Jz7VYzbPc86xYJ25%2FddprV3KYq%2BKWp7cQwDLf24yG0HAPf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb7c352ece01e6e-FRA
expires
Tue, 23 May 2023 20:20:59 GMT
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 73DC 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=76a958e8438986ea4c2fb98ffd04d2bc%2F1539789417791976244&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684786859869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kgcqqqa593qqzg7hasqm1btbbjvf2c1bhp7tm34bk2kava2dya8zw7wc6w9ybevj925cxn820npsyvqa2xy8bjfrmja0a2yhk5fj1za6ekcs7yq4yffrn9xdx8zd6v3cx47bpg3xy9xa9hsw1c98w64tgwz7bqk0mngd6b14yay418ba0bve5pc7sksbqarwmtxrzvm8jcv1r6v1gczvcgg076na3k4zjcsj0e28es2t448hfeccab4w9fh9zasb8204vdezrpmyfrexrhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%2526client%253Dca-pub-8731210765202237%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e031ee2b6307161e852ef731954de0f13930fb0c43596f11ce825aa6a0019a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:20:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2261016
cf-polished
degrade=85, origSize=132437, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31747
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3zxHzw30b%2FcWBHlt0UzJa6Rs4PEo8aEPKVbDNCj3ZBoQwcXS0JzpK%2BbyX1zNh19tYscG8uveovdC4zLssmrkQ5zWONynqrIM4C0eiJ76eTDPOzLFiMuprctSho%2BW0Fjw9Pp78jCflXXO%2FRJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb7c352ecde1e6e-FRA
expires
Tue, 23 May 2023 20:20:59 GMT
/
partner.o2online.de/a/ Frame 73DC
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLClwZLgif8CFVbjEQgdGW8Low;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023052222210085182864465X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023052222210085182864465X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023052222210085182864465X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=76a958e8438986ea4c2fb98ffd04d2bc%2F1539789417791976244&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684786859869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kgcqqqa593qqzg7hasqm1btbbjvf2c1bhp7tm34bk2kava2dya8zw7wc6w9ybevj925cxn820npsyvqa2xy8bjfrmja0a2yhk5fj1za6ekcs7yq4yffrn9xdx8zd6v3cx47bpg3xy9xa9hsw1c98w64tgwz7bqk0mngd6b14yay418ba0bve5pc7sksbqarwmtxrzvm8jcv1r6v1gczvcgg076na3k4zjcsj0e28es2t448hfeccab4w9fh9zasb8204vdezrpmyfrexrhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%2526client%253Dca-pub-8731210765202237%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:21:00 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023052222210085182864465X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023052222210085182864465X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date
Mon, 22 May 2023 20:21:00 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 73DC 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=76a958e8438986ea4c2fb98ffd04d2bc%2F1539789417791976244&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684786859869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kgcqqqa593qqzg7hasqm1btbbjvf2c1bhp7tm34bk2kava2dya8zw7wc6w9ybevj925cxn820npsyvqa2xy8bjfrmja0a2yhk5fj1za6ekcs7yq4yffrn9xdx8zd6v3cx47bpg3xy9xa9hsw1c98w64tgwz7bqk0mngd6b14yay418ba0bve5pc7sksbqarwmtxrzvm8jcv1r6v1gczvcgg076na3k4zjcsj0e28es2t448hfeccab4w9fh9zasb8204vdezrpmyfrexrhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%2526client%253Dca-pub-8731210765202237%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
789443
cf-polished
origSize=24833, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13494
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7qHCPJ6iXwPdOFUsws0vrlCGg123HI41AYNITi4k6c45M%2BOrg3B5GwdIJOYh7hGJpQ45NvvcN%2FxVAwlHyf4dvdRaL7jH5R7asK4UZ4kiDQeSIBObFYpHzrNHbusfTS3VpPwm2Ne7Q2qI%2Fas"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb7c352ece51e6e-FRA
expires
Tue, 23 May 2023 20:20:59 GMT
4203BD8B6DFC28122A57CD0F74F9CECD38E430D5675BBE6AD8D38A36BACBF4464C414E9D6B7C9D424BC78DD3AF8507AB207AAFC56090D4E89249C87620F96EE7
assets.ad4m.at/ Frame 73DC 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/4203BD8B6DFC28122A57CD0F74F9CECD38E430D5675BBE6AD8D38A36BACBF4464C414E9D6B7C9D424BC78DD3AF8507AB207AAFC56090D4E89249C87620F96EE7
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=76a958e8438986ea4c2fb98ffd04d2bc%2F1539789417791976244&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684786859869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kgcqqqa593qqzg7hasqm1btbbjvf2c1bhp7tm34bk2kava2dya8zw7wc6w9ybevj925cxn820npsyvqa2xy8bjfrmja0a2yhk5fj1za6ekcs7yq4yffrn9xdx8zd6v3cx47bpg3xy9xa9hsw1c98w64tgwz7bqk0mngd6b14yay418ba0bve5pc7sksbqarwmtxrzvm8jcv1r6v1gczvcgg076na3k4zjcsj0e28es2t448hfeccab4w9fh9zasb8204vdezrpmyfrexrhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%2526client%253Dca-pub-8731210765202237%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b7e05564f91fc8ac5e933d73eb80f92bc95037220fe493bd7d617bf24d4aa00

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626448
cf-polished
qual=85, origFmt=jpeg, origSize=42379
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12442
cf-bgj
imgq:85,h2pri
last-modified
Fri, 14 Apr 2023 14:20:26 GMT
server
cloudflare
etag
"d065bd00faf2a542b1b900322391648c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F04msss%2B2gAat6xCgpuQIVkoI9KuGWyoFxlpRrL63RFtsEWbmsV%2B%2F59QY77%2Fd7yb6eK%2BHj1jTe%2F4Ty1SBv2r1cHiTtI79kHv3GiQq2jfCXYPiXwWIq05gAuwGVPZ3u2CRtrAXx903MkLIz7O"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb7c352ece31e6e-FRA
expires
Tue, 23 May 2023 20:20:59 GMT
/
partner.blau.de/a/ Frame 73DC
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CPOmwZLgif8CFbnTEQgd2R8GrA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023052222210085182864467X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023052222210085182864467X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=76a958e8438986ea4c2fb98ffd04d2bc%2F1539789417791976244&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684786859869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kgcqqqa593qqzg7hasqm1btbbjvf2c1bhp7tm34bk2kava2dya8zw7wc6w9ybevj925cxn820npsyvqa2xy8bjfrmja0a2yhk5fj1za6ekcs7yq4yffrn9xdx8zd6v3cx47bpg3xy9xa9hsw1c98w64tgwz7bqk0mngd6b14yay418ba0bve5pc7sksbqarwmtxrzvm8jcv1r6v1gczvcgg076na3k4zjcsj0e28es2t448hfeccab4w9fh9zasb8204vdezrpmyfrexrhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%2526client%253Dca-pub-8731210765202237%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:21:00 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023052222210085182864467X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date
Mon, 22 May 2023 20:21:00 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
jxpublisher_3_1.min.js
scripts.jixie.media/ 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.media/jxpublisher_3_1.min.js
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/onescript/GM180iIHc4/jx-GM31180lY1Ap.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.91.74.185 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
9eea639fd87c2c58693da4caa5ea41b721993882d2d15b305b9f747a7072eb90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

nginx-hit
1
date
Mon, 22 May 2023 20:21:00 GMT
x-amz-version-id
yx9gTw7U6T88aBNB24M9QyeeDke5kkD0
via
LA-MEX-queretaro-EDGE1-CACHE3[1],LA-MEX-queretaro-EDGE1-CACHE6[0,TCP_HIT,0],LA-MEX-mexicocity-GLOBAL1-CACHE27[973],LA-MEX-mexicocity-GLOBAL1-CACHE30[240,TCP_MISS,971],EA-SGP-GLOBAL1-CACHE6[2],EA-SGP-GLOBAL1-CACHE29[0,TCP_HIT,1]
x-ccdn-cachettl
2592000
content-encoding
gzip
x-amz-request-id
AFK0DEKHTV7APJMC
age
1625241
x-amz-server-side-encryption
AES256
x-amz-id-2
OiYSkQkRzaaSWE/eT/mLCeSrC+fhcsyKzSkeAJuLhkOzmetJqsv/rOhR/rB3ipn8BrNx8O56xw4=
last-modified
Thu, 04 May 2023 00:53:34 GMT
server
openresty
etag
W/"76f900a4000e1eb0d1cef691b4c46d0b"
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
x-ccdn-expires
1122826
x-hcs-proxy-type
1
hbpost
hb.jixie.io/v2/ 		62 B
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.jixie.io/v2/hbpost
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
110.238.107.108 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-110-238-107-108.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash
f60951ba9632518d04d52f648a4ba56dc54249cb2a095b3e8ea0305f0a3b7f55

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:00 GMT
Content-Encoding
gzip
Server
elb
X-Powered-By
Express
ETag
W/"3e-aHeuMrzr82FwAwLKX9PsUY0AA0M"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
-1
like.php
www.facebook.com/v2.5/plugins/ Frame 9F59
Redirect Chain
  • https://web.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaad977c4fe604%26do...
  • https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaad977c4fe604%26do...
36 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaad977c4fe604%26domain%3Dwww.gmanetwork.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2f5bb75d704718%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720&_rdc=1&_rdr
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=62f923111e60526327296b3e8e70a4e2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c53711e5457b35d6dbe17c261c14b6e905f62c66fda46fe39b8b9339051d87fd
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Mon, 22 May 2023 20:21:00 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v10.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
rZjI9XT3Y8XyUT0SrcZypnU8nfcfiN38MjPMJgZeyn6E0NzT/d9JVZKcEqtgRNHCVEr7Q6eP7P/a5c+rz68VDQ==
x-fb-rlafr
0
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Mon, 22 May 2023 20:21:00 GMT
location
https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaad977c4fe604%26domain%3Dwww.gmanetwork.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2f5bb75d704718%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720&_rdc=1&_rdr
origin-agent-cluster
?0
strict-transport-security
max-age=15552000; preload
x-fb-debug
sqy2+j156nAUQcKJ4boFCalzrmtxcZ7jvGXEDQQz/URSBO3ruXnFb7YlFQ3qoE4+qf4BQXEMmCZ2XbRwYbrJdA==
x-fb-zr-redirect
02|1684873260|
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305160101&st=env
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfce1c6391bb27b316ac8ddec83525caf9cb50566c1fc11bb3e84aa64e225b39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11343
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 20:21:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DE9B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
16501
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 15:45:59 GMT
expires
Tue, 21 May 2024 15:45:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 23CF 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
731a0bda60b0bd5669d40acfdd3b44d969fdb8a1a0d2cbf489dfb4f8f4e1d0f7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yqA0KWbKAsE03z8jp6fNGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-yqA0KWbKAsE03z8jp6fNGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 20:21:00 GMT
expires
Mon, 22 May 2023 20:21:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame DE9B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 13:43:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
23822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 13:43:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 23CF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305160101&jk=1346727912234372&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame DE9B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?QcWVxA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 9F59 		299 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaad977c4fe604%26domain%3Dwww.gmanetwork.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2f5bb75d704718%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:00 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-rlafr
0
x-fb-debug
O7sydag5GaGdirf4tlsWXJi3nPvZcj89N/kBza+l21KEqVJRhCGKEZu8Hl8Wkz2igp7U0AWj+qDfEHi8MlJMtg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=()
timing-allow-origin
*
expires
Fri, 10 May 2024 01:46:11 GMT
479w8itI3Zl.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yG/l/en_US/ Frame 9F59 		514 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yG/l/en_US/479w8itI3Zl.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaad977c4fe604%26domain%3Dwww.gmanetwork.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2f5bb75d704718%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
76953f07f1401ff86b5b3467738b53fea6c0dcfb7b96892f1f96c814855e6199
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
a7c8syEZDhjPSc9EulfR2g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
135820
x-fb-rlafr
0
x-fb-debug
mk0abB3GIuxZubTTRde9OyT7N8VuLblzJPvDir9LQOUp/gI8ot8t4q4BjVzrWzQOhVBCEeB+eNZC2o0HOHulQQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 19 May 2024 00:05:10 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 15CB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuk4s4TtxW-Z4LwhDOLNDW5bZRbo4-VXBk_r7cqCw5OvZlVfrZPPW1vvCqMp-xmfBYxs6TcpuEQAziCjpynGneWp6tMf3G1tfBYrifCaDcDTiw-tWgX831ye-OHfS6yek4063mz0CV_ppZuA1EQ8ToPlu0QRFfuft4Z8aaiUzCot7YmWANuh7DRvs0P35Ax8E7O_IMspakZJYhWcwrIJnKIYl0RCOsST0S60kQO1fFv3H8B2rYXkf3p3HHziL9XG1qMlxC7GnXtup6WsL9ta-oHLqMMcYRYrjMh2XKrz9E3D_zkji17P4VWnsEqZ1bI7Bqyy9L47pS3TPD4jq7Q_cFMSqGaP1yHaslOQ2Ur57jftGUbStFNfQzLDkwxKvghvxxeM9MdkDKaRiXBiHkf4BO7TdvIal5GkepOFpt8FqygLZFUJ76Jp6A1E0jHJDsXFLEOSEBMMQjeDvMu3YAdhSjGpEqhNwrDSPMIJf3MR8Dm7Vt9gbspAz76RObg8w9_MSg7hKCnOdkF-UAC7CMw6TNwIgu-IaeybVW2URa3Yx2s35a3iqloodrwb43hJKHfM-OGIGx8_PmhbBI6vRKM2EpuEiW35YyfkBNy-s5b4QAI_V82NgHWKcp5kJlXSdN2Zzvx_RIXr0XvBhQmktt6JmOGo38slhcnvz2BljZ8qC9XauBDXXezXpsb4k-bD42LXIlaNuA7np938Lp0eO2xCK56IcUK8yXxFtbnzDn4e6qiLGWp814D9Izi_9T2AXSjV-a09v8vy1IFGJqVt4CQxt3rtBAPVLyjSP1B5ZqneeJn0zr0C1HGdWrtqHRSUFE4EpJ3fd-ImtO05sgjeKgDZUIAEQPqaRIbfRybu4bf9U_K8J05d1t6kuFXpXfizUbJbmt1KUYoMcQZC-NpPEzgd6cgMg13K1rlLs4YA_3dB_Bj_SFIYMS3Mv5FaZwlfcwBYjdwtv5J-aUJnqqiayKcBHLo_b0IL6EnSbjgtgtar-dyfFK6SiLIqpTUp229C0UoR-d5oesECZGgJWl4kIXxvuHTJ5u_KAWTD_9HQmZUmakC4QntwxmYH259CN6jRN1hG6HMtn9DTXNU3yv60repzQzLywCrVcPP21dKAV4jGTpANc3IrsZGq6T9RHYW0vFojEx3cD1F9qhSY1TAUE-dsGBZII_wZOH0slg1-o7WCnzik9KgnNYTyjyy7oF1MHFmIgAzUZzm7Hoh0P-0xXFwKSTVHBNj4BZV6fvuJ5I4TpnhpB802C7IHjZBfBMB8Q4Q4zQ0Kn98uGfQUcoUGi0JpwI3-pRszJEiu2BiB5Q7DhleLog3IQ&sai=AMfl-YRdR18EEjriU8tk2qltZDoJb-dyEQlxhul-cbdOZAp2F4Wm2q5A32wUjXEzW79OQWIHOAml_w87aeGqErEglWB20frBPxiq8gmJjGfShfEtLXPDVkouMQBRqzrSfyGjy1_AFfGDZnVL&sig=Cg0ArKJSzIiouBDeSvksEAE&cid=CAQSOwBygQiDSy9kHmo2RO-487dkvINoaYYlxW_ShchVk4IaQj1N1m7JI5OO_P6pY43SII08mmjMy3rRczELGAE&id=ampim&o=288,182&d=735,90&ss=1600,1200&bs=1600,1200&mcvt=1004&mtos=0,0,1004,1004,1004&tos=0,0,1004,0,0&tfs=252&tls=1256&g=100&h=100&tt=1257&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C44C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_c_WsMdor47caJFghw-8k0syhaUFWInb8wgvMNBXc0SLcKtgtKgC9qT0ihShNUPdsBdot1r2SiDAGOgiU_1sMpzUx&sig=Cg0ArKJSzFdwzVOQppYgEAE&id=lidar2&mcvt=1001&p=185,1057,435,1357&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1323550853&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684786859567&rpt=180&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gmanetwork.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346727912234372&correlator=1528283194008097&eid=31074171%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fifs&iu_parts=21751243814%3A344684475%2C179580-728-90-11&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=11&adks=2151697657&didk=1483248443&sfv=1-0-40&ris=2&rcs=1&prev_scp=prebidtrue%3D0%26refresh1%3D0&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&sc=1&cookie=ID%3Dae4339fd1a8e2bb2%3AT%3D1684786858%3AS%3DALNI_MYWVV2eWGPukJpGO-KAdra9cPb77A&gpic=UID%3D00000c1a0f056c2a%3AT%3D1684786858%3ART%3D1684786858%3AS%3DALNI_MZSS7SIszxinLBjmAYzXmOIwa1eHA&abxe=1&dt=1684786860939&lmt=1684786860&dlt=1684786856847&idt=924&adxs=288&adys=182&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&frm=20&vis=1&psz=754x90&msz=728x90&fws=0&ohw=0&ga_vid=1519667749.1684786858&ga_sid=1684786858&ga_hid=502622445&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtI_9qIQxSABSAghkEhkKCnB1YmNpZC5vcmcYoJD9qIQxSABSAghqEoICCghydGJob3VzZRLsAUV4TGoyamZPZk5GcHJhQytjYU8rcitpQklMN3ZGQ0szSDdSUEhQTGJ0cGhBbkY2RFdXai9VYVBWcThjQU9pNEF1TlNQMkhnVXBEMzRrc1JhTTN4MWJ4aXd4SFBMNFFWQktLbnlFTzBmM0xkcWthSVU3akUyUEpYOFYrd1Y0NjlkMEMwZ3NHc2FoQXJudi9rVUZkNDJmaVE3aXlqRFFzTDZNNWNEenZ1c2xVM251TUZQZEE3WEVVMFlMRUF0QmZIZmxRbkwycFU3cllaZnYyeGh2TlNNZWc2YzRXSU95NkI5eGg5cG1HWHRTbjg9GKCS_aiEMUgAEh0KDmVzcC5jcml0ZW8uY29tGLSP_aiEMUgAUgIIZBIZCgp1aWRhcGkuY29tGLSP_aiEMUgAUgIIZBIUCgVvcGVueBi0j_2ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNCR_aiEMUgAUgIIag..
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78fbb9ab53783f6ffdd69e35693fcfdc59009e690feba17c93a07aa6d4d6e705
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22961
x-xss-protection
0
google-lineitem-id
5786708352
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138363327485
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346727912234372&correlator=3809558370276692&eid=31074171%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fifs&iu_parts=21751243814%3A344684475%2C179580-300-250-16&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=12&adks=1323550853&didk=1585714558&sfv=1-0-40&ris=2&rcs=1&prev_scp=prebidtrue%3D0%26refresh1%3D0%26hb_format_rubicon%3Damp%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.00%26hb_adid_rubicon%3D7156fd18534f39c%26hb_bidder_rubicon%3Drubicon%26hb_size%3D300x250%26hb_format%3Damp%26hb_pb%3D0.00%26rtb_pb%3D0.00%26hb_adid%3D7156fd18534f39c%26hb_bidder%3Drubicon&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&sc=1&cookie=ID%3Dae4339fd1a8e2bb2%3AT%3D1684786858%3AS%3DALNI_MYWVV2eWGPukJpGO-KAdra9cPb77A&gpic=UID%3D00000c1a0f056c2a%3AT%3D1684786858%3ART%3D1684786858%3AS%3DALNI_MZSS7SIszxinLBjmAYzXmOIwa1eHA&abxe=1&dt=1684786860952&lmt=1684786860&dlt=1684786856847&idt=924&adxs=1057&adys=185&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=349&ga_vid=1519667749.1684786858&ga_sid=1684786858&ga_hid=502622445&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtI_9qIQxSABSAghkEhkKCnB1YmNpZC5vcmcYoJD9qIQxSABSAghqEoICCghydGJob3VzZRLsAUV4TGoyamZPZk5GcHJhQytjYU8rcitpQklMN3ZGQ0szSDdSUEhQTGJ0cGhBbkY2RFdXai9VYVBWcThjQU9pNEF1TlNQMkhnVXBEMzRrc1JhTTN4MWJ4aXd4SFBMNFFWQktLbnlFTzBmM0xkcWthSVU3akUyUEpYOFYrd1Y0NjlkMEMwZ3NHc2FoQXJudi9rVUZkNDJmaVE3aXlqRFFzTDZNNWNEenZ1c2xVM251TUZQZEE3WEVVMFlMRUF0QmZIZmxRbkwycFU3cllaZnYyeGh2TlNNZWc2YzRXSU95NkI5eGg5cG1HWHRTbjg9GKCS_aiEMUgAEh0KDmVzcC5jcml0ZW8uY29tGLSP_aiEMUgAUgIIZBIZCgp1aWRhcGkuY29tGLSP_aiEMUgAUgIIZBIUCgVvcGVueBi0j_2ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNCR_aiEMUgAUgIIag..
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
975142aa3fc6729557cc28f47ccf1923d976ca6ad97f525234ac8bf696838d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22456
x-xss-protection
0
google-lineitem-id
5786708352
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138363327503
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8454 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsui9_D1otwj2OkoDiW35NKwiYXli17He5KA0MMSCJBDNOK3Hg0Fgvvc-7TNVN1Zgrb-x29SPNC-5hGBpr_18YRRIk4q5Ue_qDm9ef-SiDW3ydnzpcx4DkKOUkr9dOYMg9pHRUKo3A&sai=AMfl-YQ3hDoEYnhlR6KyOIb1A2_2aPMAdRRzzX80pJ3eP3fFwLrp2zhOcF_2_yVQO81kdUGV_OlQsRtpvkNZ5W_ui9uFsQTMTijvTcu0zkvwxvJnLZBq_Vx8Ju5fyZ8C&sig=Cg0ArKJSzFg7082ujw7mEAE&cid=CAQSPABygQiDLxdwPXOSIpoG89CstjZ_gk_TYz8DIkSx0t_fSUSM6QFR6_7-2al1iLJJ0qmVlJbxolOZPeNmhxgB&id=ampim&o=710,672&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1006&mtos=0,0,1006,1006,1006&tos=0,0,1006,0,0&tfs=94&tls=1100&g=100&h=100&tt=1100&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305160101&jk=1346727912234372&bg=!BQalBlLNAAZ8_aWmXP07ADkAdvg8WmPkh9eh522Ht0KiFEtK8VCmuhfRhdOn8yKsMtN306eA6U3YQgVg_r_62NwheK74wEat9EcCAAAAWlIAAAAIaAEHCgCb1kXIBz9Xx0GQDBApzmh0ejT3sDueeiZx6s20UzwoU37X2EZm80wLrXKBjyxgcy0yq8ZJeeFw70-mSB4eQuB-bwEN3GiiVUL7XBcAsLs12HKji_o5c-CFTAr7gSk9oWlkjnoG5iZvad_TVhHqrb67-QcTRb2yOtj33H65lkk1HDr4ikupLRWDAYQBVIS7-q0MBSYiSRWextX6xhGZAqY9y4iv4BkXUvEh6lS-Cp56gfCtVw0NQg1dIayVeKd7H9zr1LpjMJk9FI_1qcfr9b9hDgX4lAnuxunkr432EDW8tzxIYn2fEMBFB5zVdQKXYNCgP_3eomYbuLzlIyqxK6cC8hEFgBlMLRDrSWy4IvsEuPI8mhp9qiar4Cixw7fY-dvCj1euiEs_dJKvUOQKTCTppaqJbx_LaSXFuy265YdtT5taQH635QSolfbytC_TuCWebzAEQOzpN8CkxGfERFng5UDuY7KgiU4tVRVLD2alMIMiOsNg_OAXEHA-tfemdWs7v0Vndr_LSwojEH0IOQVPqAFM6-eYeQyyIU7o22ytOl9yrVT1DtUIWEYs2TfuIL3r_C01oB38JfHYV6awx7cEFSP9XLx-0D3sM-IA960JSyYlmkyC4epKezHCdv5EaPFeXrJUyZdrSFjgL5O4XUg9Xv4HqlZCm6pL9roHtidtKIEWxXaE_VFteSMqZhpTDWerGku25e2y8czbFiMPuU8NYCwKwqgOJkxm00FCLUF0w86Gqsvt6cG7AygZCQgvqy7p0GT4uM1eUez7j74QRcNM_RriJo2z0EPQNKCtje18Zmb9Z_24Fy4XakbJnTCBpM5dGN3MLKblMKI5liErjfAKkMlwNdDq8-6UQaaMfMVr2n0XIaBw8aR_cKpfBseP8zRKrgEYhW5RLoFO_4cNnbseKAsPsN0-dmeEQSnXsON4DboWbEqEPCTH12HG96Gsazov7UlXZwh7bF6p1-lAaAAJAiwamXh_BPLfaNzS3Z2HOK5-RsZkzq0Tw1W9csgvcd6MBgGngzGScbmFaK3kX86p7Emi0eTsqPsfstV8_6G0V19ZbF6sb8rvFmpvKkKTWZxzSUcunjdj9hdjQHOKWRDAkQirjUE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gmanetwork.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346727912234372&correlator=3973540190861991&eid=31074171%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fifs&iu_parts=21751243814%3A344684475%2C179580-300-250-17&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=13&adks=576703028&didk=1585714559&sfv=1-0-40&ris=2&rcs=1&prev_scp=prebidtrue%3D0%26refresh1%3D0%26hb_format_rubicon%3Damp%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.00%26hb_adid_rubicon%3D10794dd6ff2ee41f%26hb_bidder_rubicon%3Drubicon%26hb_size%3D300x250%26hb_format%3Damp%26hb_pb%3D0.00%26rtb_pb%3D0.00%26hb_adid%3D10794dd6ff2ee41f%26hb_bidder%3Drubicon&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&sc=1&cookie=ID%3Dae4339fd1a8e2bb2%3AT%3D1684786858%3AS%3DALNI_MYWVV2eWGPukJpGO-KAdra9cPb77A&gpic=UID%3D00000c1a0f056c2a%3AT%3D1684786858%3ART%3D1684786858%3AS%3DALNI_MZSS7SIszxinLBjmAYzXmOIwa1eHA&abxe=1&dt=1684786861102&lmt=1684786861&dlt=1684786856847&idt=924&adxs=710&adys=672&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&frm=20&vis=1&psz=300x250&msz=300x250&fws=0&ohw=0&ga_vid=1519667749.1684786858&ga_sid=1684786858&ga_hid=502622445&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtI_9qIQxSABSAghkEhkKCnB1YmNpZC5vcmcYoJD9qIQxSABSAghqEoICCghydGJob3VzZRLsAUV4TGoyamZPZk5GcHJhQytjYU8rcitpQklMN3ZGQ0szSDdSUEhQTGJ0cGhBbkY2RFdXai9VYVBWcThjQU9pNEF1TlNQMkhnVXBEMzRrc1JhTTN4MWJ4aXd4SFBMNFFWQktLbnlFTzBmM0xkcWthSVU3akUyUEpYOFYrd1Y0NjlkMEMwZ3NHc2FoQXJudi9rVUZkNDJmaVE3aXlqRFFzTDZNNWNEenZ1c2xVM251TUZQZEE3WEVVMFlMRUF0QmZIZmxRbkwycFU3cllaZnYyeGh2TlNNZWc2YzRXSU95NkI5eGg5cG1HWHRTbjg9GKCS_aiEMUgAEh0KDmVzcC5jcml0ZW8uY29tGLSP_aiEMUgAUgIIZBIZCgp1aWRhcGkuY29tGLSP_aiEMUgAUgIIZBIUCgVvcGVueBi0j_2ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNCR_aiEMUgAUgIIag..
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
442a96a2c8589d5a3df3683032bde591358fdb809e6e87208ba17ab34d5b60f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22195
x-xss-protection
0
google-lineitem-id
5786708352
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138363327503
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4876 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvh563iF2ZavPxDG1IXMqethOltkCweyDfotU382qT4f6uyOU2SXWknt5w08r9Nkcgbh1SkOHavRvJ9DNV61RK6lgmkLqUiF-_ASp1EROxLL7GyOGmZMwDUUrMH2xePFwnm6eAjIoV7WBT99DaBi4gUTzD1kmOKv6Y4aLLNk9zjK6zfG469nrFavF-5ZzC58eMazB-FLpFNyb5JIMLExv2b14H6s8J5WtwG0Sd7-5hdhb53Hcx0Zz8SzWVn3ddgJGhLp-Lko3-TvaMmoCijuAEn0NeWXOoWMMyCuQFS4KXkV0b06H3Jpy9ZCkPSbEWD6k3n1kZsu64u5_ryfJU&sai=AMfl-YQ4P95Y2NOhLqvhQPP4UwxKmj6aYq5fRdMhxpL7waukJzsKcZAo0t0z3cQTtUlme8u-ve0YNbNReaCJLOLDVsD5UWoqztncNThExgE7cjIMC_1-Bz09rf53t1KKiRw&sig=Cg0ArKJSzN8kEMrn2rUFEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 4876 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:56:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
80678
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 21:56:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 4876 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:58:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
80532
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 21:58:49 GMT
l
www.google.com/ads/measurement/ Frame 4876 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUzEmbb6O6JVpgnRMWFp1Xn4AinXHzFid_mT3MnDhE5kxLRL_KjCUmXM4idup0TfVsRV-bUGbaPIBccnQ1F2gnN6Dyrw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4876 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 20:21:01 GMT
18150714126883370403
tpc.googlesyndication.com/simgad/ Frame 4876 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18150714126883370403
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ffd7a1a980c9042363af0f2ace2cd50ad742e62f5357e4b57da1606e57e85a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 10:01:08 GMT
x-content-type-options
nosniff
age
209993
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41558
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:55:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 May 2024 10:01:08 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C44C 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2D85 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulUCppIMf2aMgx-Qfn_FmveZ82HSSRQnc9GWjc7Gl-QV4WlmYh1mxGfewdbwg0Alqh8vXirl28ucf3b7eHJwPof3U88jEBxJzqn3suMy2yDfdSuMjAvId6YoWKujUqPa1MC-prbdLzPbC7PF5glweQZNJ2KcgyX3Ps16EVEW_jew4VWaSwA8Yk6pmniHUCx-dPNG4_79VZtQbsq-paTWJaScksXCf-f63fZ8U3TL8PlYIMSjqP0xNtbqCy46EzBXGoEoWFQDqWPv2Ji1iSyeKcEfmcAdokhDGuM2gaWbgHCi3NW2Wek1tDfZ5e3fSgkKdpTz1FS-AQvBUBJOjB&sai=AMfl-YQffU0f6IPLmVZOnBFBUQAEXvHSbM7GSWmYguHXiUYaELUoomCNhMWHxGUrxqpkHAulcvkWizZK_qOZKzbNGls7crschh57BDmzaNqtOcEs7NBVeYD6-KhNHJ9wIFk&sig=Cg0ArKJSzIHw2PCbAhB7EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 2D85 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:56:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
80678
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 21:56:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 2D85 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:58:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
80532
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 21:58:49 GMT
l
www.google.com/ads/measurement/ Frame 2D85 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2AwZKVV7GKEBl69Zb4WL_jFxa4zAH2w2KPDjvX786apKwgDw_IBEwFDkLzDCE878B3z8kTQ9kNTPWTo3_w4NCCLULaA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D85 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 20:21:01 GMT
2733177347293647796
tpc.googlesyndication.com/simgad/ Frame 2D85 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2733177347293647796
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
745a0cfd6511ebe10755631eba8e109555c7cbd60f3acc939575640ddd1f20d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 22:35:04 GMT
x-content-type-options
nosniff
age
164757
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32293
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:52:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 May 2024 22:35:04 GMT
truncated
/ Frame 4876 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5c36e70496091a557a991de32741b9fc1fc883a97f62f848243a1779af9347a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 4876 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQv7T9rtppQYVGownUGFYwI3H--hRYpyDuk_QWT4v3va_udL6gF5gmvaMhohhfXjhpq6kWz8XLaxYI8ae2KXDJobDzh9IzNuheW--a8j0E-DgBIUvOIhDCgUh1QlZhmioqmyo4CQR-2Z56If0epQHSnT1rn2OiPmYQcyDpfr1aGaDPcGm9uvK1GiV3IZZnr2M2kEVwEBU1312y6WSkSNZGpjjieIXqRHLLrwEpSP8UEeBjbS2LiNl3dntuJD8rZcVn5iZBpIA6AZlLUWKmknbkcv2A27EdU7JpNLQ2B6mCK7_BWIth-UYYYrwaFEEEwLrzgN-wuinIrR1Xqq88Gg&sai=AMfl-YREc7_ZBQcX84uUdSaOsWjWhrC6TOp464Qu553lPSAHMr7CJCq7fHaKdMRG91rztidrZs7w6Ntkb5W2LpK2Z-1ajuYavAlJdhHPMUmaEv-xFjxZWku0odbcQjsEVlY&sig=Cg0ArKJSzDeNY1EnX9NoEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 20:21:01 GMT
truncated
/ Frame 2D85 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be5f6fd8b50af270bb595d34bd5850633d25ef4353645c297864aa7bd3133330

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
index.html
ws.sharethis.com/secure/ Frame 7E9E 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure/index.html
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:3e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e6532a8b6dd0e714f80f56ceb0958a345d537a0b34838125f5b7e3f6552907ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
43195
content-encoding
gzip
content-length
2089
content-type
text/html
date
Mon, 22 May 2023 08:21:06 GMT
etag
W/"64484eb7-1ade"
last-modified
Tue, 25 Apr 2023 22:05:43 GMT
server
nginx/1.20.1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-id
XTSh4LAK9ttm_W02zwUSFwCvX2W_01f6BkRjlr5qPLqM-3vTHxN4JA==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
x-robots-tag
noindex, nofollow
view
securepubads.g.doubleclick.net/pcs/ Frame 2D85 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsse6eVsGIKdZaYyhpuCqPGrX0pXRcwkjSDhKGoHKBHGHIlG9krF4qTHQX-lv6kAICDLKeqXvCJU4QokxZFp5ASdVJX74NIVsAMUGxvh_BAHIWXkCe43ndEVlcMMluSwfm3SI8qWUVHDlmDyI3IOq-K-MmZgXZTsiXVjJhBvfeu4ZCR_wyLGgMuh3gZtWC5qzlY7jr5yAtcCxaCEJXlGMhVMRtG-MZ_p9BEHJl_0Z_2UFPVabAjI1pF50VeVHQJxw8lF9mTVVIfGbMb8f4wL9olXb9FIGMop9R0UtC-J_M7_-nyJTdRs3zK1mdUYEqnVsXXVi6UpzHiabBp9T_KxRjs&sai=AMfl-YQIUkjuowTr0ny7a488qV3qTHT6b25jiyyuYrz-b5eAlpP98n0ZiOJKffcuH7GQLx7a01qTrItT6-93avwnU-kjXrMIFn5XCwdiKxRLR6bqZ4KG_3HwEkP8EN5mMAU&sig=Cg0ArKJSzDH39FtIzNSEEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 20:21:01 GMT
st.7f641fd23a2d549708b2e95bd9b6f289.js
ws.sharethis.com/secure/js/ Frame 7E9E 		152 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure/js/st.7f641fd23a2d549708b2e95bd9b6f289.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:3e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
0716364e8ffa8710376601b4ab6d0a794b44fc5a09c9d92987ad77f3a8c432a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.sharethis.com/secure/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:03:45 GMT
content-encoding
gzip
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
FRA60-P3
age
2315836
etag
W/"64484eb7-2615c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
I3ZgGG1GkTbT8zcPsSJFQPdS0rPBtXCdcN-49VaT6EZR--Bjx_51wA==
expires
Thu, 25 Apr 2024 01:03:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1BE8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRb3I0jiCDoiqEhtOQqNxZQ8gpu5A1ndkOAdZDZNzAMxeSnahJdOdFqTsg_W6JXZB-RG1XzG0BffuruvTdxCvFDB6a61O-6Eq3rH5yzatbg22-yx84t2gixy5RGD056iiNkOp63WfKPmRLam_S2CIp5u2epHknboYjyVmuRic93Mt9AAjcDI02MxFMejb4K6l0Gh4AxytyP56_i55cCbpQp7il8kv3SjMyLq6k_LlwvdqsHSJoTidfvFGj6VA9jvF2ZFG9CDVVona1mT1yHhKk4A_WpQ9uh3GOFAK9V6wU-UALx38PObUx-7HbyFP0V0lHRviqMMxpj0WgAb4d&sai=AMfl-YTKP3veAJKofsccBg0KttnUBuKWXrnaoP7v_7WPJY3GcH6Mhoi6wRQ5J2NtF-xpNshkiJ_3C2pB9Ubj3hptdpQZwvSrM5dzw37-NwVn33pfhI1SG9WSVKWqT-mPeQ0&sig=Cg0ArKJSzBdpx_MFGHD_EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
2733177347293647796
tpc.googlesyndication.com/simgad/ Frame 1BE8 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2733177347293647796
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
745a0cfd6511ebe10755631eba8e109555c7cbd60f3acc939575640ddd1f20d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 22:35:04 GMT
x-content-type-options
nosniff
age
164757
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32293
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:52:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 May 2024 22:35:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 1BE8 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:56:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
80678
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 21:56:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 1BE8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:58:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
80532
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 21:58:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1BE8 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 20:21:01 GMT
truncated
/ Frame 1BE8 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9690134dfbe466baf2804453076b858ccc2553dd42212a4f8b3c2d8b4e4e2db6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 1BE8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspDRUdE1K3hIv4RIgqKDQJVR9voJ2kaDjheJ-28UzLXOeEdzSZoXFJlcrsi6YHTObActGRZQBHibdLEpaIa4BkZE2yL9r4YNCtCB1yaoMRkv1HxGMEJfLVyf20uVbWTpDj_zgK2DuyCJsbHR8pyYIl-ihH1JRjS5uWvKJe6uJlLSSZ3d9Y85YS3S7UdeaCrZuiraR7dNsd6G2e09gnMBgY_jkxsxGkrrjkjs8CVgHR8HyAEzajBIQQwYBpXeF2SONfLqC7Q7AYEMvrVtz5fzxG8ZYIAkhXTO3f01rvUv2fEMz1xMIwMni8pRVY25Oik-WOrpvH3UF19r83rC-dFiU&sai=AMfl-YT4c1qL2omKFOpwqxCiMdxfXZbT2ckuLvNfy1nKOKq3rrv6wmdQ2xr0uMmuhme8wW4ohQZHmLuV_fZNpjRkWTP96Y7KitNm3MnymRmD86lxeuE5_3TDpVknty-4Gk0&sig=Cg0ArKJSzI0t9fM6hpQHEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 20:21:01 GMT
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 23 May 2023 20:21:01 GMT
syncframe
gum.criteo.com/ Frame CECE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gmanetwork.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 20:21:01 GMT
server
Kestrel
server-processing-duration-in-ticks
867546
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 23 May 2023 20:21:01 GMT
sid
mug.criteo.com/ Frame CECE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=gmanetwork.com&sn=ChromeSyncframe&so=3&topUrl=www.gmanetwork.com&bundle=HdCBJV9aeUdQMGwlMkYlMkZkNXp1NUlGVXlyamg0RXllWSUyRnNEUWVpNTV6JTJGOW...
  • https://mug.criteo.com/sid?cpp=WOYQ6Xxtb1daYXR6a25YY3NFd0N6WE5NbFh0ejFYUW5nVWxXd0RyaWw0NHczanh0ckpZeDh6TXJSaXErZXdzV1R4SUtKQTQzbmR1M0NuY0tCaHNJQnRaWEZmYSs2VmQrRkhKNmVDdTcvR0c5NDI2cHkydVpDbDhqV0tXQj...
447 B
660 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WOYQ6Xxtb1daYXR6a25YY3NFd0N6WE5NbFh0ejFYUW5nVWxXd0RyaWw0NHczanh0ckpZeDh6TXJSaXErZXdzV1R4SUtKQTQzbmR1M0NuY0tCaHNJQnRaWEZmYSs2VmQrRkhKNmVDdTcvR0c5NDI2cHkydVpDbDhqV0tXQjM5ZWVac2pDTExYb3FnbFJaZGhVVkhxdExrL0c4N3BYQ05qcTZhWXVlR2hrTXRCZ1FudnA1S1FiU3AvcSs4eE14RDVGY05EajI4T3JuekczOWFJNTRXK2ZnY2dDN05UaGV3Zk1ja21LSVQ1WDlzQzMrODNZNyszV3JuT3JaRmlpVXZ2WGxVWUR6Zlk4cGMvN05BSktzbHYrdVZvU1hlNVEveDZlcnRnaUJDbWdCMmhwR1RlVT18&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b3157918e1c32a79d03052639983417863f29c63da4eea6a49e5fc2c50149059
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1153249
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:01 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=WOYQ6Xxtb1daYXR6a25YY3NFd0N6WE5NbFh0ejFYUW5nVWxXd0RyaWw0NHczanh0ckpZeDh6TXJSaXErZXdzV1R4SUtKQTQzbmR1M0NuY0tCaHNJQnRaWEZmYSs2VmQrRkhKNmVDdTcvR0c5NDI2cHkydVpDbDhqV0tXQjM5ZWVac2pDTExYb3FnbFJaZGhVVkhxdExrL0c4N3BYQ05qcTZhWXVlR2hrTXRCZ1FudnA1S1FiU3AvcSs4eE14RDVGY05EajI4T3JuekczOWFJNTRXK2ZnY2dDN05UaGV3Zk1ja21LSVQ1WDlzQzMrODNZNyszV3JuT3JaRmlpVXZ2WGxVWUR6Zlk4cGMvN05BSktzbHYrdVZvU1hlNVEveDZlcnRnaUJDbWdCMmhwR1RlVT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
402683
content-length
0
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gmanetwork.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1346727912234372&correlator=3913987591282127&eid=31074171%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fifs&iu_parts=21751243814%3A344684475%2C179580-300-250-16&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=14&adks=1323550853&didk=1585714558&sfv=1-0-40&ris=1&rcs=2&prev_scp=prebidtrue%3D0%26refresh1%3D0%26hb_format_rubicon%3Damp%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.00%26hb_adid_rubicon%3D7156fd18534f39c%26hb_bidder_rubicon%3Drubicon%26hb_size%3D300x250%26hb_format%3Damp%26hb_pb%3D0.00%26rtb_pb%3D0.00%26hb_adid%3D7156fd18534f39c%26hb_bidder%3Drubicon&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&sc=1&cookie=ID%3Dae4339fd1a8e2bb2%3AT%3D1684786858%3AS%3DALNI_MYWVV2eWGPukJpGO-KAdra9cPb77A&gpic=UID%3D00000c1a0f056c2a%3AT%3D1684786858%3ART%3D1684786858%3AS%3DALNI_MZSS7SIszxinLBjmAYzXmOIwa1eHA&abxe=1&dt=1684786862047&lmt=1684786862&dlt=1684786856847&idt=924&adxs=1057&adys=185&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=349&psts=ABHeCvh-WEU-8-1dK_EflyxyXmoMNIbKgLPo3B0bgvrFcyCCeGc39RpHJjmj7XvcnEbf7VWrjYvG-oVY-uYOT57E5VI5Vfa4xUo%2CABHeCvhzNbQ75zJdQ8OihSGZltvHH9qeOYtdBku_1W0uGeC6RPLcVEPXKcb2KJ2avN0IiqEiSCgYfuF1nI3h470J7Rtmk82h8uo&ga_vid=1519667749.1684786858&ga_sid=1684786858&ga_hid=502622445&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtI_9qIQxSABSAghkEhkKCnB1YmNpZC5vcmcYoJD9qIQxSABSAghqEoICCghydGJob3VzZRLsAUV4TGoyamZPZk5GcHJhQytjYU8rcitpQklMN3ZGQ0szSDdSUEhQTGJ0cGhBbkY2RFdXai9VYVBWcThjQU9pNEF1TlNQMkhnVXBEMzRrc1JhTTN4MWJ4aXd4SFBMNFFWQktLbnlFTzBmM0xkcWthSVU3akUyUEpYOFYrd1Y0NjlkMEMwZ3NHc2FoQXJudi9rVUZkNDJmaVE3aXlqRFFzTDZNNWNEenZ1c2xVM251TUZQZEE3WEVVMFlMRUF0QmZIZmxRbkwycFU3cllaZnYyeGh2TlNNZWc2YzRXSU95NkI5eGg5cG1HWHRTbjg9GKCS_aiEMUgAEh0KDmVzcC5jcml0ZW8uY29tGLSP_aiEMUgAUgIIZBIZCgp1aWRhcGkuY29tGLSP_aiEMUgAUgIIZBIUCgVvcGVueBi0j_2ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNCR_aiEMUgAUgIIag..
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ca22c3da49ca2ae39e6d39af02e4a8f6220565711d185fd3741d9c30da8be11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22382
x-xss-protection
0
google-lineitem-id
5786708352
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138363724714
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2D85 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame CCC7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvS8ETU921t5k_wgXRJ8jYwwj5YEfWxFtNAXnS0YjCeFczD5YtUZ-Cbxjc1R7B8pTLxL46aFFa0Qa502SoXcJKnlBxJ3c4Mb-5fJ6_TCMspQcuWSgyazYMFNEjsL_l6IKjP2nhD-EFUEq6bdTclPh4eAAyVHCXzR8DV4Np0-e4TWYl6Huugg7Z63HrYU9sSijGvXNf_tbFhHUdgrZg6Al0mpztzWTrCcZjR-rbbHtA57iNJTR8WdEoiUN_Y8aCMJASx7XqtpJ_w7QTHOYAEPTWEf_PqKL_JO63ED4TvSTxivsPa36JizVnYIC31K6qxfpC5OeIchYLg4_oot9G&sai=AMfl-YRGcSwhhOoINLp9ip3-udVLarjmGdHxBwYibH-JLOLDYP8uVJJ2CFZ9gal_OTcCdzdDv-BPF80PbOg-5EqMoA_MhEuiyXK45Tdr5NrbC7XPSP5nybv3aFkC31oeEeY&sig=Cg0ArKJSzFLvVBzV16NKEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
2733177347293647796
tpc.googlesyndication.com/simgad/ Frame CCC7 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2733177347293647796
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
745a0cfd6511ebe10755631eba8e109555c7cbd60f3acc939575640ddd1f20d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 22:35:04 GMT
x-content-type-options
nosniff
age
164758
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32293
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:52:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 May 2024 22:35:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame CCC7 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:56:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
80679
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 21:56:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame CCC7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:58:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
80533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 21:58:49 GMT
l
www.google.com/ads/measurement/ Frame CCC7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTAKq60_lvmyPdKDc52OqBLdLq2Hy3etaiAc3YLhtptCFiHc_IleSXY-WQvYXrXDaprWy6q70EJvIyUC9thZn7VXLQH7Q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CCC7 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 20:21:02 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4876 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugKUQMW1dfK0uoCGF5ahj5rSNy5f_pGEDP3Mo5E8XzGjWeLBWQ_ZxbZCkEVUdY9V9ACo_B3xSkJ8jo_Du3sh04K-2XUq_NfRmnJTCS5BAEpl_Sidnk&sig=Cg0ArKJSzHkN6A2i15oHEAE&id=lidar2&mcvt=1015&p=182,288,272,1016&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2151697657&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684786861219&rpt=120&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame CCC7 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
147822b96291176dc60c8d2760bf12407e9ee315b8e8fd17889df0b0704825c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame CCC7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8TJwkNrRY_0G2QN_pVrl2G3n8T7qZ1yqcy0SqVuf-QVT0WE2JBORXOF7u6qHmB2o5s8lWVeBcG0wV4OumM5CRjibGUX30VuhXtK0wnxzMHMLyPYQ6YH450Ha7IsWTu54mVFMgrQK4zQV6z8ffGyzHKMkt3GOwpR1z6UEtkHc9f9ZeWuFuU5tFTQGrWTpl_4bydNWaD0gbWk_7SBi9OtdWQGuPPItQY01Yhz8NqS1jbTdIE4apUExzN3ol2mLfrvG8HPQKYEfmCr_G9cbonN_B9vhU3JeIl_m0Eu2t-QFqUXk8TM01jN9cKT1qBsUGgI5XyFpblV2NnKbVtzn6Pk8&sai=AMfl-YSRlzEPCNBF67kIKeRZjOm3hEjJu1MfbIXaRqZQ_Ws1moTDG42Pp1dJJLnR4ePTgbJQV-ovqFucOETgo4mlE5aMrAI6K-oWbAbB2W7aitqUgNLrPV3nCOb2N2EhNos&sig=Cg0ArKJSzONy4vbEy0fyEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 20:21:02 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1BE8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukDPY6Cx18lUXflUBFkOyU52zQrq0Mhg-HVE0AQyy29ws8_AnPSMIGdvQoIXJ9psU7A-cYRT6a4PMMFqDU-GsnvPVyXr173wZ4vWqhUubZMe2eVy-8&sig=Cg0ArKJSzFpqf6p7YsOcEAE&id=lidar2&mcvt=1000&p=672,710,922,1010&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=576703028&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684786861404&rpt=79&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CCC7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8JsHnl6gD19LZblLBrONBviV2xboiSLQJSvW4KOEL8ZHM_qIUXSaM4fSLb-ljXpNBw5gg8WUxvf6M1dosqMmp4fNw4_ZsNu0ioraOclLYvva-BFGL&sig=Cg0ArKJSzO33vU3GAVV2EAE&id=lidar2&mcvt=1000&p=185,1057,435,1357&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1323550853&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684786862341&rpt=91&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&qs=1&ak=-&i=GMANMI_CONTENT1&ud=false&qm=0&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ7Ry%5ETm_h%25G3%3C8%2BNT6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BmxAkmP%3DK%5B*xp%23Vl358YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=2&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=5530&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&fy=268.8125&gp=277&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&f=0&o=3&t=1684786857825&de=269386377295&cu=1684786858088&m=5674&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=277&le=1&gm=1&io=1&ch=0&as=1&ag=5172&an=1195&gf=0&gg=0&ez=1&ck=1195&kw=1135&aj=1&pg=51&pf=51&ib=0&cc=1&bw=5172&bx=1195&undefined=1&ci=1195&jz=1135&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&em=0&en=0&bu=5112&cd=1135&ah=5112&am=1135&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3APhilippines%20detects%207%20more%20Arcturus%20cases%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=218382509&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 22 May 2023 20:21:03 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&kq=1&lo=0&qs=1&ak=-&i=GMANMI_CONTENT1&ud=false&qm=0&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ7Ry%5ETm_h%25G3%3C8%2BNT6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BmxAkmP%3DK%5B*xp%23Vl358YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=3&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=5530&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&fy=268.8125&gp=277&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&f=0&o=3&t=1684786857825&de=269386377295&cu=1684786858088&m=5874&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=277&le=1&gm=1&io=1&ch=0&as=1&ag=5372&an=5172&gf=0&gg=0&ez=1&ck=1195&kw=1135&aj=1&pg=51&pf=51&ib=0&cc=1&bw=5372&bx=5172&undefined=1&ci=1195&jz=1135&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&em=0&en=0&bu=5312&cd=5112&ah=5312&am=5112&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3APhilippines%20detects%207%20more%20Arcturus%20cases%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=415926321&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 22 May 2023 20:21:03 GMT
loaduser
traid.jixie.io/api/ 		52 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/api/loaduser
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash
b9d05101f668fd34e286aee0110b79ba23375caa3b09a7b718b29d19152a439e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:21:04 GMT
Content-Encoding
gzip
Server
elb
X-Powered-By
Express
ETag
W/"34-ciq6rp7+SRSRCV6t61+gq6x1K24"
Transfer-Encoding
chunked
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.gmanetwork.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
prebid
id5-sync.com/api/config/ 		135 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
f759cefc88a2c554f946a01dfe2df9521c5c213a63495dd0d2978adf78f171a8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Mon, 22 May 2023 20:21:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
ea96266b9479835bc7b332c015ac49074268a52df9b1f8d794d55e8f31c00ecd

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 20:21:04 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 21 Jun 2023 20:21:04 GMT
checksync.php
contextual.media.net/ Frame 8E5C 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
40aee081c093e749a7df384cd8938a1a1d8dac799a2404f259ff68aa4211ed72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7973
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 20:21:04 GMT
expires
Wed, 24 May 2023 20:21:04 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
u.openx.net/w/1.0/ Frame 6E2D 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 22 May 2023 20:21:04 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync-all.html
adxbid.info/ Frame A869 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cb7c36efa501994-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 22 May 2023 20:21:04 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbFIlr4EdxggqBYu3EpLYZF%2FuSvl3XS1cnY13dp0J1HdHxtjkGBW8HYpEX%2F%2BXSPf%2B1wu779b8U25%2FNiuCrT0zKXJkw6ua2sSiTfhjPnjmUqTGYNGYc9chk9iMxxKSQZdMcBdKn3%2B0Mwi7w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
usync.html
eus.rubiconproject.com/ Frame 0E23 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 May 2023 20:21:04 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame ADD0 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
40aee081c093e749a7df384cd8938a1a1d8dac799a2404f259ff68aa4211ed72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7973
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 20:21:04 GMT
expires
Wed, 24 May 2023 20:21:04 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
beacon
ap.lijit.com/ Frame 666B 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13413210
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
adb134528cf48f29643682c120df6ec011669a6b27f4cb912a45425b65e81047

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
1094
Content-Type
text/html
Date
Mon, 22 May 2023 20:21:04 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap6ams1
pd
u.openx.net/w/1.0/ Frame B67F 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 22 May 2023 20:21:04 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
u.openx.net/w/1.0/ Frame A4C8 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 22 May 2023 20:21:04 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
checksync.php
contextual.media.net/ Frame 50F9 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid7.24.0-gma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
40aee081c093e749a7df384cd8938a1a1d8dac799a2404f259ff68aa4211ed72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7973
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 20:21:04 GMT
expires
Wed, 24 May 2023 20:21:04 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
46a694c659d2f9609cdbaf38c4de99b58d6693fd5ec5ed28aeae462ffe34b109
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Mon, 22 May 2023 20:21:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
merge
ce.lijit.com/ Frame 666B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=852d591c-0ca6-422a-bad4-c466ea7b6833
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=852d591c-0ca6-422a-bad4-c466ea7b6833
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d34d3993-ae77-465c-9b5f-3e56b5a01cf0&user_group=1&ssp=fmx&bsw_param=852d591c-0ca6-422a-bad4-c466ea7b6833
  • https://ce.lijit.com/merge?pid=26&3pid=852d591c-0ca6-422a-bad4-c466ea7b6833&gdpr=&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=852d591c-0ca6-422a-bad4-c466ea7b6833&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=26&3pid=852d591c-0ca6-422a-bad4-c466ea7b6833&gdpr=&gdpr_consent=
date
Mon, 22 May 2023 20:21:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
merge
ce.lijit.com/ Frame 666B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=1lAoUYMBf1LNV3pVg1IzAtNdLVfNUixWhlIfMaaV
43 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=1lAoUYMBf1LNV3pVg1IzAtNdLVfNUixWhlIfMaaV
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=1lAoUYMBf1LNV3pVg1IzAtNdLVfNUixWhlIfMaaV
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 666B
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3NKa3VCWkhlRmFCTVRxX1JNT3JWWjZx&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3NKa3VCWkhlRmFCTVRxX1JNT3JWWjZx&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

Date
Mon, 22 May 2023 20:21:04 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3NKa3VCWkhlRmFCTVRxX1JNT3JWWjZx&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame 666B
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=946aec0b-3c4c-426c-908d-15f85e44308e
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=946aec0b-3c4c-426c-908d-15f85e44308e
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=946aec0b-3c4c-426c-908d-15f85e44308e
Date
Mon, 22 May 2023 20:21:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 666B
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=GsJkuBZHeFaBMTq_RMOrVZ6q&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:c8d56fded8ac0ebb42defdc45a078b4e
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:c8d56fded8ac0ebb42defdc45a078b4e
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 22 May 2023 20:21:04 GMT
server
Aorta/20230516.6fb732053
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:c8d56fded8ac0ebb42defdc45a078b4e
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
e59c0b987c0e
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame 666B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=TnZRYf39dQMR&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=TnZRYf39dQMR&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://ce.lijit.com/merge?pid=49&3pid=TnZRYf39dQMR&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-78764785dd-q9trz
expires
-1
merge
ce.lijit.com/ Frame 666B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=NYdZ4MWG7iS7PNntBVVu&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=NYdZ4MWG7iS7PNntBVVu&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=NYdZ4MWG7iS7PNntBVVu&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT, Mon, 22 May 2023 20:21:04 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 666B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
213.19.162.90 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
0163a7456b0a5605e8b1fb1d4fba3e4d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame 666B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AADH9E7I150AAB-5Gc64Dw&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AADH9E7I150AAB-5Gc64Dw&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AADH9E7I150AAB-5Gc64Dw&gdpr=0
Date
Mon, 22 May 2023 20:21:04 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 666B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1684786864524
  • https://ad.turn.com/r/cs?pid=45&rndcb=6747032866
  • https://sync.1rx.io/usersync/turn/4141832342675863258?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-a781c553-5461-41a8-92dc-22cd95564c49-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-a781c553-5461-41a8-92dc-22cd95564c49-003
  • https://ce.lijit.com/merge?pid=97&3pid=RX-a781c553-5461-41a8-92dc-22cd95564c49-003
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-a781c553-5461-41a8-92dc-22cd95564c49-003
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:05 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=97&3pid=RX-a781c553-5461-41a8-92dc-22cd95564c49-003
date
Mon, 22 May 2023 20:21:05 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXa781c553546141a892dc22cd95564c49003
content-type
text/html
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 666B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame 666B
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1684786864450&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=D108878FEE5747388D74D90E74FC83F6
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=D108878FEE5747388D74D90E74FC83F6
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 22 May 2023 20:21:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=D108878FEE5747388D74D90E74FC83F6
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 21 May 2023 20:21:04 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 666B 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
iu3
aax-eu.amazon-adsystem.com/s/ Frame 666B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FE75CY2FCZQC4A458F5W
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 666B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D92%25263pid%253D%2524UID%26gdpr%3D0%26gdpr_consent%3D
  • https://ce.lijit.com/merge?pid=92&3pid=5641317918713889930&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=5641317918713889930&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 20:21:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4e22c059-faba-43cd-a1b7-217cf47d6314
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=5641317918713889930&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 666B
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D12%25263pid%253D%2524UID%26gdpr%3D0%26gdpr_consent%3D
  • https://ce.lijit.com/merge?pid=12&3pid=6211424790572879189&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=6211424790572879189&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 20:21:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7227491b-18f9-4f7a-bf5c-47bd49f4ebb4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=12&3pid=6211424790572879189&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
data.adsrvr.org/track/cmf/ Frame 666B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 666B
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3NKa3VCWkhlRmFCTVRxX1JNT3JWWjZx&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3NKa3VCWkhlRmFCTVRxX1JNT3JWWjZx&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 20:21:04 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3NKa3VCWkhlRmFCTVRxX1JNT3JWWjZx&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sovrn
tr.blismedia.com/v1/api/sync/ Frame 666B 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8A6E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=121696
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 20:21:04 GMT
expires
Wed, 24 May 2023 06:09:20 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
merge
ce.lijit.com/ Frame E8FA
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=4481141920767445440&gdpr=0&gdpr_consent=
43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=4481141920767445440&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 20:21:04 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Mon, 22 May 2023 20:21:04 GMT
location
https://ce.lijit.com/merge?pid=1&3pid=4481141920767445440&gdpr=0&gdpr_consent=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C9BD 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=121696
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 20:21:04 GMT
expires
Wed, 24 May 2023 06:09:20 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame D5BD
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_c...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&g...
753 B
485 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13413210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4795e1f25e93316e38197fb80aef3670e0bf88fc2b0c554248b5d01f3585ce17

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
466
content-type
text/html
date
Mon, 22 May 2023 20:21:04 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 22 May 2023 20:21:04 GMT
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
984.json
id5-sync.com/g/v2/ 		241 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/984.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
4b2edb3db33985493dd72e15b6d28e98365211766349de129ba84e34536c2402
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gmanetwork.com
date
Mon, 22 May 2023 20:21:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
getuid
eb2.3lift.com/ Frame A869 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame C9BD 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34841331&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
fca8824e320710d3cef60fe381654361f8227632ec0c146bb710bf2003eb6d86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 20:21:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
merge
ce.lijit.com/ Frame D5BD 		43 B
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=eeecc580-7830-0f3b-2465-e6ec5d4ce881
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame D5BD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1990646b-ceac-4e00-af76-c19142a94aff
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1990646b-ceac-4e00-af76-c19142a94aff
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 20:21:04 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x5 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1990646b-ceac-4e00-af76-c19142a94aff
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 22 May 2023 20:21:03 GMT
sd
us-u.openx.net/w/1.0/ Frame D5BD
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=7JwXY7nNQGD3m0VnuZ4MMOmREmX3nhNkvJ6OrzvY
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=7JwXY7nNQGD3m0VnuZ4MMOmREmX3nhNkvJ6OrzvY
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=7JwXY7nNQGD3m0VnuZ4MMOmREmX3nhNkvJ6OrzvY
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame D5BD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5609970843254466368
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5609970843254466368
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5609970843254466368
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame D5BD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=82021b40-9284-3536-63d9-504a25fdd7d3&gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D5BD 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWU2ZGM4OGEtNWJmMy02YjkyLTc2MzktMGFmM2VmMWYxOWIz
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D5BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPu72eFmDWcNiSUXLenM8tk&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPu72eFmDWcNiSUXLenM8tk&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPu72eFmDWcNiSUXLenM8tk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
user-sync.adxpremium.services/ Frame A869
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=d1ec44d7427ca921b3d741442f9b917fa4b3245934f4c0ffb28b0bacae5d694f
86 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=d1ec44d7427ca921b3d741442f9b917fa4b3245934f4c0ffb28b0bacae5d694f
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:04 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=d1ec44d7427ca921b3d741442f9b917fa4b3245934f4c0ffb28b0bacae5d694f
Pragma
no-cache
Date
Mon, 22 May 2023 20:21:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
usync.js
eus.rubiconproject.com/ Frame 0E23 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa403d9a9b7b752d058f087bf7afe7377ed73c7700fb5c7cc271661ec043e737

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:21:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2023 02:03:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20563
Connection
keep-alive
Content-Length
10085
Expires
Tue, 23 May 2023 02:03:47 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8394
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1990646b-ceac-4e00-af76-c19142a94aff&gdpr=0&gdpr_consent=
42 B
402 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1990646b-ceac-4e00-af76-c19142a94aff&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 22 May 2023 20:21:04 GMT
Expires
Mon, 22 May 2023 20:21:03 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master zrh-pixel-x30 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1990646b-ceac-4e00-af76-c19142a94aff&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 3DC6
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727881588728
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727881588728
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 22 May 2023 20:21:04 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727881588728
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame C55A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 20:21:03 GMT
expires
Mon, 22 May 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
799730
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 04DE
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6444126673705367398
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6444126673705367398
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6444126673705367398
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dcm
aax-eu.amazon-adsystem.com/s/ Frame 29AF
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=82334AC2-ACE7-4C10-A065-4F70405E53CF&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=82334AC2-ACE7-4C10-A065-4F70405E53CF&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=82334AC2-ACE7-4C10-A065-4F70405E53CF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 20:21:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
B1GSJWW6YQFZ1ZH1MDRC

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 22 May 2023 20:21:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=82334AC2-ACE7-4C10-A065-4F70405E53CF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
BKK423G5HAKM1FQZ453T
Pug
image2.pubmatic.com/AdServer/ Frame F2B0
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ef-Wk0SuwZAK-MSXRP2NwBTyk5UK_ZKUQf2Te9Wp
42 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ef-Wk0SuwZAK-MSXRP2NwBTyk5UK_ZKUQf2Te9Wp
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 22 May 2023 20:21:04 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ef-Wk0SuwZAK-MSXRP2NwBTyk5UK_ZKUQf2Te9Wp
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame DA30
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6211424790572879189&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6211424790572879189&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
a8268d4f-08b8-4e7b-91fa-21359d665734
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 22 May 2023 20:21:04 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6211424790572879189&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.23.2
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5BCA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7236104481632286872&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7236104481632286872&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 22 May 2023 20:21:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7236104481632286872&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 5565
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGvOsAAMGou4XQBa
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 22 May 2023 20:21:04 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230063-FRA
x-timer
S1684786865.826164,VS0,VE91

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 22 May 2023 20:21:04 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGvOsAAMGou4XQBa
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230063-FRA
x-timer
S1684786865.723992,VS0,VE91
Pug
image2.pubmatic.com/AdServer/ Frame 74F4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFcGprN0kxNTBBQUNCQVlZY1BXUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADH9E7I150AAB-5Gc64Dw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADH9E7I150AAB-5Gc64Dw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADH9E7I150AAB-5Gc64Dw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2808288672165848493&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADH9E7I150AAB-5Gc64Dw&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADH9E7I150AAB-5Gc64Dw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 22 May 2023 20:21:05 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADH9E7I150AAB-5Gc64Dw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 355C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dz0Zgdq1UfpcphIZsbr9z9lAlwk&gdpr=0&gdpr_consent=
42 B
376 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dz0Zgdq1UfpcphIZsbr9z9lAlwk&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 22 May 2023 20:21:05 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dz0Zgdq1UfpcphIZsbr9z9lAlwk&gdpr=0&gdpr_consent=
cm
ipac.ctnsnet.com/int/ Frame 6216 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 22 May 2023 20:21:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame AE05
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 22 May 2023 20:21:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 22 May 2023 20:21:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cookiesync
core.iprom.net/ Frame 513A 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 20:21:04 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-2078b9338a16@version_1.551
X-core-time
0ms
X-server-arch
v2
bridge
cm.adgrx.com/ Frame DCE1 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.178.81 Secaucus, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 22 May 2023 20:21:04 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-4
i.match
s.tribalfusion.com/z/ Frame 1AB8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
442 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7cb7c371babe9b37-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:05 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7cb7c370892d9b37-FRA
content-type
text/html
date
Mon, 22 May 2023 20:21:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
28
Pug
simage2.pubmatic.com/AdServer/ Frame 5C2C
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=82334AC2-ACE7-4C10-A065-4F70405E53CF&gdpr=0&gdpr_consent=
42 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=82334AC2-ACE7-4C10-A065-4F70405E53CF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 20:21:03 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=82334AC2-ACE7-4C10-A065-4F70405E53CF&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
merge
ap.lijit.com/ Frame F8FF 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/merge?pid=71&3pid=82334AC2-ACE7-4C10-A065-4F70405E53CF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 20:21:04 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C9BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gjNKwqznTBCgZU9wQF5Tzw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:04 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=121696
accept-ranges
bytes
content-length
5554
expires
Wed, 24 May 2023 06:09:20 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame C9BD 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=82334AC2-ACE7-4C10-A065-4F70405E53CF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.89.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-89-240.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.115
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame C9BD
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2845458724
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=82334AC2-ACE7-4C10-A065-4F70405E53CF
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=82334AC2-ACE7-4C10-A065-4F70405E53CF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
via
1.1 google
last-modified
Mon, 22 May 2023 20:21:04 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=82334AC2-ACE7-4C10-A065-4F70405E53CF
date
Mon, 22 May 2023 20:21:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame C9BD
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=82334AC2-ACE7-4C10-A065-4F70405E53CF
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Z2NpWDdrLW0xME1TYTJsVmVZVVNpS2dNdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5609970843254466368&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.94.235.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-235-119.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:21:05 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 22 May 2023 20:21:05 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame C9BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODIzMzRBQzItQUNFNy00QzEwLUEwNjUtNEY3MDQwNUU1M0NG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C9BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJYBdT0Xm_6UrU8WCSB_tQM&google_cver=1
42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJYBdT0Xm_6UrU8WCSB_tQM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJYBdT0Xm_6UrU8WCSB_tQM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C9BD 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 21 May 2023 20:21:04 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C9BD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1268104074114771777
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1268104074114771777
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1268104074114771777
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame C9BD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame C9BD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=82334AC2-ACE7-4C10-A065-4F70405E53CF&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=82334AC2-ACE7-4C10-A065-4F70405E53CF&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-w2EIkStE2uXw7XPbFN4trvb1N_OVl1w-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-w2EIkStE2uXw7XPbFN4trvb1N_OVl1w-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-w2EIkStE2uXw7XPbFN4trvb1N_OVl1w-~A&gdpr=0
date
Mon, 22 May 2023 20:21:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
82334AC2-ACE7-4C10-A065-4F70405E53CF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C9BD 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/82334AC2-ACE7-4C10-A065-4F70405E53CF?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:cad5:de8f:a90a:79bc Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame C9BD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559727881588730&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=852d591c-0ca6-422a-bad4-c466ea7b6833&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=852d591c-0ca6-422a-bad4-c466ea7b6833&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 22 May 2023 20:21:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=852d591c-0ca6-422a-bad4-c466ea7b6833&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 22 May 2023 20:21:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame C9BD 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=82334AC2-ACE7-4C10-A065-4F70405E53CF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.158.223.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams02-nessy-float2.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:05 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C9BD 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C9BD
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6211424790572879189
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6211424790572879189
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 22 May 2023 20:21:04 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fb19e12b-f232-41f2-a614-d6e47a2da809
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6211424790572879189
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C9BD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4213889936713791194&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4213889936713791194&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 22 May 2023 20:21:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4213889936713791194&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame C9BD
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:396c0837-8cc1-44a1-964b-9e38fd902e5b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:396c0837-8cc1-44a1-964b-9e38fd902e5b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:396c0837-8cc1-44a1-964b-9e38fd902e5b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 22 May 2023 20:21:06 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 0E23 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 0E23
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/j5VAihrYf_yGXR0-d2tMhMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-9YfV5vFE2oKoLXld3BrXE0tLTIbcXUwnAuaoCQ--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-9YfV5vFE2oKoLXld3BrXE0tLTIbcXUwnAuaoCQ--~A
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 22 May 2023 20:21:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-9YfV5vFE2oKoLXld3BrXE0tLTIbcXUwnAuaoCQ--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0E23
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmY1N2Q5YmE3MGU4NjI1MzVhMTNkODdjNjQ0NTgxZDY5YmU5MTY5Mw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmY1N2Q5YmE3MGU4NjI1MzVhMTNkODdjNjQ0NTgxZDY5YmU5MTY5Mw
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmY1N2Q5YmE3MGU4NjI1MzVhMTNkODdjNjQ0NTgxZDY5YmU5MTY5Mw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 0E23
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xPZHzkqXQMi-e78Q40LE9Q&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xPZHzkqXQMi-e78Q40LE9Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xPZHzkqXQMi-e78Q40LE9Q
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
165YYZRFE21P7BNXP1CX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xPZHzkqXQMi-e78Q40LE9Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0E23
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iMFEXMDlQQGL03FRv0wPhw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iMFEXMDlQQGL03FRv0wPhw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iMFEXMDlQQGL03FRv0wPhw
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1WZZP5EX49SWP15JSYG1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iMFEXMDlQQGL03FRv0wPhw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0E23
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEETqWbVNxJUrIX1JVsS3kM&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEETqWbVNxJUrIX1JVsS3kM&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEETqWbVNxJUrIX1JVsS3kM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 0E23
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHZALGD8-16-14RL
0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHZALGD8-16-14RL
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:04 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: B3EBE44177B94089A3B68FDFA21638EF Ref B: FRAEDGE1311 Ref C: 2023-05-22T20:21:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX8TgKbFM9KPjDrKlA9yA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHZALGD8-16-14RL
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0E23
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhaQUxHRDgtMTYtMTRSTA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKTkJM2YDBjEyyeMjXimf44&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhaQUxHRDgtMTYtMTRSTA==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhaQUxHRDgtMTYtMTRSTA==&google_push=
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhaQUxHRDgtMTYtMTRSTA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
sync
vid.vidoomy.com/ Frame 150C 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Mon, 22 May 2023 20:21:05 GMT
etag
W/"64243ed7-c28e"
last-modified
Wed, 29 Mar 2023 13:36:23 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-cache
HIT
x-77-nzt
AcO1rycLjx7/kkYIAA
x-77-nzt-ray
25b02131583a1928b1ce6b64d6507300
x-77-pop
frankfurtDE
x-accel-date
1684244511
x-accel-expires
@1685281311
x-age
542354
x-cache
HIT
rid
match.adsrvr.org/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.gmanetwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
access-control-allow-origin
https://www.gmanetwork.com
cache-control
private
content-length
27
content-type
text/html
date
Mon, 22 May 2023 20:21:05 GMT
vary
Origin
x-aspnet-version
4.0.30319
rid
match.adsrvr.org/track/ 		63 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
0f9b4bf0b00b784822061773172d05ce5b6cb16f46d003a4e0fa4cb3d42b65ee

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 May 2023 20:21:05 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gmanetwork.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 21 Jun 2023 20:21:05 GMT
setuid
user-sync.adxpremium.services/ Frame A869
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZGvOsRh41TUd693eQlV4iwAA%263280
86 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZGvOsRh41TUd693eQlV4iwAA%263280
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:05 GMT
content-length
86
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZGvOsRh41TUd693eQlV4iwAA%263280
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
urlsvid.json
vpaid.vidoomy.com/sync/ Frame 150C 		1 KB
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 22 May 2023 20:21:05 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
553215
x-accel-date
1684233650
x-77-nzt
AcO1rydbYhL//3AIAA
x-accel-expires
@1685270450
last-modified
Wed, 29 Mar 2023 10:31:18 GMT
server
CDN77-Turbo
etag
W/"64241376-446"
x-77-nzt-ray
25b02131583ad22bb1ce6b645efdd609
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://vid.vidoomy.com
access-control-allow-credentials
true
jx-load-cookie.html
scripts.jixie.media/ Frame C57D 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.media/jx-load-cookie.html?accountid=${accountId}
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/onescript/GM180iIHc4/jx-GM31180lY1Ap.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.91.74.185 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
3b5968101e04a0ca713a6789543d6c4b61cb81aa7c4134f22ef2682ae6249204

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
86400
age
4538467
content-encoding
gzip
content-type
text/html
date
Mon, 22 May 2023 20:21:05 GMT
etag
W/"9e5d62e65d2e8329f814e39ef01c0d2e"
last-modified
Fri, 24 Mar 2023 01:10:22 GMT
nginx-hit
1
server
openresty
via
LA-MEX-queretaro-EDGE1-CACHE3[2],LA-MEX-queretaro-EDGE1-CACHE3[0,TCP_HIT,0],LA-MEX-mexicocity-GLOBAL1-CACHE24[252],LA-MEX-mexicocity-GLOBAL1-CACHE22[250,TCP_MISS,251],EA-SGP-GLOBAL1-CACHE15[1],EA-SGP-GLOBAL1-CACHE10[0,TCP_HIT,0]
x-amz-id-2
VyFn4b2d6+KWBPQz7USi5R3QeIjGF4UZ7LzgVHS1rZfbUaaaqITM33rFTwWXZ7Bw2NsJm7yU+rw=
x-amz-request-id
2A1GNRMHM8B4ZVQF
x-amz-server-side-encryption
AES256
x-amz-version-id
aN2iXujF9PZWLEhdoji4nn9NNDXaBwmd
x-ccdn-cachettl
2592000
x-ccdn-expires
646910
x-hcs-proxy-type
1
prod
traid.jixie.io/sync/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/prod
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.gmanetwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://www.gmanetwork.com
Connection
keep-alive
Content-Length
0
Date
Mon, 22 May 2023 20:21:05 GMT
Server
elb
Vary
Origin, Access-Control-Request-Headers
X-Powered-By
Express
prod
traid.jixie.io/sync/ 		147 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/prod
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.175.30 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-175-30.compute.hwclouds-dns.com
Software
elb / Express
Resource Hash
b95a6bb43aa1a14777c279a6b49ff98cb5e5ba33433ce28a5d5b0bfca28e91bf

Request headers

Referer
https://www.gmanetwork.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 22 May 2023 20:21:05 GMT
Content-Encoding
gzip
Server
elb
X-Powered-By
Express
ETag
2b1666f0-f8de-11ed-81c7-e19a8d3fb1b3
Transfer-Encoding
chunked
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.gmanetwork.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1B99 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=121695
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 20:21:05 GMT
expires
Wed, 24 May 2023 06:09:20 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
user-sync.adxpremium.services/ Frame A869
Redirect Chain
  • https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=GsJkuBZHeFaBMTq_RMOrVZ6q
86 B
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=GsJkuBZHeFaBMTq_RMOrVZ6q
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:05 GMT
content-length
86
content-type
image/png

Redirect headers

Date
Mon, 22 May 2023 20:21:05 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=GsJkuBZHeFaBMTq_RMOrVZ6q
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync.php
pixel.rubiconproject.com/exchange/ Frame A869 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
user-sync.adxpremium.services/ Frame A869
Redirect Chain
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=5609970843254466368
86 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=5609970843254466368
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:05 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=5609970843254466368
date
Mon, 22 May 2023 20:21:05 GMT
server
nginx
content-length
0
content-type
text/plain
jx-load-cookie.html
partnerrsc.jixie.io/pbs/ Frame C57D 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://partnerrsc.jixie.io/pbs/jx-load-cookie.html?accountid=${accountId}
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jx-load-cookie.html?accountid=${accountId}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-22.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68a303bbb7e2a8fcc8e02d3ec0f85127e43c424a38146611b9ebd9092a9ec2a8

Request headers

Referer
https://scripts.jixie.media/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
48746
content-encoding
br
content-type
text/html
date
Mon, 22 May 2023 06:48:43 GMT
etag
W/"04d86765d11c11348e7b0c03589233ae"
last-modified
Thu, 04 May 2023 01:29:17 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-amz-cf-id
gauggQ0E5r_CKujVVUzriWAJS0cNuVISRnDiAjh1WUytql6i8EIwJQ==
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
4M6FhrCgV2lR0SrmFPo2oE8XvRf8mvbO
x-cache
Hit from cloudfront
rid
match.adsrvr.org/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://partnerrsc.jixie.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
access-control-allow-origin
https://partnerrsc.jixie.io
cache-control
private
content-length
27
content-type
text/html
date
Mon, 22 May 2023 20:21:05 GMT
vary
Origin
x-aspnet-version
4.0.30319
cookie_sync
prebid.jixie.io/ Frame C57D 		926 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.jixie.io/cookie_sync
Requested by
Host: partnerrsc.jixie.io
URL: https://partnerrsc.jixie.io/pbs/jx-load-cookie.html?accountid=${accountId}
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.13.101.41 -, , ASN (),
Reverse DNS
Software
elb /
Resource Hash
c34ad7adb26e4f2176c852f623d4f110a7bbf7bcd9bd9cdc45ff7a8fcb62de0b

Request headers

Referer
https://partnerrsc.jixie.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:05 GMT
Server
elb
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://partnerrsc.jixie.io
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
926
Expires
0
rid
match.adsrvr.org/track/ Frame C57D 		63 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Requested by
Host: partnerrsc.jixie.io
URL: https://partnerrsc.jixie.io/pbs/jx-load-cookie.html?accountid=${accountId}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
0f9b4bf0b00b784822061773172d05ce5b6cb16f46d003a4e0fa4cb3d42b65ee

Request headers

Referer
https://partnerrsc.jixie.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 May 2023 20:21:05 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://partnerrsc.jixie.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 21 Jun 2023 20:21:05 GMT
upkiejson
accounts.tokopedia.com/ Frame C57D 		127 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.tokopedia.com/upkiejson
Requested by
Host: partnerrsc.jixie.io
URL: https://partnerrsc.jixie.io/pbs/jx-load-cookie.html?accountid=${accountId}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.209.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-209-54.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
90b531a21662d29435600aa84fd99c6d94a5c662b685d0bf4a3285d0866d40bb

Request headers

Referer
https://partnerrsc.jixie.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 20:21:05 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://partnerrsc.jixie.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tkp-srv-id
accountsapp-10-41-72-185
x-tkpd-origin-match
origin-accounts.tokopedia.com
content-length
127
generic
match.adsrvr.org/track/cmf/ Frame C57D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2630093207
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2630093207
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partnerrsc.jixie.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 20:21:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:06 GMT
etag
RXa781c553546141a892dc22cd95564c49003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2630093207
cache-control
no-store, no-cache, must-revalidate
expires
0
/
hde.tynt.com/deb/ Frame 642C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3D...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%...
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Requested by
Host: partnerrsc.jixie.io
URL: https://partnerrsc.jixie.io/pbs/jx-load-cookie.html?accountid=${accountId}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
41e8789d4b2aa90138ffe45cc69fce32d4c2b176b2ad650a5f26120430d1d527

Request headers

Referer
https://partnerrsc.jixie.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1649
content-type
text/html
date
Mon, 22 May 2023 20:21:06 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Mon, 22 May 2023 20:21:06 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pbscookie
a.vidoomy.com/api/rtbserver/ Frame 150C
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=bbdc948f-2b1b-06df-0855-905fa4a6155e&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
0
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=bbdc948f-2b1b-06df-0855-905fa4a6155e&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
Protocol
H2
Server
18.184.88.243 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 20:21:06 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:06 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=bbdc948f-2b1b-06df-0855-905fa4a6155e&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
pbscookie
a.vidoomy.com/api/rtbserver/ Frame 150C
Redirect Chain
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=5609970843254466368&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
0
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=5609970843254466368&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
Protocol
H2
Server
18.184.88.243 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 20:21:06 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=5609970843254466368&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
date
Mon, 22 May 2023 20:21:06 GMT
server
nginx
content-length
0
content-type
text/plain
sync.php
pixel.rubiconproject.com/exchange/ Frame 150C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
SPug
simage4.pubmatic.com/AdServer/ Frame C9BD 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156212&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.html
eus.rubiconproject.com/ Frame 2618
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 May 2023 20:21:07 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 22 May 2023 20:21:07 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
setuid
prebid.jixie.io/ Frame 642C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1684786867053.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_cons...
  • https://prebid.jixie.io/setuid?bidder=33across&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=212131563030146
0
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.jixie.io/setuid?bidder=33across&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=212131563030146
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
HTTP/1.1
Server
119.13.101.41 -, , ASN (),
Reverse DNS
Software
elb /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:07 GMT
Server
elb
Vary
Origin
Content-Type
text/html
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:06 GMT
referrer-policy
unsafe-url
server
33XP015
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://prebid.jixie.io/setuid?bidder=33across&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=212131563030146
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 642C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=852d591c-0ca6-422a-bad4-c466ea7b6833&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=946aec0b-3c4c-426c-908d-15f85e44308e&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=852d591c-0ca6-422a-bad4-c466ea7b6833
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=852d591c-0ca6-422a-bad4-c466ea7b6833&ts=1684786867&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=852d591c-0ca6-422a-bad4-c466ea7b6833&ts=1684786867&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:07 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:07 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=852d591c-0ca6-422a-bad4-c466ea7b6833&ts=1684786867&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 642C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1684786867053.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=1990646b-ceac-4e00-af76-c19142a94aff
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=1990646b-ceac-4e00-af76-c19142a94aff
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:07 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Mon, 22 May 2023 20:21:07 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x9 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=1990646b-ceac-4e00-af76-c19142a94aff
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 22 May 2023 20:21:06 GMT
match
events-ssc.33across.com/ Frame 642C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-Pmck.RZE2uHsMBFhHu4_xwtag5CBadyo~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-Pmck.RZE2uHsMBFhHu4_xwtag5CBadyo%7EA&ts=1684786867&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-Pmck.RZE2uHsMBFhHu4_xwtag5CBadyo%7EA&ts=1684786867&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:07 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:07 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-Pmck.RZE2uHsMBFhHu4_xwtag5CBadyo%7EA&ts=1684786867&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
current
33across-match.dotomi.com/match/bounce/ Frame 642C 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.158.223.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams02-nessy-float2.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:07 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
match
events-ssc.33across.com/ Frame 642C
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2157052752319994568476
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2157052752319994568476&ts=1684786867&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2157052752319994568476&ts=1684786867&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:07 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:07 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2157052752319994568476&ts=1684786867&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.js
eus.rubiconproject.com/ Frame 2618 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa403d9a9b7b752d058f087bf7afe7377ed73c7700fb5c7cc271661ec043e737

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:21:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2023 02:03:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20560
Connection
keep-alive
Content-Length
10085
Expires
Tue, 23 May 2023 02:03:47 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 2618 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LHZALGD8-16-14RL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pd
google-bidout-d.openx.net/w/1.0/ Frame 5347 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gmanetwork.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 22 May 2023 20:21:07 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
setuid
prebid.jixie.io/ Frame C57D
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid.jixie.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_...
  • https://prebid.jixie.io/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=852d591c-0ca6-422a-bad4-c466ea7b6833
86 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.jixie.io/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=852d591c-0ca6-422a-bad4-c466ea7b6833
Protocol
HTTP/1.1
Server
119.13.101.41 -, , ASN (),
Reverse DNS
Software
elb /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partnerrsc.jixie.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:07 GMT
Server
elb
Vary
Origin
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
86
Expires
0

Redirect headers

location
https://prebid.jixie.io/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=852d591c-0ca6-422a-bad4-c466ea7b6833
date
Mon, 22 May 2023 20:21:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 8A6E 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4605825&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b7355844c5e3946fdcd19c20fa3b216c638f113660a82506289eeccb714f655a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 22 May 2023 20:21:06 GMT
content-length
1345
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame FFFA 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=82334AC2-ACE7-4C10-A065-4F70405E53CF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 22 May 2023 20:21:07 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 4F64
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=161g5a3kd6cw
42 B
331 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=161g5a3kd6cw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Mon, 22 May 2023 20:21:08 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=161g5a3kd6cw
lws
121
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
1
Pug
image2.pubmatic.com/AdServer/ Frame 5DFF
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVQQRbaUgMVWQjWQY&gdpr=0&gdpr_consent=
42 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVQQRbaUgMVWQjWQY&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 20:21:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uroLIz3lVQQRbaUgMVWQjWQY&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame D769 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 22 May 2023 20:21:07 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
generic
match.adsrvr.org/track/cmf/ Frame B3C5
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5550509731
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5550509731
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 22 May 2023 20:21:07 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 22 May 2023 20:21:07 GMT
etag
RXa781c553546141a892dc22cd95564c49003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5550509731
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame 8BA3
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D108878FEE5747388D74D90E74FC83F6&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D108878FEE5747388D74D90E74FC83F6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 22 May 2023 20:21:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 22 May 2023 20:21:07 GMT
expires
Sun, 21 May 2023 20:21:07 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D108878FEE5747388D74D90E74FC83F6&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
merge
ce.lijit.com/ Frame 53DA 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=82334AC2-ACE7-4C10-A065-4F70405E53CF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 20:21:07 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
mw
mwzeom.zeotap.com/ Frame 8A6E 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=82334AC2-ACE7-4C10-A065-4F70405E53CF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7cb7c382ca999164-FRA
access-control-allow-headers
*
content-length
95
info2
uipus.semasio.net/pubmatic/1/ Frame 8A6E
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=82334AC2-ACE7-4C10-A065-4F70405E53CF&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipus.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=82334AC2-ACE7-4C10-A065-4F70405E53CF&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipus.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=82334AC2-ACE7-4C10-A065-4F70405E53CF&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipus.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=82334AC2-ACE7-4C10-A065-4F70405E53CF&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
50.57.31.206 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:08 GMT
Frontend-ID
3
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 May 2023 20:21:08 GMT
Frontend-ID
10
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=82334AC2-ACE7-4C10-A065-4F70405E53CF&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 8A6E
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=82334AC2-ACE7-4C10-A065-4F70405E53CF&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=5dd9106af54dc4d3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 20:21:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 1B99 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36574606&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 22 May 2023 20:21:07 GMT
content-length
47
content-type
text/html; charset=UTF-8
setuid
user-sync.adxpremium.services/ Frame 36AD 		86 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=82334AC2-ACE7-4C10-A065-4F70405E53CF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
86
content-type
image/png
date
Mon, 22 May 2023 20:21:08 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&kq=1&lo=0&qs=1&ak=https%3A%2F%2Fwww.gmanetwork.com%2F%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F-&i=GMANMI_CONTENT1&ud=false&qm=0&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ7Ry%5ETm_h%25G3%3C8%2BNT6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BmxAkmP%3DK%5B*xp%23Vl358YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=4&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=5550&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&fy=268.8125&gp=277&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&f=0&o=3&t=1684786857825&de=269386377295&cu=1684786858088&m=10674&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=277&le=1&gm=1&io=1&ch=0&as=1&ag=10172&an=5372&gf=0&gg=0&ez=1&ck=1195&kw=1135&aj=1&pg=51&pf=51&ib=0&cc=1&bw=10172&bx=5372&undefined=1&ci=1195&jz=1135&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&em=0&en=0&bu=10112&cd=5312&ah=10112&am=5312&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3APhilippines%20detects%207%20more%20Arcturus%20cases%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=67779671&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gmanetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:21:08 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 22 May 2023 20:21:08 GMT
setuid
user-sync.adxpremium.services/ Frame 150C 		86 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
86
content-type
image/png
date
Mon, 22 May 2023 20:21:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d31qbv1cthcecs.cloudfront.net
URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Domain
oajs.openx.net
URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&rid=esp
Domain
d31qbv1cthcecs.cloudfront.net
URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_c_WsMdor47caJFghw-8k0syhaUFWInb8wgvMNBXc0SLcKtgtKgC9qT0ihShNUPdsBdot1r2SiDAGOgiU_1sMpzUx&sig=Cg0ArKJSzFdwzVOQppYgEAE&id=lidartos&mcvt=1494&p=185,1057,435,1357&mtos=1494,1494,1494,1494,1494&tos=1494,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1323550853&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=b&rst=1684786859567&rpt=180&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhnD_KTxzvPSzqiVpUbBL5eE7EdqKAVxSq5dU7mdyQDvOE2TruXtYDVLiXfmbAirQa1DKiVazEjF1WqQrZ-L_STtMTevoUJ8hH-b2nag1viRwr8MKb&sig=Cg0ArKJSzLsGCqj23YEKEAE&id=lidartos&mcvt=911&p=185,1057,435,1357&mtos=911,911,911,911,911&tos=911,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1323550853&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1684786861266&rpt=119&isd=0&lsd=0&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Verdicts & Comments Add Verdict or Comment

1102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 boolean| credentialless object| JixieScript function| jxHBLoadedCb number| time_interval number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| residual number| refresh_andbeyond number| number number| refresh number| iframes string| machine_rules object| label_adapter_video object| label_adapter_display object| config_rtb object| adapter_rtb_new string| home_country object| adunit_network function| getQueryString_val_new string| sitemainurlandbyeond undefined| andbeyondhttp object| myElementrtbtracker object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult number| netacuitycpde number| width number| height number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size30011status number| size30012status number| size30013status number| size30014status number| size30015status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size1601status number| size1602status number| size1603status number| size1604status number| size1201status number| size1202status number| size1203status number| size1204status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size4681status number| size4682status number| size4683status number| size4684status number| size4685status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9706status number| size9707status number| size9708status number| size9709status number| size97010status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size3206status number| size3207status number| size3208status number| size3209status number| size32010status number| size32011status number| size32012status number| size32013status number| size32014status number| size32015status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status object| label_adapter number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| googletag object| rtbpbjs object| activeadunit object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers object| a9slots object| andbeyondpv number| settimeinter function| bidder_restrict function| callnative function| encodenativeurl function| callvideo function| calcTime function| isInteger function| myTimer function| isVisible function| bidadjust1 function| andbeyonddisps function| addListenerMulti function| refreshBid1rtb function| refreshBid3 function| callback0 object| aff_var number| floorlogic object| bidder_allowed_native object| bidder_allowed_video object| apstag function| $ function| jQuery object| a_t number| m_t number| h_t number| s_t number| n string| domain_name string| base_url string| ncaa_base_url string| BASE_URL string| assets_url string| assets_domain string| js_url string| css_url string| data_url string| dist_url string| resources_env_url string| static_server string| apps_url number| default_zone_id number| zone_id boolean| is_local boolean| is_dev boolean| is_test001 boolean| is_test boolean| is_live boolean| is_duplicate boolean| is_ad_testing string| debate_folder string| gnews_appurl boolean| is_awsdev boolean| isUserAgentMobile boolean| loadHomeFull string| s3_images_url string| timestamp number| window_width string| data_ext string| router string| module boolean| countdown_view string| countryBypass string| preURLRestructArticle string| preURLRestructPhoto string| preURLRestructVideo string| preURLRestructAnalytics string| er_data_url string| e19_data_url string| e19_batch_data string| smart_search_api number| read_batch_zero string| sec_caps string| sec_ad_caps string| ad_keywords number| $initial_zone_id string| $initial_synad object| mrec_size boolean| GLOBAL_THEATER_MODE string| GLOBAL_GA_ID string| GLOBAL_GA4_ID_GNO string| GLOBAL_FB_ID string| GLOBAL_GNO_SEO_TITLE number| GLOBAL_NOT_BYPASS_GA string| GLOBAL_ENVIRONMENT string| GLOBAL_SERVER_TIME string| GLOBAL_GNO_APP_URL boolean| GLOBAL_ENDING_TRAILING_SLASH string| GLOBAL_GNO_PROMOS_DOMAIN string| GOOGLE_ANALYTICS string| GLOBAL_GNO_THEME_VERSION boolean| GLOBAL_IS_ROBOT string| GLOBAL_MOAT_YIELD_INTEL_PATNER_CODE boolean| GLOBAL_IS_IN_SECTION_PAGE object| GLOBAL_FB_ASYNC_INIT_HOOK_CALLBACK undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_73725289 object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedgmanmigamheader860109928859 object| moatPrebidApi string| timezonename object| adloox_pubint object| ignore object| _ object| gno_ad object| gnoAdsScriptCallbacks object| MoatYieldIntelligence function| loadAdUpdatedNaming function| loadAd function| loadOutofPageAd object| footer_leaderboard_size object| gptAdSlots number| adsNum object| adsNumType object| spotxDataLayer function| fbq function| _fbq function| getCookie object| cookieContainer object| GLOBAL_BREAKING_BANNER_DATA object| $story_ads_json number| loadedDFP number| loadedLeaderDFP number| loadedMrectDFP number| loadedInterDFP string| csell_zoneid string| csell_article_tags string| crowdyPage boolean| csell_isMobile object| csellViewsJson object| authors_json object| initialData string| aud_interest number| hasSecondArticle object| storyOriginDetails object| blacklisted_tags string| story_id number| GLOBAL_UNRULY_ID function| createWallpaper function| createFloat function| createMobileRoadBlock function| side_ads_removal function| setWallpaperTop object| google_tag_manager object| google_tag_data object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| scriptUrl object| ttPolicy object| YT object| YTConfig boolean| yt_embedsEnableHouseBrandAndYtCoexistence function| onYTReady object| _dmpesplayer function| _dmDynamicImportPolyfill object| dailymotion object| dataLayer object| EntAnalytics_v1 string| GOOGLE_ANALYTICS_ENT string| GA4_ID_ENT object| current_urls object| current_segment_URL object| EntAnalytics object| CookieNotification string| BASE_DOMAIN object| PortalHeader function| Cookies object| jQuery111103934114438954637 boolean| ENABLE_SSO object| ggeac object| google_js_reporting_queue function| formatAMPM function| htmlEntities function| htmlEntitiesDecode function| applyEllipse function| convertToSlug function| restore_default_meta function| is_mystream function| getAjaxData function| reverse function| isPreURLRestructContent function| isPreURLRestructContentAnalytics function| replaceProtocol function| modsecify function| urlEndingTrailingSlash function| getUrlQueryParametersObject function| getUrlQueryParametersString function| isNcaaTag function| toTitleCase undefined| ie number| lst undefined| original_title string| original_url function| scrollClose function| closeBurger object| dfp_zones object| dfp_details object| _gaq string| story_link object| xmlhttp object| rtbpbjsChunk object| _rtbpbjsGlobals object| ADAGIO object| mnet object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ boolean| apstagLOADED object| apscustom object| _aps object| __ctcg_65349_0_exec undefined| google_measure_js_timing object| Common_ScreenSizes object| adsTracking function| domainReplace function| scroll_ticker function| adjustTickerWidth function| bindGlobalBannerGA object| transition object| mobile_transition number| top_ticker object| BREAKING_BANNER function| moment function| interact object| CUSTOM_ANALYTICS object| gno_new_ads object| moatApi function| onMISReady object| _atrk_opts number| BOOMR_lstart object| _qevents function| fbAsyncInit function| gtag function| isIE function| createDomForIE function| hasClass function| addClass function| removeClass function| slideDown function| slideUp object| keywords boolean| intermittent_displayed number| isclosed function| pushDownScroll undefined| pushdownHeight object| PermanentURLStructure object| PermanentURLStubComposer function| social_ribbon_click object| EMBEDS function| stopProcessJustIn function| processDisplayJustIn function| constructJustIn function| preprocessDisplayJustIn function| getJustIn function| getTaggedJustIn function| formatTime function| convertDate function| generateTaggedJustIn function| generateJustIn function| justInContainer function| justInEvent function| trimJustIn function| bindJustInCustomGA function| addslashes object| IMAGE_PREVIEW_CONTROLS string| glanceETag function| atAGlanceCall function| atAGlanceGenerateContent function| resizeIframe function| atAGlanceGenerateContainer function| atAGlanceBindCustomGA undefined| justInData number| justInProcessedTimes number| justInDisplayed undefined| justInIterator number| mTrim number| dTrim number| equation object| justInETag number| carousel_page number| multiplier string| containerOverride object| JUST_IN object| TRENDING object| carouselETag function| carouselCall function| carouselGenerate function| carouselContainer function| featured_rotate function| carouselBindCustomGA string| trackingEtag function| trackingWidgetSlideshow function| trackingWidgetCall function| trackingWidgetGenerate function| trackingWidgetContainer function| tracking_carousel function| bindCustomTrackingGA object| trendMostShared number| crsRender number| scr number| csrsellContainer number| csccount number| cofst number| crsHandler number| crsElemCount boolean| csellInitial number| csellAjxBind number| csellStopRender number| csellDrawer number| ads number| removedWidgetHeight number| calledMrec number| calledButtonAds number| calledGAds number| loadedWidgetCount number| mrecInit function| isMobileDevice number| csellMrecCtr object| CROSS_SELL function| getStoryArticlePercentage function| bindRelatedContentCustomGA object| GNOGalleryUtils function| GNOGallery function| ScrolledGallery function| SliderGallery number| related_content_ads function| _relatedContentHTTPCall function| relatedContentCall_ function| buildRelatedContent_ function| buildVariables object| SRA function| onLoadQuizIframe object| DailyMotionStoryWidget object| StoryRibbonWidget function| BTalk object| AUTOMATIC_TAGS object| MOST_POPULAR_STORIES function| GNOStoryAnalytics object| Footer_Leaderboard_Main object| crowdyEmbedId function| StoryBuilder function| Story function| articleBodyProtoUpdate function| storyRelatedContent function| computeOutstreamAdPosition function| isYoutubeEmbed function| appendYoutubeAdConfig string| referenceArticleId string| nativeArticleFlag string| nativeArticle function| StoryManager object| Handlebars object| Rx object| GNO_STORY_GA_EVENT_PARAMS object| currentStory number| currentCtr string| first_article_url object| FloatingActionButton object| BaseVideoPlayerClass object| DailyMotionPlayer boolean| gnoCheckPrefixTest string| updatedId boolean| moatYieldReady string| url object| googleToken object| googleIMState function| processGoogleToken function| setImmediate function| clearImmediate object| ID5 object| pbjs object| BOOMR object| BOOMR_mq object| FB function| quantserve function| __qc object| ezt object| _qoptions object| signal_decrypted object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo object| Criteo_identitytag_135 object| __uid2SecureSignalProvider object| __uid2 object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 object| MoatContentInfinite_gmanmicontent461752070830 object| gaGlobal function| SUPJQ object| Zoomd object| SphereUp number| current_time number| refreshval number| number5 object| __buffer function| initWidget undefined| define function| initTapPlugin function| trackApi object| related_content_params object| $mrec_container string| GoogleAnalyticsObject function| ga number| google_unique_id undefined| uuid object| stlib function| _$d function| _$d0 function| _$d_ function| _$d1 function| _$d2 function| _$de function| _$dt object| _all_services boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus string| customProduct string| stWidgetVersion object| stButtons object| stWidget boolean| sop_pview_logged object| ShareThisEvent object| stLight boolean| st_showing object| gaplugins object| gaData object| globalZoomdUAParser object| detectZoom function| UAParser function| Fingerprint function| init_hash boolean| showHoverbarReskinned boolean| isEsiLoaded boolean| stShowNewMobileWidget boolean| isMobileButtonLoaded boolean| stRecentServices boolean| iswhatsappCustomButton boolean| isKikCustomButton boolean| stIsLoggedIn object| servicesLoggedIn object| stFastShareObj boolean| useFastShare object| stButtonsLib function| Shareable function| shareLog undefined| __stPubGA object| async_buttons function| foursquareCallback function| __stgetPubGA function| plusoneCallback string| typeName boolean| openWidget function| zdLogger number| custome_axt string| temp number| sizeunfill300px number| sizeunfill336px number| sizeunfill250px number| sizeunfill0px number| sizeunfill600px number| sizeunfill728px number| sizeunfill90px number| sizeunfill970px number| sizeunfill320px number| sizeunfill50px number| sizeunfillgoogle number| flag string| id string| pos1 number| sponsorandbeyond728 string| test object| id1 number| status_bad string| aff number| len number| width1 number| height1 number| width2 string| text object| andbeyond72811 number| flag_active number| visible string| zonename object| labelnew string| device object| restrict_bidder object| temp_ar object| temp_ar_new undefined| temp_ar_new1 string| keyname_new string| label_temp object| keyname_temp number| m string| temp_val number| widthidandbeyond72811 number| heightidandbeyond72811 string| adunit3 string| temp_caps number| flagvideo number| sponsorandbeyond300 object| andbeyond30016 number| widthidandbeyond30016 number| heightidandbeyond30016 function| getStyleProperty function| getSize object| eventie function| docReady function| EventEmitter function| matchesSelector function| Outlayer function| Masonry object| core object| global object| System function| asap function| Observable function| Dict function| delay function| externalContentLoader object| logCustomParamsByContType function| hidePlacement object| zoomdWebpackJsonp function| zdTopSearchesWidget undefined| jQuery111103934114438954637_1684786857173 object| sas object| apntag object| _ADAGIO object| zoomdWidget object| zoomdExports function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__fetch function| __zone_symbol__legacyPatch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__setImmediate function| __zone_symbol__clearImmediate function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__messagefalse string| mediaType number| success number| timeflag string| idnew2 number| knew number| j number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| pos number| passiveads6 number| activeads6 number| time_refreshunitads6 number| nextnumberads6 number| newflag number| diff number| flagnewone number| passiveads7 number| activeads7 number| time_refreshunitads7 number| nextnumberads7 number| passiveads8 number| activeads8 number| time_refreshunitads8 number| nextnumberads8 number| passivedivdesktopleaderboard1 number| activedivdesktopleaderboard1 number| time_refreshunitdivdesktopleaderboard1 number| nextnumberdivdesktopleaderboard1 number| passiveandbeyond72811 number| activeandbeyond72811 number| time_refreshunitandbeyond72811 number| nextnumberandbeyond72811 number| passivedivgridmrec1 number| activedivgridmrec1 number| time_refreshunitdivgridmrec1 number| nextnumberdivgridmrec1 number| passiveads4 number| activeads4 number| time_refreshunitads4 number| nextnumberads4 number| passivedivmrec1 number| activedivmrec1 number| time_refreshunitdivmrec1 number| nextnumberdivmrec1 number| passiveandbeyond30016 number| activeandbeyond30016 number| time_refreshunitandbeyond30016 number| nextnumberandbeyond30016 number| passivedivdesktopfooter1 number| activedivdesktopfooter1 number| time_refreshunitdivdesktopfooter1 number| nextnumberdivdesktopfooter1 string| myScript function| getParameterByName string| myUserID object| ifrm string| partialUrl object| andbeyond30017 number| widthidandbeyond30017 number| heightidandbeyond30017 object| ONFOCUS object| __zone_symbol__blurfalse number| videoflag object| ampInaboxPositionObserver object| __zone_symbol__resizefalse object| ampInaboxFrameOverlayManager object| __zone_symbol__scrolltrue object| __zone_symbol__resizetrue boolean| msgData object| __zone_symbol__scrollfalse function| jxloadJS object| jxpbjsChunk object| jxpbjs object| jixie_o number| lastTrigger object| jxtrkr object| jixie_p number| passiveandbeyond30017 number| activeandbeyond30017 number| time_refreshunitandbeyond30017 number| nextnumberandbeyond30017 number| BOOMR_onload string| baseURL object| GoogleGcLKhOms string| context object| videocode string| idnew12 number| videounit string| contextvideounit object| google_image_requests string| messageSet object| __zone_symbol__messagetrue object| criteo_pubtag_prebid_132 object| Criteo_prebid_132 function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

155 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: cYo3AVT7IqA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: MKrtleomPXo
.dailymotion.com/ Name: dmvk
Value: 646bcea965b90
.dailymotion.com/ Name: _TEST_
Value: 1
.dailymotion.com/ Name: ts
Value: 532374
.dailymotion.com/ Name: v1st
Value: 700132ba-a252-4ca4-b4ed-af12cca1b69e
www.gmanetwork.com/ Name: _rtbpbjs_userid_consent_data
Value: 3524755945110770
.gmanetwork.com/ Name: _fbp
Value: fb.1.1684786857604.503008083
.spotxchange.com/ Name: audience
Value: 2953a7a6-f8de-11ed-a7f5-11372f1a0406
.gmanetwork.com/ Name: lotame_domain_check
Value: gmanetwork.com
.criteo.com/ Name: uid
Value: 3466de26-7c85-4206-8c80-ccc1d94890e1
.gmanetwork.com/ Name: _ga_TQZBRMKGV4
Value: GS1.1.1684786858.1.0.1684786858.0.0.0
.quantserve.com/ Name: mc
Value: 646bceaa-3dfc6-1393d-62ef6
.gmanetwork.com/ Name: __qca
Value: P0-242629714-1684786858045
.gmanetwork.com/ Name: _gid
Value: GA1.2.1059052617.1684786859
.gmanetwork.com/ Name: _gat_gtag_UA_242242_2
Value: 1
.gmanetwork.com/ Name: _ga_J329KM2X1X
Value: GS1.1.1684786858.1.0.1684786858.60.0.0
.gmanetwork.com/ Name: _ga
Value: GA1.1.1519667749.1684786858
www.gmanetwork.com/ Name: zdSessionId_84092033
Value: 51717dae-9d0a-46f9-a416-ed4b864754c0
www.gmanetwork.com/ Name: 84092033-ehtoken
Value: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=ctf5qEDotz3IIxzAtGIZJk0i%2ByS4R%2F6x1h7gT%2BRDwEo%3D&se=1684787505&skn=all
.lijit.com/ Name: ljt_reader
Value: GsJkuBZHeFaBMTq_RMOrVZ6q
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.betweendigital.com/ Name: tuuid
Value: 9a8e4399-ebd0-528e-8f8b-4362ebe08dc9
.betweendigital.com/ Name: ut
Value: ZGvOqwAB-9BPakl7VFUHPbQRA_RmA4knojNYCg==
.rubiconproject.com/ Name: khaos
Value: LHZALGD8-16-14RL
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EjzhFqQzHMfrTpcd3HBZZ775PzI6EyVJjkkIUeXzf4l4bkM152UectWMhTY4XO9ZU/lCEKA2wLvv2jYHTlS9mMvM8Px8Ca+sv+yqVI1k5poNA==
.gmanetwork.com/ Name: __gads
Value: ID=ae4339fd1a8e2bb2:T=1684786858:S=ALNI_MYWVV2eWGPukJpGO-KAdra9cPb77A
.gmanetwork.com/ Name: __gpi
Value: UID=00000c1a0f056c2a:T=1684786858:RT=1684786858:S=ALNI_MZSS7SIszxinLBjmAYzXmOIwa1eHA
.prebid.a-mo.net/ Name: __amc
Value: 2_1684786858_1684786859
.doubleclick.net/ Name: IDE
Value: AHWqTUnaV12PulwIuvhx_6FH7AnFsxz8dqq39Oh9EX3aZfklofcd4LhwuOrCejtH4lc
.mathtag.com/ Name: uuid
Value: 1990646b-ceac-4e00-af76-c19142a94aff
.mathtag.com/ Name: mt_mop
Value: 4:1684786860
.bidswitch.net/ Name: tuuid
Value: 852d591c-0ca6-422a-bad4-c466ea7b6833
.bidswitch.net/ Name: c
Value: 1684786859
.bidswitch.net/ Name: tuuid_lu
Value: 1684786859
.doubleclick.net/ Name: DSID
Value: NO_DATA
.awin1.com/ Name: awpv11354
Value: 412871|1684786860|2aafdcf2-f8de-11ed-afd4-223664211a24
.awin1.com/ Name: AWSESS
Value: 377129:2470185
www.conrad.de/ Name: HTLP_timestamp
Value: 1684786860170
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: 9i7Sx.rzKN_ue6WqnxiFtWg0iXVB.QG5F3kxCf_nxJ8-1684786860-0-ASnQn7DRVTyrq5XpCsjxhmklkuHB3M0Cz2cOD0YKxmUOR5ZR3Pcg+vSXZaihNzfA5EwMCK6wxzfmmznQaHsCu4c=
.blau.de/ Name: nscT486
Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjg0Nzg2ODYwdmxlYTFkZTIwMjMwNTIyMjIyMTAwODUxODI4NjQ0NjdYMTE3NjYzVjEyMjUxMzExMDZNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NjYz
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023052222210085182864467X117663V1225131106MSreach_SUBIDTEST_view&wfid=117663&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjg0Nzg2ODYwdmxlYTFkZTIwMjMwNTIyMjIyMTAwODUxODI4NjQ0NjdYMTE3NjYzVjEyMjUxMzExMDZNU
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY4NDc4Njg2MHZsZWExZGUyMDIzMDUyMjIyMjEwMDg1MTgyODY0NDY1WDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRZWDFIcmYxNXNwQnBIVkg5SGV0UXRSUjhjQVQxVDZtSHJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTIwMjEx
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023052222210085182864465X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY4NDc4Njg2MHZsZWExZGUyMDIzMDUyMjIyMjEwMDg1MTgyODY0NDY1WDEyMDIxMVYxMjI2MTMyNzAyT
.jixie.io/ Name: jxuuid
Value: 2b1666f0-f8de-11ed-81c7-e19a8d3fb1b3
.jixie.io/ Name: jxuuids
Value: 1684786000-2b1666f0-f8de-11ed-81c7-e19a8d3fb1b3~1684786860
.gmanetwork.com/ Name: cto_bundle
Value: pWeuu19aeUdQMGwlMkYlMkZkNXp1NUlGVXlyamg0RCUyRk8yayUyRk0lMkJ3YkxtMzFTMkxhbDFxR0hVZkFLSzh4ZmFHTFpOTXhaWVZhcjdzaEJSWmtRU1l4N2VrJTJCSFhoZHlrNkUxWlF4Uk5vdEdwRURRanRtNUdFaGFzSXg5eFFUTzd6aSUyQnhET2NqSU9YZmRRbzk0cm5IbXlSbkJxQjFTdkljdyUzRCUzRA
.lijit.com/ Name: ljtrtbexp
Value: eJxdj0sOgDAIRO%2FStYsiFBivZry7aW1imOXLwHzuJu0ST8vQ0%2B1oiMUDcJt8VgypbEq6f6wQnyz0D%2ByAPxDIepO9sjhlgu6pQxrxICa%2F5MnkN3I31t6X7sRRN4M3lz7PC948SjA%3D
.openx.net/ Name: i
Value: 51ae2419-3b03-0ac1-390f-98a241dae42e|1684786864
.creativecdn.com/ Name: u
Value: NYdZ4MWG7iS7PNntBVVu
.creativecdn.com/ Name: ts
Value: 1684786864
.openx.net/ Name: pd
Value: v2|1684786864|gekin0vNiygu
.ads.pubmatic.com/ Name: KCCH
Value: YES
.lijit.com/ Name: _ljtrtb_43
Value: 1lAoUYMBf1LNV3pVg1IzAtNdLVfNUixWhlIfMaaV
.simpli.fi/ Name: suid
Value: D108878FEE5747388D74D90E74FC83F6
.lijit.com/ Name: _ljtrtb_76
Value: eeecc580-7830-0f3b-2465-e6ec5d4ce881
.lijit.com/ Name: _ljtrtb_86
Value: NYdZ4MWG7iS7PNntBVVu
.lijit.com/ Name: _ljtrtb_2
Value: D108878FEE5747388D74D90E74FC83F6
.adnxs.com/ Name: uuid2
Value: 6211424790572879189
.lijit.com/ Name: _ljtrtb_92
Value: 5641317918713889930
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 82334AC2-ACE7-4C10-A065-4F70405E53CF
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156212:2
.pubmatic.com/ Name: DPSync3
Value: 1685923200%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1685923200%3A238_46_166_234_56_251_71_204_233_81_249_220_13_55_214_21_161_3_8_54_22_165_176_7%7C1685577600%3A63%7C1686009600%3A35%7C1685318400%3A2_223_15%7C1687305600%3A203
.lijit.com/ Name: _ljtrtb_12
Value: 6211424790572879189
pool.admedo.com/ Name: tuuid
Value: d34d3993-ae77-465c-9b5f-3e56b5a01cf0
pool.admedo.com/ Name: c
Value: 1684786864
pool.admedo.com/ Name: tuuid_lu
Value: 1684786864
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EBIBGwGGKYEO-TCJiTDNjIEA
.lijit.com/ Name: _ljtrtb_71
Value: 82334AC2-ACE7-4C10-A065-4F70405E53CF
.adfarm1.adition.com/ Name: UserID1
Value: 7236104481632286872
.blismedia.com/ Name: b
Value: 646BCEB0EE21A56063F8FFB0BLIS
.adform.net/ Name: uid
Value: 5609970843254466368
.ctnsnet.com/ Name: cid_f8a16a15beb34333ba5b7070f5572a2c
Value: 1
ads.playground.xyz/ Name: connect.sid
Value: s%3AyPGZHsQi5QHylh6LpfJdQiA2kMeocP6R.kMVYKFRbaV71l0n9r1lmL4AOhJ5hUngEE5aw4JRWYn4
.mfadsrvr.com/ Name: tuuid
Value: 946aec0b-3c4c-426c-908d-15f85e44308e
.mfadsrvr.com/ Name: c
Value: 1684786864
.mfadsrvr.com/ Name: tuuid_lu
Value: 1684786864
.weborama.fr/ Name: AFFICHE_W
Value: FnDBmbwH06UW75
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1684786864
.lijit.com/ Name: _ljtrtb_26
Value: 852d591c-0ca6-422a-bad4-c466ea7b6833
.de17a.com/ Name: guid
Value: 1.6444126673705367398
.lijit.com/ Name: _ljtrtb_87
Value: 946aec0b-3c4c-426c-908d-15f85e44308e
.yahoo.com/ Name: A3
Value: d=AQABBLDOa2QCEAcCdiER5-mAzcWAhOhJQhUFEgEBAQEgbWR1ZOANyiMA_eMAAA&S=AQAAAvGjGqCpzgD9aAGWMdSd50c
.csync.loopme.me/ Name: viewer_token
Value: b8d75447-4612-4b8c-8b86-1b71e90f762d
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2bsk
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:1990646b-ceac-4e00-af76-c19142a94aff&KRTB&16736-uid:1990646b-ceac-4e00-af76-c19142a94aff&KRTB&23019-uid:1990646b-ceac-4e00-af76-c19142a94aff&KRTB&23114-uid:1990646b-ceac-4e00-af76-c19142a94aff
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1268104074114771777&KRTB&23263-1268104074114771777&KRTB&23481-1268104074114771777
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6211424790572879189&KRTB&23339-6211424790572879189
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7236104481632286872&KRTB&23369-7236104481632286872
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: bc4abbb0032c61ca
.lijit.com/ Name: _ljtrtb_49
Value: TnZRYf39dQMR
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6444126673705367398
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-Ef-Wk0SuwZAK-MSXRP2NwBTyk5UK_ZKUQf2Te9Wp&KRTB&19420-Ef-Wk0SuwZAK-MSXRP2NwBTyk5UK_ZKUQf2Te9Wp&KRTB&22979-Ef-Wk0SuwZAK-MSXRP2NwBTyk5UK_ZKUQf2Te9Wp&KRTB&23462-Ef-Wk0SuwZAK-MSXRP2NwBTyk5UK_ZKUQf2Te9Wp
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEJYBdT0Xm_6UrU8WCSB_tQM&KRTB&22987-CAESEJYBdT0Xm_6UrU8WCSB_tQM&KRTB&23025-CAESEJYBdT0Xm_6UrU8WCSB_tQM&KRTB&23386-CAESEJYBdT0Xm_6UrU8WCSB_tQM
.lijit.com/ Name: _ljtrtb_84
Value: c:c8d56fded8ac0ebb42defdc45a078b4e
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZGvOsAAMGou4XQBa
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MrewMDS1sDA3NhDiM9SNMgmMyMo1CAjydTYBAMMdyDYlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmFibmFmYWZiYWQCANqbcDQQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MrewMDS1sDA3NhDiM9SNMgmMyMo1CAjydTYBAMMdyDYlAAAA
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5108559727881588728
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-82334AC2-ACE7-4C10-A065-4F70405E53CF&KRTB&23413-82334AC2-ACE7-4C10-A065-4F70405E53CF&KRTB&23479-82334AC2-ACE7-4C10-A065-4F70405E53CF
.pubmatic.com/ Name: SPugT
Value: 1684786864
.as.ck-ie.com/ Name: CID
Value: 50de53b81874ecc6e845ff26e694d86a160e7286
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-852d591c-0ca6-422a-bad4-c466ea7b6833
.lijit.com/ Name: _ljtrtb_1
Value: 4481141920767445440
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AADH9E7I150AAB-5Gc64Dw
.lijit.com/ Name: _ljtrtb_85
Value: AADH9E7I150AAB-5Gc64Dw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
www.gmanetwork.com/ Name: _jxx
Value: 2b1666f0-f8de-11ed-81c7-e19a8d3fb1b3
.gmanetwork.com/ Name: _jxx
Value: 2b1666f0-f8de-11ed-81c7-e19a8d3fb1b3
www.gmanetwork.com/ Name: _jx
Value: 2b1666f0-f8de-11ed-81c7-e19a8d3fb1b3
.gmanetwork.com/ Name: _jx
Value: 2b1666f0-f8de-11ed-81c7-e19a8d3fb1b3
www.gmanetwork.com/ Name: _jxxs
Value: 1684786000-2b1666f0-f8de-11ed-81c7-e19a8d3fb1b3~1684786864
.gmanetwork.com/ Name: _jxxs
Value: 1684786000-2b1666f0-f8de-11ed-81c7-e19a8d3fb1b3~1684786864
www.gmanetwork.com/ Name: _jxs
Value: 1684786000-2b1666f0-f8de-11ed-81c7-e19a8d3fb1b3~1684786864
.gmanetwork.com/ Name: _jxs
Value: 1684786000-2b1666f0-f8de-11ed-81c7-e19a8d3fb1b3~1684786864
.turn.com/ Name: uid
Value: 4141832342675863258
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a781c553-5461-41a8-92dc-22cd95564c49-003%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4213889936713791194&KRTB&23150-4213889936713791194
.linkedin.com/ Name: bcookie
Value: "v=2&a05cd1df-b867-4473-8090-c0a6c8eaa60b"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODQ3ODY4NjQ7MjswMjEm3XyEeUDQtaVznah21BZGNucuwcM28GYdIBqcqq1Csg==
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2926:u=1:x=1:i=1684786864:t=1684873264:v=2:sig=AQHB6jOjXq9g6AHf884PQqmCBAeBccU9"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a781c553-5461-41a8-92dc-22cd95564c49-003%22%7D
.lijit.com/ Name: ljtrtb
Value: eJwVkc1uFTEMRt9l1kSyEzt2usudn3Kl3hEUOtXtLpNkSqWqsCgCgXh3kq2%2Fo%2BPPyd8B7XAzeItIliQAi1UJqGH4MFjfImVbOGA2kJM3ZG0yeypkMnlfk%2BxenWsshcZ%2BfXu6vx4ulM%2BX%2BzbDNiLSpsZgQbwQMRF0c0smBFXRZZ5ZSJzqJDQFmIWWUd3iGxY6x57QYe8k2KgQXDdIl6t1juJoTRxnMTQimAieDS0CBDyzG5fGKjU232Qt7I9Si6YMdd%2FJlnqUTJxAdKfaSW5kjNPHMMsZGWI8Gb7NnqZfPe3vsV7LE10eb%2BXli3xa395P2%2Faz3%2B9ahq%2Fx%2B8P1cjrwbt3cj%2B0Zz3%2Fi%2B1rutmN9ePn9%2BO31fFxS2nr%2F7qq15swKRtSBgcPtxlLrX33NXChXVex7pbGBfKoZduMy5fYPPpsAWgzyoVyJHGgd%2Fv0HOjVxaQ%3D%3D
.lijit.com/ Name: _ljtrtb_97
Value: RX-a781c553-5461-41a8-92dc-22cd95564c49-003
.tribalfusion.com/ Name: ANON_ID
Value: arnseFNZaiMjAmemFmDgpcEAGjYE6RwTJRpyEfF9SZccAWv30GU6JUCuuIDc6ZbeVm7Zc9m9ZaZa1KqqXHrTkNUhVG
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-773d1981-dab5-51fa-5ca6-1219b1bafdcf.i8KVgC6TV33Z7EAA%2FtPVEhQdbGhCm60OT5kvSzx0W1g
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Adz0Zgdq1UfpcphIZsbr9z9lAlwk.ZUfIHXdbA2tccXY32baHj%2FeaTRXnK5uTC5GP%2FMNYiwU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Adz0Zgdq1UfpcphIZsbr9z9lAlwk.ZUfIHXdbA2tccXY32baHj%2FeaTRXnK5uTC5GP%2FMNYiwU
.casalemedia.com/ Name: CMID
Value: ZGvOsRh41TUd693eQlV4iwAA
.casalemedia.com/ Name: CMPS
Value: 3280
.casalemedia.com/ Name: CMPRO
Value: 3280
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-dz0Zgdq1UfpcphIZsbr9z9lAlwk&KRTB&23334-dz0Zgdq1UfpcphIZsbr9z9lAlwk&KRTB&23417-dz0Zgdq1UfpcphIZsbr9z9lAlwk&KRTB&23426-dz0Zgdq1UfpcphIZsbr9z9lAlwk
.pubmatic.com/ Name: PugT
Value: 1684786865
.audrte.com/ Name: arcki2
Value: gciX7k-m10MSa2lVeYUSiKgMw!20220908!1684786865059!ip#217.64.151.9
.audrte.com/ Name: arcki2_pubmatic
Value: 82334AC2-ACE7-4C10-A065-4F70405E53CF!20220908!1684786865061
.audrte.com/ Name: arcki2_ddp2
Value: gciX7k-m10MSa2lVeYUSiKgMw!20220908!1684786865191
.amazon-adsystem.com/ Name: ad-id
Value: A3Z3GC6__0ApulYuxE-4KSU
.adxpremium.services/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiNTYwOTk3MDg0MzI1NDQ2NjM2OCIsImV4cGlyZXMiOiIyMDIzLTA2LTA1VDIyOjIxOjA1LjI5MTEyMTUwNSswMjowMCJ9LCJpeCI6eyJ1aWQiOiJaR3ZPc1JoNDFUVWQ2OTNlUWxWNGl3QUFcdTAwMjYzMjgwIiwiZXhwaXJlcyI6IjIwMjMtMDYtMDVUMjI6MjE6MDUuMTE5Njg4ODQ4KzAyOjAwIn0sInNtYXJ0eWFkcyI6eyJ1aWQiOiJkMWVjNDRkNzQyN2NhOTIxYjNkNzQxNDQyZjliOTE3ZmE0YjMyNDU5MzRmNGMwZmZiMjhiMGJhY2FlNWQ2OTRmIiwiZXhwaXJlcyI6IjIwMjMtMDYtMDVUMjI6MjE6MDQuOTA0Njk2MjYrMDI6MDAifSwic292cm4iOnsidWlkIjoiR3NKa3VCWkhlRmFCTVRxX1JNT3JWWjZxIiwiZXhwaXJlcyI6IjIwMjMtMDYtMDVUMjI6MjE6MDUuMTY5MTU0KzAyOjAwIn19LCJiZGF5IjoiMjAyMy0wNS0yMlQyMjoyMTowNC45MDQ2OTU3NTgrMDI6MDAifQ==
.audrte.com/ Name: arcki2_adform
Value: 5609970843254466368!20220908!1684786865343
.smartadserver.com/ Name: pid
Value: 2808288672165848493
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AADH9E7I150AAB-5Gc64Dw
.tokopedia.com/ Name: DID_JS
Value: whXLjVU3KatwI4PNvcMEnmtJbv9/MO6n+oCrb0lhNf0=
.jixie.io/ Name: _jxeids
Value: eyJfanh0b2tvIjp7InYiOiJleUpFU1VSZlNsTWlPaUozYUZoTWFsWlZNMHRoZEhkSk5GQk9kbU5OUlc1dGRFcGlkamt2VFU4MmJpdHZRM0ppTUd4b1RtWXdQU0o5IiwidHMiOjE2ODQ3ODY4NjV9fQ==
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADH9E7I150AAB-5Gc64Dw

13 Console Messages

Source Level URL
Text
network error URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://idsync.rlcdn.com/711123.html?partner_uid=07dbbd25-4a7e-4391-9b4f-7e4a47f2d5ca
Message:
Failed to load resource: the server responded with a status of 451 ()
security error URL: https://as.ad4m.at/ad/dr?ed=1j7krcjbpa2k15ya27v1ncnrhtj5nmw1htq9457gbd2wh9yt8c9e8s5k55wpmxkcbgj64txvqxy3xm2dwbh061tj9ctqq1t6xz8s6jqs89ptn7s4gwf16wdgmandqtbzr1ts2hr2qgxr6y6fry0k7nq0h61shq06208fqamgb4scn9b26b8vwxd0p6dhk6fknrct6p5tf9wq4kqrzragaddxgxz9m4apasdjahyc3drc6gzgb97ww8d66m51h0xfwbky4d822ggw78meznc22c2fhksje9qexmsg3w57y19zrr0grm9gj1ytb1gzj6hh3hg5hzqe2jypqddj74p6yp2k7vsgh7vhw1ygmegscb4wx99cem8b5ay98g0b3k4164dqmszj23x56f4p7cbxneg2jga3d440sfk7tqtxjfnft3vasacem&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=76a958e8438986ea4c2fb98ffd04d2bc%2F1539789417791976244&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1684786859869&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kgcqqqa593qqzg7hasqm1btbbjvf2c1bhp7tm34bk2kava2dya8zw7wc6w9ybevj925cxn820npsyvqa2xy8bjfrmja0a2yhk5fj1za6ekcs7yq4yffrn9xdx8zd6v3cx47bpg3xy9xa9hsw1c98w64tgwz7bqk0mngd6b14yay418ba0bve5pc7sksbqarwmtxrzvm8jcv1r6v1gczvcgg076na3k4zjcsj0e28es2t448hfeccab4w9fh9zasb8204vdezrpmyfrexrhg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNl-pq85rZOGWEorPgQe79ZngA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTg3MzEyMTA3NjUyMDIyMzfIAQmpAh5slzvzILI-4AIAqAMBqgT0Ak_QNl0Ut_QCLgdZjpfmuaRsDWODIVectDEIgvXVIIi1k_zioT2KwLh25bDK5VcvdmIAn__l8jh1yzTVmFoXb-KEmqr--pYqDKseSGx2aPTbLBB00LujHrN5YOAdNWsFBWIaaEfg1tLQpiRORBLmVilPoQCcVLuBhnlJz7j7ET_0V35f6HEY-UWbMWhaR1h-Ss7_EZNhaf54trPigIEvu1vVHYCCvXDy8YdtTKNFIURqnoGtoe42PG3kINtOGO1hDCOmETfBdAktQgOjdZW1cAIo3T5kg_z53B4a_AqWi9lbOWY6viRJ2wzLN-Powd73cZq0i39qbrvrTySk8GuRruvGzgOzfJzV04JAoSWug411NIPHYbC-PEOtjCIJAzkFnXcnSh51UxEdEjoDC5CB2R9szMMZYgapLnU2jLjyA4e87TMcr0wV8UgwQZ3rGltY6rXLjIzMd2VUMv3IvznXhQk2jj83AF80-khWLiPv4fRhDBzIrOAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTU5NzAzNjQ2ODI0MTcwOPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vxRPVE6VqbQ506EkVyzP5eZdFrQ%2526client%253Dca-pub-8731210765202237%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3NKa3VCWkhlRmFCTVRxX1JNT3JWWjZx&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=82334AC2-ACE7-4C10-A065-4F70405E53CF&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://www.gmanetwork.com/news/topstories/nation/870676/philippines-detects-7-more-arcturus-cases/story/
Message:
Access to fetch at 'https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&rid=esp' from origin 'https://www.gmanetwork.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fnation%2F870676%2Fphilippines-detects-7-more-arcturus-cases%2Fstory%2F&rid=esp
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
a.audrte.com
a.tribalfusion.com
a.vidoomy.com
aax-eu.amazon-adsystem.com
accounts.tokopedia.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ads.allaccess.com.ph
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
adxbid.info
aorta.clickagy.com
ap.lijit.com
aphrodite.gmanetwork.com
as.ad4m.at
as.ck-ie.com
assets.ad4m.at
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
core.iprom.net
count-server.sharethis.com
cr.frontend.weborama.fr
creativecdn.com
csync.loopme.me
d.turn.com
d31qbv1cthcecs.cloudfront.net
d5p.de17a.com
d99666469a0d.bitsngo.net
data.adsrvr.org
data2.gmanetwork.com
de.tynt.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
eb2.3lift.com
esp.rtbhouse.com
eu-u.openx.net
eus.rubiconproject.com
events-ssc.33across.com
f8a114d1ef52fcfe2db5f7c924839b08.safeframe.googlesyndication.com
fastlane.rubiconproject.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
geo.dailymotion.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hb.jixie.io
hde.tynt.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.gmanetwork.com
images.gmanews.tv
images.outbrainimg.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
l.sharethis.com
lb.eu-1-id5-sync.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
maxcdn.bootstrapcdn.com
mb.moatads.com
mcdp-nydc1.outbrain.com
mp.4dex.io
mug.criteo.com
mv.outbrain.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.adlooxtracking.com
p.rfihub.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
partnerrsc.jixie.io
ph-gmtdmp.mookie1.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.a-mo.net
prebid.andbeyond.media
prebid.jixie.io
prebid.media.net
prod-rtb.ad4mat.net
prod-sb-appanalytics-us1.servicebus.windows.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
prodpsus1.blob.core.windows.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
region1.analytics.google.com
region1.google-analytics.com
related.gmanews.tv
rock.defybrick.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.mfadsrvr.com
rtb.openx.net
rtbcdn.andbeyond.media
rtbdemand-d.openx.net
rtbpass-us.andbeyond.media
rules.quantcount.com
s.amazon-adsystem.com
s.go-mpulse.net
s.tribalfusion.com
script.4dex.io
scripts.jixie.media
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum.casalemedia.com
static-de.ad4mat.net
static-tagr.gd1.mookie1.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
traid.jixie.io
u.openx.net
uipglob.semasio.net
uipus.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
user-sync.adxpremium.services
vid.vidoomy.com
vpaid.vidoomy.com
web.facebook.com
widget-pixels.outbrain.com
widgets.outbrain.com
wrappers.geoedge.be
ws.sharethis.com
www.awin1.com
www.conrad.de
www.facebook.com
www.gmanetwork.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
www.youtube.com
x.bidswitch.net
z.moatads.com
zdwidget3-bs.sphereup.com
d31qbv1cthcecs.cloudfront.net
oajs.openx.net
pagead2.googlesyndication.com
103.132.192.30
104.103.85.46
104.40.187.26
110.238.107.108
114.119.175.30
119.13.101.41
13.224.189.48
13.224.222.16
13.224.225.68
13.32.121.95
13.32.27.22
13.32.99.50
13.32.99.73
135.125.163.79
141.94.171.214
141.94.171.215
141.94.242.226
141.95.98.65
142.250.185.66
142.250.186.70
146.75.118.132
147.75.84.158
151.101.2.49
162.19.138.116
164.92.213.94
167.233.13.224
173.231.178.81
178.250.1.11
178.250.1.9
178.79.242.181
18.135.9.210
18.136.14.50
18.184.88.243
185.106.140.18
185.184.8.90
185.29.132.245
185.64.190.78
185.64.190.80
185.64.190.81
185.80.39.216
185.86.139.103
185.94.180.125
188.42.196.115
188.65.124.90
193.0.160.131
195.5.165.20
198.148.27.139
198.47.127.20
199.187.193.179
199.91.74.185
20.150.88.132
2001:4860:4802:34::36
213.155.156.164
213.19.147.44
213.19.162.90
216.52.2.30
216.52.2.86
23.197.149.186
23.201.255.110
23.206.209.54
23.212.89.151
23.32.184.192
23.32.185.123
23.35.237.86
23.88.86.2
2600:1901:0:76b9::
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2600:9000:2057:4400:1a:ba5c:3900:93a1
2600:9000:223c:a600:6:44e3:f8c0:93a1
2600:9000:223c:bc00:c:3460:340:93a1
2600:9000:2240:da00:2:d490:4d80:93a1
2600:9000:2250:e200:a:e047:753:be1
2600:9000:2251:3e00:3:c04e:c780:93a1
2602:803:c003:200::31
2606:4700:10::6816:1957
2606:4700:10::6816:3456
2606:4700:20::681a:8a9
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700::6811:190e
2606:4700::6812:18ad
2606:4700::6812:372
2606:4700::6812:7f05
2606:4700::6812:bcf
2606:4700:e6::ac40:c112
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:801::2001
2a00:1450:4001:802::200e
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c0c::9b
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:d::d
2a02:26f0:480:980::11a6
2a02:26f0:6c00:1bb::11a6
2a02:6ea0:c700::11
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f083:6:face:b00c:0:2
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::485
2a05:d018:d29:3605:cad5:de8f:a90a:79bc
3.126.160.30
3.126.33.170
3.237.52.215
3.68.25.145
3.71.149.231
3.94.235.119
34.102.146.192
34.102.163.6
34.102.253.54
34.107.148.139
34.107.231.31
34.111.129.221
34.111.131.239
34.111.79.67
34.117.239.71
34.96.105.8
34.96.70.87
34.98.64.218
35.186.193.173
35.190.39.111
35.204.74.118
35.210.53.219
35.214.153.92
35.227.252.103
35.244.174.68
35.71.131.137
37.157.6.237
37.157.6.254
37.252.171.85
37.252.173.215
40.79.44.59
46.228.164.11
46.228.164.13
46.51.163.206
50.57.31.206
51.75.86.98
52.201.82.7
52.220.229.2
52.222.139.112
52.31.89.240
52.46.155.104
52.73.187.111
52.74.44.71
52.95.122.74
54.220.255.219
64.158.223.140
64.202.112.223
67.202.105.23
67.202.105.31
67.202.105.33
69.16.175.10
69.16.175.42
69.173.144.139
76.223.111.18
77.243.51.122
8.2.110.113
8.43.72.98
84.200.5.215
85.114.159.118
95.101.148.20
98.98.134.241
99.84.88.93
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
03a284c7bd7156ca8c83ee1d6ae74ecd32594ee6fa27b4638f7ad17561ea3f4b
03be65abe7d4847e993f62b6fa94244acd0c7b0c2bdec4745bf122f8fe0d237f
05c173701f520cc53fcf2fba4ea74aa600c4daf76ee7d7fc321c1f00c7097603
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0716364e8ffa8710376601b4ab6d0a794b44fc5a09c9d92987ad77f3a8c432a4
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08c81648bcbad3dd665ef330cf7e792f55a7a4dd36468820a8c4412fa15f8e9b
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
09a9984d809b67134760b76217aae89e6318d11e34333c8fefc6c593209db6e7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb2cc51ed094008a0c4720b3086c1c7ddea74192c32aad90439e23c00a64bcc
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c3b56d264497b98c23de724db15b960ca74a22834e829be05ea5de87eb4dc5c
0ca22c3da49ca2ae39e6d39af02e4a8f6220565711d185fd3741d9c30da8be11
0d85d113393f7c37fd881c0175ca072a97919207eb6b46e17ef816dcd414a7bf
0ead89420cb5fc3e3679dd629520ff78aeba70152b9ce150ea675d539b214c2e
0ec45db504776b90801e5cb3c0d74c5091fc3111001af139518966af1d779d25
0f9b4bf0b00b784822061773172d05ce5b6cb16f46d003a4e0fa4cb3d42b65ee
10906b8c7ee290918a54bb5510854a38d276b9419e7f91d3781b7af6aeeaebfb
10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677
115e7d79f79792d43cf85101fd2bb78e7c72890db5d5af08f909a780a9ed0b3e
11c5caed0e010209a0b5ca61124450f9c64d0d3691592f3cc7227b006689e3dc
11d6e70dd675e3ecffff360b6c7ffc8db2e8c10ea5f3d007f0d4a2d6a9f9e9c5
12e1180d7432fed998d28ca94b4a5a1754f846569df8972474ba7fbe3765b233
1330e89c3c4f3caa74516db197c337a24e5b7914c3c1dad696f8e8043085c5f8
139da75dd27ce3e72eb0511df6e68f3a42e8db2b96effb3750a27e2e3dd3167a
147822b96291176dc60c8d2760bf12407e9ee315b8e8fd17889df0b0704825c5
14829d93b1fddff24933e2734dae992d8a79b6ab3ef96ad1ca77e82e1b49136c
1626bb546b447d9ef6b8772bae92b22e6613ef7b65b21444c7efe3437ef48677
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1fe4db8d2b08ecb721ce843b796b2a1a5f651e8ee17fff0887734e7e387a30b5
20f4ca7bc5cb6afa1cecb7b93786f1c4ec733c84bdfc9fadde331a36316e6d36
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13
229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227
230d073230f102ea53a23598b7146a5f381907dede4ebf9bc8f500764bb66b2a
233073d24ab74b28a2f0c051016d0ef42f03d4b57fdf1883874af69e19111edb
255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce
2604f3bdf1f157c3e07e79a0ecbc3c25b274146ff46a5f7393dc207253a42236
263d8060bafe426b7104d74091838266cf2c6028102f28108db28332373bae9b
265b793952dac20ab883221fbaba6d9e5c725ed1b3ff97982f90c15230b516db
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27a0fa1aa88fb190d209a248726417fbcdf8fa1e2cf4ff195328723d35e36cdd
293a3d541e64582a67877ca3f6a9cdf5551b1b1b15d1d91a3f4bf25d1bac2860
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c905617c98925807a6fdf98d7ead4be0f281661de8de7e061af32bbc328eeab
2cc70921afef5cff57318874bdc7ca3139c1198514054d3625a23b6a805d52b5
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2df6f88fe4dda1582c4ed948f60e98765ca33b9daebe54d77a64f701bc1fe903
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e9422dcae50c91ac6103d603a3621effc774cf7c3ba15916710963e742282a4
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a7d118f34c9f11e3c6f41ffee2d3a9c7832507bf8a9c8402a31b028475688b
3243a213014da5e30d17accce5e29848093a294a673ac6b9c2de32f26bce56cf
3277227489dd33365c3d5b41a680fca503f5d7d3bf03d45116ec7f22d563f61b
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad
339833912c6af5e3bb2fb6c593b8ba55da6eec37ea7a88c7cc40211b4c0227f3
341675f90e0fb7952f3627756c96675d9689146ec3a574661e7a2ae4ae61c6f3
345ad66923e7f7b48f86dcc2714e686010a89be0a05450c1984a6f9bd0720526
359501180b779548ad4e1ca74f38b08474350c38bed64ad69b278837d179e792
35fccc04b246dd0a782a707b2437ee552e605d3e573d344d80e082f1aea5a4e6
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3798e16a1a56c520a45d74e7f3c71a1477948fee472f7fe0fbe6fafd217303a5
38233ab29e31449b78ba91b8050baed626739f5b4ec111e72a00faa2ce9a0bfa
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
39ae29fb6a31a660ee8dc4b2d6c0f2053a43f80a645e2327f4078a38e87709d1
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3b5968101e04a0ca713a6789543d6c4b61cb81aa7c4134f22ef2682ae6249204
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3bc2947b3cb9aab23eb5ef3b20b4b80aec5d43f4d4c4ef0717d9a09570fdd3ff
3bd5c300f9b36036a0be212fdb9a6184a192b5559d7d362760741e9c98cbd2d3
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d85bf6dc7e193ba6aba1c7f19fa7cff8480f6a424f7511d30dd93c098fac77f
3d9b4c1e21f076d905f1b85a541dda587ee989d1516f1465c6c6ded005cb99a8
3e031ee2b6307161e852ef731954de0f13930fb0c43596f11ce825aa6a0019a9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4070c1c35c3cb4f19867416e6d9b56926099239caf027ad165fda5fd61c4d7fc
40aee081c093e749a7df384cd8938a1a1d8dac799a2404f259ff68aa4211ed72
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
41e8789d4b2aa90138ffe45cc69fce32d4c2b176b2ad650a5f26120430d1d527
422b46401eee8256bfb8828e8a583960d02bd57e4b457733be691834c72a0ace
42396341ae3c3d0cc59c90dc48397115f409545f964e955b9deceabe50b9aecf
4265686660c12d10f6954d8dec60884933d680f10dd79a4ff7a76c016d62f39a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
442a96a2c8589d5a3df3683032bde591358fdb809e6e87208ba17ab34d5b60f9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a694c659d2f9609cdbaf38c4de99b58d6693fd5ec5ed28aeae462ffe34b109
4795e1f25e93316e38197fb80aef3670e0bf88fc2b0c554248b5d01f3585ce17
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a0d582d5fe3d7621ace0d261d65b09fbe3d78aba232b1692357362cb0cee90b
4b2edb3db33985493dd72e15b6d28e98365211766349de129ba84e34536c2402
4c062e44ef26a7b57ee5e158af4af360561ed6f3d18d96e4c1faa9b69097add0
4d30ab86844b4c9a6189a431da6b6c48721cc5a512dc09873b86000148c53d2a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec18ec190bfb2ecdeefa644730ae63d1f18847a720bf38f710c33d3bfd72b08
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5033ac432d353b520a2c47038b2d92102d1d7135e7b3485632e97e11e0ed3cdc
5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723
51906a46cedc27ed5e349475e3bf0eb36d464f0e642eaad0f3d430f5f89af2bf
51db3dd90f0a2577eda77387fb632bb9444b806e7e0874d07bea434fa03d258e
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b4da1b91cd0532cc8d4b93c255586a286e3dff278bbdb31fca9a45741cdf75
570eb26b1f69dc91b116affae587952ea205228975cec892890a16dab882124f
5769485346b5776172ffd87820541855bd455fb8b2d942a2ba478e0a872139c4
583fe4f751cc9368fc8f17eae9dfac08db4bd7d7c0d20fc963776beca3f52f33
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58eea0dae803ad80cbacd40e53d6d316c5ae0ff8d07f5073f51e948d0012c7b1
5b3b78542673c46b4299265778cc870a3fe7d4bffc70cb1cac9c0e5199432c79
5b88cd0a2be05a47832fcf5fe1569b5b5604386ea686910bd2ec85b1c4477920
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5dae2e8fefe15583d082b2212b7a0fa76d6017107e17737819a0ca10b392e6a9
5ddadabbf40d5ed6cc3b3735f87451e0a5ec1782cec93f338005566ad060fbc6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
6759601d5e5e19a81ee2023cdac7fded05653ab1269de029d3707f1995380d06
68a303bbb7e2a8fcc8e02d3ec0f85127e43c424a38146611b9ebd9092a9ec2a8
6b7e05564f91fc8ac5e933d73eb80f92bc95037220fe493bd7d617bf24d4aa00
6c517b3fe2008f33c42bc5d986ae53c0cd94b991779b9fee255737b27017931d
6d2891aefbef7d34edcdbd40a8e6a8b4b824e0a069b8cb2874b6e12dc3af5407
6f0e7735adfcdf2111bdd4128aeff3912c579c0dd0fb415553327c3da059ab4d
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
6fe3c3849b8d63009dc4c89ff20e418ca4cea135043dd36551a9b9b2af3e41b4
7012011e8cdb2db42b0aca12c14c593d2c28e0daf761bbb795f731e623200ecf
7040f351fa93cddd426c4978c3cd5938173a69efc3365986135fda7da0cb5c67
71a241994394fa6113d383dc5e0e216bd0d5e264905f813fbb9d26c304f87658
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
731a0bda60b0bd5669d40acfdd3b44d969fdb8a1a0d2cbf489dfb4f8f4e1d0f7
743975764d90a29076c15d95f339f6572e7d29829d393b249a5a2bbfd67c6124
745a0cfd6511ebe10755631eba8e109555c7cbd60f3acc939575640ddd1f20d4
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
75ce2841a76eefd1eba1417073a578764c1dec1231e219040e63ca973a2a1ebf
76953f07f1401ff86b5b3467738b53fea6c0dcfb7b96892f1f96c814855e6199
771b1df94b0db9601ce7d8c9b7e0ec390bf2b8fc74dd7b1d9bcdeff89ab13d47
78a46f492f1a658e7f2c84d08adbc95ce68f76eae4cd6533ded80da0328658e2
78fbb9ab53783f6ffdd69e35693fcfdc59009e690feba17c93a07aa6d4d6e705
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7cdbfc4262e966041c8dd26a5ba6996cff3991b180fd01f3d24f726ef4f780a1
7f1a21d182b937b569183172ed61bbc084ced8c79e0d1c0cea671f0221cf189b
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8095e046d436d9957b442dad9827d0289469e91f12cd94f68ffc90198e3b4f31
80a67a582fed34d5f1c3a3cbd37d3fb1866c6f02cd05d9dac1cec59d97be1d07
80bf04026231be761b03042c39ab1c98cd36f95a0e78e0ca22b8fb479cf18bd6
81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5
82037095c748ef71614463ac45bc6891cfa88f1b2f74db856930ca2393d4bf2c
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
82d3c15b3f0cf15ff99308b5d6a06c30e655015220a5faa0c194aebcd41851a5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e29b7925a5ef51e288890214ac016a32e89c87ec89d23cab6203b8345da2a6
87b3e2271b71b1fefe56400637a37ef3fd2a66b84aee860973fa60b839d8262e
881c83b3b2713d24d5b5d0c45043c5c67e6b1c21a9fc821cab1b5223f3c654e3
89919930da4c7d0f027496907625bb5d97db45b07ca75582ca850b72cad1a44b
8a2153745009222f56c15f7a692545853ec35d0b8dbb20f4931a6830fca7c9e8
8af3542745a937d5feab831724fd913a804fed00e6b56298224f93fde0faf463
8b64e6014d44204dad4649d8394429a406f03b2f8ec2150eff55d4f151fc01a3
8b65ffe1a08c37d612eaf808d99c5abd45103e8d987f12a17e4cc236556a2de2
8c01b89d7d372cf34c941c4ab7c688eb0db3090a51ad3609b6089c5de606e630
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da1c00d29da015e536ca3f5fbb6c127376d3d0799b1a22254a121e789d5d88c
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8ffd7a1a980c9042363af0f2ace2cd50ad742e62f5357e4b57da1606e57e85a0
902ee65306370b84a40105297672ab05a4a8451e66d33123c7349d48d7715f67
90b531a21662d29435600aa84fd99c6d94a5c662b685d0bf4a3285d0866d40bb
90e447211d52627783bae197748c8caedaf93898d88c9b6bc382dc7de9d629df
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
937fdab3409538bd4f6164b79c2caf886f7bb6170fcc37d9bb2fa3c9c010940f
93cb662c97bc64a3dd58d587090d711213b3d60b0d938b9cade474edc3406f27
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
9690134dfbe466baf2804453076b858ccc2553dd42212a4f8b3c2d8b4e4e2db6
96b6b4dce8db6455fb7171fa014a4f4f96d15e05ec4d754b890d08c33f749b44
975142aa3fc6729557cc28f47ccf1923d976ca6ad97f525234ac8bf696838d36
975c6d6f40a49af07ff3a2b8cdb81b44ec70958b8109efe0dabbf1ccf47a7cc7
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98e575d2b309700db2d9b0d762d2adb5604b28ee50484c6eba0af050cef6c952
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0e5d24653f21f0938d998c32a747f7542f65cfb073b4aed33601a2991fc6c6
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9d566d5a66973cf49495579c828f81361d994a2b2e42690b5824ef1fd7803227
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9eea639fd87c2c58693da4caa5ea41b721993882d2d15b305b9f747a7072eb90
9ef1e5267f753165f8dd582205b3d562f90ff47bccbd2a6c81b22b557643ac0f
9fb974b84a129972abbd1e2e5cfdf685cab5f6f22d881adf3845bc73b43eb4ad
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5305e00f72123f81c8d7bf9016797c7c161b7d73a28cb4037425c93d5c50214
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a8d7dd3d0f542193a701e4c31d29bacfde4d6877c5adb0c6d3560b8bdc68a474
a96945fcf42fbe26503b3fce1f71fa301d6baf00630438f310806fd456b88407
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad09eb4f381f7bdd2df06a98dde61dd1a8d88c01170865914f972ceefcc45037
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad6f29ca8a46fd6ceea1d1ccbd28f0bcf41ae8193ca25369da72d1212bba73b4
adb134528cf48f29643682c120df6ec011669a6b27f4cb912a45425b65e81047
afbfe8e368a2051af8391ea4c832a3d1e6784c254621e2bedf3e20b241164fe7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b164203cf2d3dafbbd8fcbcda03aaae8ab54af7a1fb1ea25808f6fca759b7357
b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170
b3157918e1c32a79d03052639983417863f29c63da4eea6a49e5fc2c50149059
b3ad2deeb0ecfc78350839b666a3ab1a00107ba099f0304de0ba395e4250ec96
b4ab3afc167a24f795563b7a51fae8dfbe6efc232ccb2e2add52dacc59cec3e3
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5c36e70496091a557a991de32741b9fc1fc883a97f62f848243a1779af9347a
b60d31e87f46e64be5c43997e8deda163ff9934c5a21d4f24381ad534459ca78
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
b7355844c5e3946fdcd19c20fa3b216c638f113660a82506289eeccb714f655a
b7506715d8ff403a7e4a56b46e757ecd12c8a59e4c48d8f0478b62186f51bb1a
b95a6bb43aa1a14777c279a6b49ff98cb5e5ba33433ce28a5d5b0bfca28e91bf
b96df4aa53fdf791629e39450f0121542acdb829e61f841393ed4442e534c7c8
b9ca5cfa847f2db04af493f6efa8cd2450766c592cb2b392a62bc69fde2dddcb
b9d05101f668fd34e286aee0110b79ba23375caa3b09a7b718b29d19152a439e
ba057bcd64ba8cee97b0053d18101cf37f4dac5cfbc24aa94f8fb1fe46138485
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb7329956ee55ce3b93fd58606d30fcc6321af9cc5e8fc24185890a9c6d06eff
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
be5f6fd8b50af270bb595d34bd5850633d25ef4353645c297864aa7bd3133330
bfce1c6391bb27b316ac8ddec83525caf9cb50566c1fc11bb3e84aa64e225b39
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c12f245c95c1dba9e2d0f5d02afcaa8ac837c27aeff17a19397f1924c4169b85
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2260a0c10c2fa8903fab19e7b218e5727e4e2ab04b5a68fec7fa9a2a0753a77
c2457ccf5de8290b95814122470e5fca46a7a27e19836d516645821a7f4fb02a
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c34ad7adb26e4f2176c852f623d4f110a7bbf7bcd9bd9cdc45ff7a8fcb62de0b
c42d6ce4f1cd8d3f0361d8b67c24f9024c7efe81bfbac8a7e399bd11a405a388
c53711e5457b35d6dbe17c261c14b6e905f62c66fda46fe39b8b9339051d87fd
c6cf5572d330c48ded59c2e625cf42b167ccc4119b3d7391440c2defa931a8b0
c705c6d5825d894ea70278cfc33854241f8f50bfc0817f95da6c5f8f050cf58c
c762d27c5c244f9d543271795ce8a39ee5cffc2359cde2f59b5527820c3ef58d
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c81f5b73270c9a90122a5b2b9038a925e15aa450ff1625c6a5ed0f1059754289
c84f5c94fec8629693e4bbb5d8c6810bdeee0f88ae60703782c583d3dbcf6469
c909c28a92bf7b48807218b7eb333d2e6700bd123064a9625b63e36764ae3d91
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
ccd6cbc25376ef043dc9981e5a6280688a236039d3a83bf7b7f9b6fc1404ea1e
ccf31bcb7b2a07a4adcc4839fb1622e966485019c0db8ee1e4e03acbc569e344
cd1d9904a85f86f09bdb32845a7f98868a03d28c10ebb284cd12a8f4a47b21c0
cd8e8ada9ef7f1fdc949ffc2066927b1eaae367e669027300df3cb2830b8a104
ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf88c621b1c8d8418a771b8b0c0ac3ac5d3090eeb677a13fb9b21c8bae46ffff
cfa39aeae63778e6e16ff300b3c92952f5d55dda6d036b53c306863f8156c15f
d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8
d11b07859fd9c556a2e9382897ff4d5bb2a811327a3f75e95b071f6804d3f52c
d204c3f2472adebb7432052f9ba519bb403ff213a48525d0d01037514d18e6e1
d250cdc5c686635954c65f30336eb510149a52713c5489c1b31c17e3fb0474ab
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
d362b60418a5963fe304088ba49ebdc91d1a9279c47ae8a044ddfbee6f52eccd
d3c25479d7c2977020822fb709b73ef277fe1bdf7d18ae1cd15af9f8c097e504
d44431f242eb5a8eedb6c603382f7a7a6f2389f253d3fa18fdee940f19cf7048
d46b7712943d14b327830c345926bdb29d127f75dfd28105dd88b5f0293981b7
d59c24b766c8088486b920c1c36e1b3576cd415528dc01a486d3d97c776a2c8b
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
d7bc96f153ac5033f5e2606a0e005f34576b523350d315478b5dfcb6c638ebc8
d8655ae9f9f536c5a94a5d219a58c34300619c1cd9f462a941d9b15993b32e40
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df2f130ebaf879966d5e5e8e8623f57a217befe98549db88445fea1e2e1a5797
e148913e99e99618ed4ad7bf64bf4f11a1e6d79ff1217b1448467457e406341b
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2b25c970973ba4ce825a2fa689b0498c4ccafd8e652027004302b657ca739b0
e362a1e3d92a5cbd936c2ae0460c62af5f231a2edadd05034e13e6b0ee9b1f81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48cc4cf8eb3beb05c3bb4134506241bee34991f71e09f1189a2657d4cf049da
e5018d5569c0c42f79e1e328bb38970d99db37f953c4f808914df067c48646cf
e52e925a8adc7802a757abd47d2563f63ffaf1f78cf9d88f03fe89ec525bb40e
e555151e63c492ea4f05ecedbcaf488acecfdf147d814e1920bcef9b028968ab
e6017bdf5d16d3357b1bf6848ef88af9389a7cb3b4e54f5a8a276676bb0efb65
e6532a8b6dd0e714f80f56ceb0958a345d537a0b34838125f5b7e3f6552907ad
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8dfe376a7edf2182420cdebe2a59189c015d31444851f4d5c43c05366288fd0
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea96266b9479835bc7b332c015ac49074268a52df9b1f8d794d55e8f31c00ecd
eab2d0e498b7cc465f38912396499533252df9f9cc48efeb0c8b2f1150ff63f6
eb974a43fedad70d50e255493403f306ee5ee2ea9c20dd47ba4c3d3760538d0d
eca20419d94311e5a49971e72cc9d0db29c36634c77e2e59257fcb118bf14596
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eea12af431c4a89deb740d731786836cbd7024739b2ca6b36a3a3bf633cbb4bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f003c95b947f9138b842cd73ac71a89b5666a2ab200f39fb2414176c9e0c0ff7
f14815445e508750359beaa20732b2f3f2040f8ebcead3377b9a53b14605d4a6
f1d10634fec833e6d79130a186feaa41719c81d08679a39f3ec9c5f5d78606f1
f48cb31c5ba706dd8e1c256f2b9d4c4642433f060898b31f4d371d6f28dd75fe
f52d80c8408e1a090992f244fb3a773dc504dbe0db6c2389becc92e69f69d995
f542ad41d6e85f44e6ed2a343c856025934dad4e8a8ecdb979e11204927ecbbe
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f60951ba9632518d04d52f648a4ba56dc54249cb2a095b3e8ea0305f0a3b7f55
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d5614eade664bb8d85611b0ede6dd5b1676d37c2a262a7c87685b41e5bda10
f759cefc88a2c554f946a01dfe2df9521c5c213a63495dd0d2978adf78f171a8
fa403d9a9b7b752d058f087bf7afe7377ed73c7700fb5c7cc271661ec043e737
fb8472babf170b2bfd35cb57a4f573ef0cb5dc0a2a618c14a7a803e1c43a4fa3
fca8824e320710d3cef60fe381654361f8227632ec0c146bb710bf2003eb6d86
fcd9b5232e83a460316b49b7ae2c1bd73222f00167bc9b70adda941919c6be1a
ff048d2d43ca5721e81d143019fc592338253e3d83016fe7750525ed8f5a79a4
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2