www.gmanetwork.com Open in urlscan Pro
99.86.3.122 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.silobreaker.com/e2t/tc/VVyZLb27R9cNW8B1sKc3F-R2JVJvnzy4ql1vbMpKrl_2-HwrV1-WJV7CgVNxW4Yknm7645JnKN6qc4djm3tVhVd7r...
Effective URL:
https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz...
Submission: On April 13 via api (April 13th 2021, 11:18:37 am UTC) from DE

Summary HTTP 647 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 105 IPs in 10 countries across 83 domains to perform 647 HTTP transactions. The main IP is 99.86.3.122, located in United States and belongs to AMAZON-02, US. The main domain is www.gmanetwork.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 10th 2019. Valid for: 2 years.

This is the only time www.gmanetwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	99.86.3.122 99.86.3.122	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
5	2600:9000:205... 2600:9000:2057:8600:c:3460:340:93a1	16509 (AMAZON-02) (AMAZON-02)
43	13.32.25.53 13.32.25.53	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
9	13.226.155.2 13.226.155.2	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	184.30.21.80 184.30.21.80	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	87.248.202.99 87.248.202.99	22822 (LLNW) (LLNW)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
14 59	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	184.30.25.193 184.30.25.193	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
34	184.30.21.162 184.30.21.162	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.155.113 13.226.155.113	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:170... 2a02:26f0:1700:38a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	185.59.220.198 185.59.220.198	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
4	13.32.25.41 13.32.25.41	16509 (AMAZON-02) (AMAZON-02)
5	104.40.187.26 104.40.187.26	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.226.155.109 13.226.155.109	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:e8a... 2600:1f18:e8a:cd02:882c:d916:bae1:7722	14618 (AMAZON-AES) (AMAZON-AES)
4	18.138.18.69 18.138.18.69	16509 (AMAZON-02) (AMAZON-02)
2	70.42.32.95 70.42.32.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
13	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
13	2606:2800:233... 2606:2800:233:9de:380:d6:22cb:12e3	15133 (EDGECAST) (EDGECAST)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1bb::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.21.204.168 52.21.204.168	14618 (AMAZON-AES) (AMAZON-AES)
6	2600:9000:218... 2600:9000:2182:ca00:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.86.3.44 99.86.3.44	16509 (AMAZON-02) (AMAZON-02)
1	104.111.240.100 104.111.240.100	16625 (AKAMAI-AS) (AKAMAI-AS)
21	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 18	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
8	40.79.44.59 40.79.44.59	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:218... 2600:9000:2182:1800:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
2	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
1	13.226.156.114 13.226.156.114	16509 (AMAZON-02) (AMAZON-02)
1	35.174.194.37 35.174.194.37	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	3.122.26.231 3.122.26.231	16509 (AMAZON-02) (AMAZON-02)
2	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
4	18.193.136.3 18.193.136.3	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
5	69.16.175.42 69.16.175.42	20446 (HIGHWINDS3) (HIGHWINDS3)
2	184.30.20.91 184.30.20.91	16625 (AKAMAI-AS) (AKAMAI-AS)
22	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:64:... 2a02:26f0:64::210:6ad3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:184::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	52.206.198.221 52.206.198.221	14618 (AMAZON-AES) (AMAZON-AES)
1	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.208.241.4 18.208.241.4	14618 (AMAZON-AES) (AMAZON-AES)
3	52.1.101.77 52.1.101.77	14618 (AMAZON-AES) (AMAZON-AES)
1 1	116.202.114.114 116.202.114.114	24940 (HETZNER-AS) (HETZNER-AS)
7 14	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
15	213.19.147.210 213.19.147.210	3356 (LEVEL3) (LEVEL3)
15 32	184.30.21.112 184.30.21.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1 12	18.185.208.29 18.185.208.29	16509 (AMAZON-02) (AMAZON-02)
3	34.236.214.42 34.236.214.42	14618 (AMAZON-AES) (AMAZON-AES)
1 2	72.247.178.19 72.247.178.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
8	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
39	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
20	184.30.20.198 184.30.20.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.30.20.185 184.30.20.185	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	37.157.6.247 37.157.6.247	198622 (ADFORM) (ADFORM)
1 4	3.125.240.184 3.125.240.184	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
4	54.239.17.112 54.239.17.112	16509 (AMAZON-02) (AMAZON-02)
3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
4 4	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
2	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
8	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
6 6	18.202.255.125 18.202.255.125	16509 (AMAZON-02) (AMAZON-02)
1 11	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	2607:f8b0:400... 2607:f8b0:4004:803::2003	15169 (GOOGLE) (GOOGLE)
3	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.165 213.155.156.165	1299 (TELIANET ...) (TELIANET Telia Carrier)
2 3	54.220.102.114 54.220.102.114	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	87.98.128.108 87.98.128.108	16276 (OVH) (OVH)
1	173.231.180.197 173.231.180.197	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.69 185.29.132.69	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	54.246.18.165 54.246.18.165	16509 (AMAZON-02) (AMAZON-02)
2	185.84.60.30 185.84.60.30	198622 (ADFORM) (ADFORM)
2 2	154.57.158.51 154.57.158.51	26558 (FREEWHEEL) (FREEWHEEL)
647	105

2 199.60.103.254 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.silobreaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-122.fra6.r.cloudfront.net

www.gmanetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2057:8600:c:3460:340:93a1 (United States)

ASN16509 (AMAZON-02, US)

aphrodite.gmanetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 13.32.25.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-25-53.fra56.r.cloudfront.net

images.gmanetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.226.155.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-2.dus51.r.cloudfront.net

images.gmanews.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.21.80 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-80.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.202.99 (United States)

ASN22822 (LLNW, US)
PTR: https-87-248-202-99.ams.llnw.net

api.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 142.250.185.66 (United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.25.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-193.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 184.30.21.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-162.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-113.dus51.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:38a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:10c:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.198 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-198.datapacket.com

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.25.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-25-41.fra56.r.cloudfront.net

data2.gmanetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.40.187.26 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

zdwidget3-bs.sphereup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-109.dus51.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd02:882c:d916:bae1:7722 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.138.18.69 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)

ads.allaccess.com.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a03:2880:f112:182:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:2800:233:9de:380:d6:22cb:12e3 (United States)

ASN15133 (EDGECAST, US)

60a6ae725fca.bitsngo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.ivideosmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.21.204.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-204-168.compute-1.amazonaws.com

trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2182:ca00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-44.fra6.r.cloudfront.net

related.gmanews.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.240.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-240-100.deploy.static.akamaitechnologies.com

static-tagr.gd1.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7ae0bdec8bda0504fa96cf10b0703f55.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 40.79.44.59 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prod-sb-appanalytics-us1.servicebus.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:1800:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)

ph-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-114.dus51.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.194.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.26.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-26-231.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

vd.trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.193.136.3 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-136-3.eu-central-1.compute.amazonaws.com

depart.trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

adclick.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net

cdn.vidcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.91 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-91.deploy.static.akamaitechnologies.com

cdn.spotxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64::210:6ad3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.digitru.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (United States) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:184::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.206.198.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-198-221.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:bb90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.vidcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.241.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.1.101.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.114.114 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.114.114.202.116.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.33.220.145 (Amsterdam, Netherlands) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 213.19.147.210 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 184.30.21.112 (Frankfurt am Main, Germany) 15 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.185.208.29 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.236.214.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

s2s.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.178.19 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-178-19.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ev4nkzci66zbgydvpx5q-p3c257-1c427e6e9-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

fiaqj6absjkbikqce3ygyaaaabqhk7p3-p3c257-8529880d7-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-185.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.247 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.125.240.184 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

euc-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.60.138 (Aalborg, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.96.126 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.202.255.125 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-255-125.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:803::2003 (Washington, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

yieldbird-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.220.102.114 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-102-114.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.98.128.108 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip108.ip-87-98-128.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.137.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.69 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.18.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-18-165.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.84.60.30 (Denmark)

ASN198622 (ADFORM, DK)

adx3.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.57.158.51 (United States) 2 redirects

ASN26558 (FREEWHEEL, US)
PTR: amsadvip2.fwmrm.net

1f2e7.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	doubleclick.net 15 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net adclick.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net	318 KB
58	pubmatic.com 1 redirects hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com aud.pubmatic.com image2.pubmatic.com simage2.pubmatic.com vpaid.pubmatic.com vid.pubmatic.com aktrack.pubmatic.com Failed image4.pubmatic.com	277 KB
53	gmanetwork.com www.gmanetwork.com aphrodite.gmanetwork.com images.gmanetwork.com data2.gmanetwork.com	626 KB
47	googlesyndication.com 1 redirects 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 7ae0bdec8bda0504fa96cf10b0703f55.safeframe.googlesyndication.com	477 KB
45	googleapis.com fonts.googleapis.com imasdk.googleapis.com	5 MB
40	stickyadstv.com 15 redirects ads.stickyadstv.com cdn.stickyadstv.com	574 KB
34	moatads.com z.moatads.com px.moatads.com	361 KB
24	aniview.com player.aniview.com track1.aniview.com go1.aniview.com sync.aniview.com s2s.aniview.com	16 KB
24	google.com adservice.google.com www.google.com	4 KB
18	2mdn.net s0.2mdn.net	296 KB
16	360yield.com 2 redirects ice.360yield.com ad.360yield.com euc-ice.360yield.com match.360yield.com	8 KB
15	1rx.io tag.1rx.io	5 KB
15	adnxs.com 7 redirects secure.adnxs.com ib.adnxs.com acdn.adnxs.com	31 KB
13	bitsngo.net 60a6ae725fca.bitsngo.net	229 KB
13	facebook.com www.facebook.com	277 KB
10	gmanews.tv images.gmanews.tv related.gmanews.tv	1 MB
10	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	134 KB
9	sharethis.com ws.sharethis.com count-server.sharethis.com l.sharethis.com	68 KB
8	vidcrunch.com cdn.vidcrunch.com player.vidcrunch.com	347 KB
8	windows.net prod-sb-appanalytics-us1.servicebus.windows.net	1 KB
8	trinitymedia.ai trinitymedia.ai vd.trinitymedia.ai depart.trinitymedia.ai	279 KB
7	adform.net 5 redirects track.adform.net c1.adform.net adx3.adform.net	4 KB
7	googletagservices.com www.googletagservices.com	213 KB
6	adsrvr.org 6 redirects match.adsrvr.org	3 KB
5	spotxchange.com 3 redirects sync.search.spotxchange.com search.spotxchange.com	4 KB
5	sphereup.com zdwidget3-bs.sphereup.com	20 KB
4	fiftyt.com 4 redirects visitor.fiftyt.com	2 KB
4	semasio.net 2 redirects uipglob.semasio.net	2 KB
4	amazon-adsystem.com s.amazon-adsystem.com	1 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net ev4nkzci66zbgydvpx5q-p3c257-1c427e6e9-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net fiaqj6absjkbikqce3ygyaaaabqhk7p3-p3c257-8529880d7-clienttons-s.akamaihd.net	1 KB
4	allaccess.com.ph ads.allaccess.com.ph
4	google-analytics.com www.google-analytics.com	19 KB
4	facebook.net connect.facebook.net	160 KB
4	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com	60 KB
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	2 KB
3	bidr.io 2 redirects match.prod.bidr.io	1 KB
3	openx.net 1 redirects yieldbird-d.openx.net	1 KB
3	simpli.fi um.simpli.fi	2 KB
3	criteo.com dis.criteo.com	651 B
3	mookie1.com static-tagr.gd1.mookie1.com ph-gmtdmp.mookie1.com	2 KB
3	cloudflare.com cdnjs.cloudflare.com	40 KB
3	cheqzone.com ob.cheqzone.com obs.cheqzone.com	22 KB
3	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	1 KB
2	fwmrm.net 2 redirects 1f2e7.v.fwmrm.net	920 B
2	tapad.com 1 redirects pixel.tapad.com	450 B
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	483 B
2	ad4m.at ad4m.at	264 B
2	de17a.com 2 redirects d5p.de17a.com	634 B
2	zeotap.com mwzeom.zeotap.com	773 B
2	mathtag.com 1 redirects pixel.mathtag.com sync.mathtag.com	1 KB
2	spotxcdn.com cdn.spotxcdn.com	106 KB
2	google.de adservice.google.de www.google.de	652 B
2	ivideosmart.com player.ivideosmart.com	52 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	51 KB
2	cloudfront.net d31qbv1cthcecs.cloudfront.net d2wy8f7a9ursnm.cloudfront.net	15 KB
2	googletagmanager.com www.googletagmanager.com	89 KB
2	youtube.com www.youtube.com	40 KB
2	silobreaker.com 1 redirects info.silobreaker.com	4 KB
1	gumgum.com 1 redirects rtb.gumgum.com	334 B
1	dotomi.com pubmatic-match.dotomi.com	103 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	quantserve.com 1 redirects pixel.quantserve.com	542 B
1	deepintent.com match.deepintent.com	39 B
1	contextweb.com 1 redirects bh.contextweb.com	595 B
1	adgrx.com cm.adgrx.com	408 B
1	erne.co 1 redirects green.erne.co	324 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	turn.com ad.turn.com Failed	518 B
1	loopme.me 1 redirects csync.loopme.me	270 B
1	google.ch adservice.google.ch	165 B
1	digitru.st cdn.digitru.st	14 KB
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	6 KB
1	alexametrics.com certify.alexametrics.com	552 B
1	dmcdn.net api.dmcdn.net	10 KB
1	jsdelivr.net cdn.jsdelivr.net	2 KB
0	playground.xyz Failed ads.playground.xyz Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	sitescout.com Failed pixel-sync.sitescout.com Failed
0	bidswitch.net Failed x.bidswitch.net Failed
0	tribalfusion.com Failed a.tribalfusion.com Failed
0	rubiconproject.com Failed video-ads.rubiconproject.com Failed
0	akstat.io Failed 6852bd14.akstat.io Failed
647	83

	Domain	Requested by
43	images.gmanetwork.com	www.gmanetwork.com
39	imasdk.googleapis.com	player.vidcrunch.com imasdk.googleapis.com
32	ads.stickyadstv.com	15 redirects cdnjs.cloudflare.com cdn.stickyadstv.com
30	px.moatads.com	www.gmanetwork.com
27	pubads.g.doubleclick.net	imasdk.googleapis.com
26	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com cdnjs.cloudflare.com srcdoc
20	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
18	s0.2mdn.net	imasdk.googleapis.com
18	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com tpc.googlesyndication.com
17	cm.g.doubleclick.net	13 redirects ads.pubmatic.com
16	track1.aniview.com	www.gmanetwork.com cdnjs.cloudflare.com
16	securepubads.g.doubleclick.net	1 redirects www.googletagservices.com securepubads.g.doubleclick.net info.silobreaker.com www.gmanetwork.com
15	tag.1rx.io	cdnjs.cloudflare.com
13	60a6ae725fca.bitsngo.net	zdwidget3-bs.sphereup.com
13	www.facebook.com	www.gmanetwork.com connect.facebook.net www.facebook.com
12	ib.adnxs.com	5 redirects cdnjs.cloudflare.com acdn.adnxs.com
11	simage2.pubmatic.com	1 redirects ads.pubmatic.com image6.pubmatic.com
10	ads.pubmatic.com	player.vidcrunch.com ads.pubmatic.com vpaid.pubmatic.com
10	hbopenbid.pubmatic.com	cdnjs.cloudflare.com
10	ice.360yield.com	cdnjs.cloudflare.com
9	images.gmanews.tv	www.gmanetwork.com
8	image2.pubmatic.com	ads.pubmatic.com image6.pubmatic.com
8	cdn.stickyadstv.com	player.vidcrunch.com cdn.stickyadstv.com
8	prod-sb-appanalytics-us1.servicebus.windows.net	www.gmanetwork.com
7	www.googletagservices.com	www.gmanetwork.com securepubads.g.doubleclick.net 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
6	vpaid.pubmatic.com	imasdk.googleapis.com
6	match.adsrvr.org	6 redirects ads.pubmatic.com
6	static.doubleclick.net	1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
6	ws.sharethis.com	www.gmanetwork.com ws.sharethis.com
6	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	www.gmanetwork.com aphrodite.gmanetwork.com zdwidget3-bs.sphereup.com 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
5	cdn.vidcrunch.com	www.gmanetwork.com adclick.g.doubleclick.net
5	zdwidget3-bs.sphereup.com	www.gmanetwork.com
5	aphrodite.gmanetwork.com	www.gmanetwork.com aphrodite.gmanetwork.com
4	aktrack.pubmatic.com
4	visitor.fiftyt.com	4 redirects ads.pubmatic.com
4	uipglob.semasio.net	2 redirects ads.pubmatic.com
4	s.amazon-adsystem.com
4	sync.search.spotxchange.com	3 redirects www.gmanetwork.com
4	depart.trinitymedia.ai	cdnjs.cloudflare.com vd.trinitymedia.ai
4	www.google.com	www.gmanetwork.com securepubads.g.doubleclick.net 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com tpc.googlesyndication.com
4	ads.allaccess.com.ph	www.gmanetwork.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com vd.trinitymedia.ai
4	data2.gmanetwork.com	www.gmanetwork.com
4	connect.facebook.net	images.gmanetwork.com connect.facebook.net
4	z.moatads.com	images.gmanetwork.com securepubads.g.doubleclick.net
3	match.prod.bidr.io	2 redirects image6.pubmatic.com
3	yieldbird-d.openx.net	1 redirects imasdk.googleapis.com
3	vid.pubmatic.com	vpaid.pubmatic.com
3	csi.gstatic.com	imasdk.googleapis.com
3	c1.adform.net	3 redirects ads.pubmatic.com
3	um.simpli.fi	ads.pubmatic.com image6.pubmatic.com
3	dis.criteo.com	image6.pubmatic.com
3	image6.pubmatic.com	ads.pubmatic.com
3	s2s.aniview.com	cdnjs.cloudflare.com
3	sync.aniview.com	player.vidcrunch.com
3	player.vidcrunch.com	player.aniview.com player.vidcrunch.com
3	cdnjs.cloudflare.com	zdwidget3-bs.sphereup.com
3	widgets.outbrain.com	www.gmanetwork.com widgets.outbrain.com
2	1f2e7.v.fwmrm.net	2 redirects
2	adx3.adform.net	imasdk.googleapis.com
2	ups.analytics.yahoo.com	2 redirects ads.pubmatic.com
2	pixel.tapad.com	1 redirects image6.pubmatic.com
2	ad4m.at	image6.pubmatic.com
2	d5p.de17a.com	2 redirects image6.pubmatic.com
2	aud.pubmatic.com	ads.pubmatic.com
2	mwzeom.zeotap.com	ads.pubmatic.com
2	match.360yield.com	1 redirects
2	euc-ice.360yield.com
2	track.adform.net	2 redirects
2	ad.360yield.com	1 redirects
2	secure.adnxs.com	2 redirects ads.pubmatic.com
2	cdn.spotxcdn.com	www.gmanetwork.com securepubads.g.doubleclick.net
2	vd.trinitymedia.ai	trinitymedia.ai
2	l.sharethis.com	ws.sharethis.com www.gmanetwork.com
2	ph-gmtdmp.mookie1.com	www.gmanetwork.com vd.trinitymedia.ai
2	1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	trinitymedia.ai	images.gmanetwork.com www.gmanetwork.com
2	player.ivideosmart.com	www.gmanetwork.com player.ivideosmart.com
2	log.outbrainimg.com	widgets.outbrain.com
2	obs.cheqzone.com	ob.cheqzone.com www.gmanetwork.com
2	www.googletagmanager.com	www.gmanetwork.com www.googletagmanager.com
2	www.youtube.com	www.gmanetwork.com www.youtube.com
2	info.silobreaker.com	1 redirects
1	rtb.gumgum.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	match.adsby.bidtheatre.com	1 redirects image6.pubmatic.com
1	pixel.quantserve.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects image6.pubmatic.com
1	match.deepintent.com	image6.pubmatic.com
1	match.taboola.com	image6.pubmatic.com
1	trc.taboola.com	1 redirects image6.pubmatic.com
1	bh.contextweb.com	1 redirects image6.pubmatic.com
1	cm.adgrx.com	image6.pubmatic.com
1	green.erne.co	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	ad.turn.com	ads.pubmatic.com
1	pixel.mathtag.com
1	acdn.adnxs.com	player.vidcrunch.com
1	fiaqj6absjkbikqce3ygyaaaabqhk7p3-p3c257-8529880d7-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	ev4nkzci66zbgydvpx5q-p3c257-1c427e6e9-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	csync.loopme.me	1 redirects
1	go1.aniview.com	cdnjs.cloudflare.com
1	search.spotxchange.com	cdnjs.cloudflare.com
1	player.aniview.com	adclick.g.doubleclick.net
1	7ae0bdec8bda0504fa96cf10b0703f55.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	cdn.digitru.st	cdn.spotxcdn.com
1	www.gstatic.com	1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
1	adclick.g.doubleclick.net	1 redirects
1	www.google.de	www.gmanetwork.com
1	count-server.sharethis.com	ws.sharethis.com
1	d2wy8f7a9ursnm.cloudfront.net	player.ivideosmart.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	c.sharethis.mgr.consensu.org	ws.sharethis.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	static-tagr.gd1.mookie1.com	images.gmanetwork.com
1	related.gmanews.tv	www.gmanetwork.com
1	maxcdn.bootstrapcdn.com	www.gmanetwork.com
1	c.go-mpulse.net	s.go-mpulse.net
1	certify.alexametrics.com	www.gmanetwork.com
1	ob.cheqzone.com	widgets.outbrain.com
1	s.go-mpulse.net	images.gmanetwork.com
1	d31qbv1cthcecs.cloudfront.net	images.gmanetwork.com
1	widget-pixels.outbrain.com	www.gmanetwork.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	api.dmcdn.net	www.gmanetwork.com
1	cdn.jsdelivr.net	www.gmanetwork.com
1	www.gmanetwork.com	info.silobreaker.com
0	ads.playground.xyz Failed	ads.pubmatic.com
0	sync-tm.everesttech.net Failed	ads.pubmatic.com
0	pixel-sync.sitescout.com Failed	ads.pubmatic.com
0	x.bidswitch.net Failed	ads.pubmatic.com
0	a.tribalfusion.com Failed	image6.pubmatic.com
0	video-ads.rubiconproject.com Failed	imasdk.googleapis.com
0	6852bd14.akstat.io Failed	s.go-mpulse.net cdnjs.cloudflare.com
647	140

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
chats.viber.com

Subject Issuer	Validity	Valid
info.silobreaker.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
*.gmanetwork.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-10` - `2021-07-09`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gmanews.tv Amazon	`2020-06-11` - `2021-07-11`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-12` - `2022-03-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.dmcdn.net ZeroSSL RSA Domain Secure Site CA	`2021-03-19` - `2021-06-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
ob.cheqzone.com R3	`2021-04-07` - `2021-07-06`	3 months	crt.sh
*.sphereup.com Go Daddy Secure Certificate Authority - G2	`2020-10-09` - `2021-11-10`	a year	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
obs.cheqzone.com R3	`2021-02-14` - `2021-05-15`	3 months	crt.sh
*.allaccess.com.ph Amazon	`2020-07-09` - `2021-08-10`	a year	crt.sh
*.raynw.net DigiCert SHA2 Secure Server CA	`2020-07-28` - `2022-08-05`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
player-objects.ivideosmart.com R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
trinitymedia.ai Sectigo ECC Domain Validation Secure Server CA	`2020-12-15` - `2021-12-15`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
static-tagr.gd1.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-08` - `2021-12-12`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
servicebus.windows.net Microsoft Azure TLS Issuing CA 05	`2021-01-21` - `2022-01-16`	a year	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
vd.trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2020-12-15` - `2021-12-15`	a year	crt.sh
depart.trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2020-12-28` - `2021-12-28`	a year	crt.sh
*.vidcrunch.com Go Daddy Secure Certificate Authority - G2	`2019-04-24` - `2021-04-24`	2 years	crt.sh
cdn.spotxcdn.com GeoTrust RSA CA 2018	`2020-05-21` - `2021-06-20`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
cdn.digitru.st DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.google.ch GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
wl.aniview.com R3	`2021-03-11` - `2021-06-09`	3 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.stickyadstv.com DigiCert SHA2 High Assurance Server CA	`2019-11-25` - `2022-02-18`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.adform.net DigiCert SHA2 Secure Server CA	`2020-04-02` - `2021-06-02`	a year	crt.sh

This page contains 113 frames:

Primary Page: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Frame ID: B32D879C0CA8D4C232E5B92BBB1B9D3F
Requests: 283 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: ADCBB856AAAE984CFDF5E5E48F596DE6
Requests: 2 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/FG65A-Y848M-3TACG-B2LGY-Y72BW
Frame ID: 11387A07CEF8EF692D6B9B771708FE0C
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2df6710b5f20bc%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2291e21a136df%26relation%3Dparent.parent&container_width=734&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
Frame ID: 6E2F7ACE5FB797F58D8F7052933BE9B4
Requests: 4 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 7C54DCA180FD77EFB31841E997639450
Requests: 1 HTTP requests in this frame

Frame: https://trinitymedia.ai/player/audio.php?pageURL=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&textSelector=I3N0b3J5MSAuc3RvcnlfdGl0bGUgLnN0b3J5X2xpbmtzLCAjc3RvcnkxIC5zdG9yeV9tYWlu&sCampaignID=2900001772&FAB=true&backgroundColor=rgb%28255%2C+255%2C+255%29&playerId=96e0530aa3cc817d2ad8c035745802b3&isLegacyBrowser=false&version=20210413_c36111c3fe4c63a950b4c60800ddcf12a7d35b1a&useCFCDN=0&ts=1618312693509&tsServer=1618312693398&FABOnly=0
Frame ID: 886C9D157738E733F2BFA6277B91D26E
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsua5Ek6S_hEb5dNq1qBl_NrAB9O1Ko86Jhzs3cGw1ygPX53DlIYeY0eJIEHCSmNonbM-zLqOkehFNGn6ZnYiklTGwVR0zSF634VR9FS4VacEvqiTAQtqdEDR5BsZvXtCT4GGqID8gCepHIvM3gAuGdP37GZ52hMcs2_Qf4ERDY30m_FPkDrM2G2kodDUdyvLIQRLEf7gbvRZj6jCDapOp9_y7Q0FYdUR5mNUTEbXuqHT_btExCM5RvJd_J4b7rl_3tnGuQRpIBWoIvBRRfFgt9KpsEdvu0i1UoU7FZVkWqdyhZWMNuxv-6ECYT-ydnsESAfMd0GBzfwoTq5jvzRA8cIeg&sai=AMfl-YSdmCL9We_4jfYyjsoAMeM4TXRmCgMbqd_qB-tAq0dRi08fC2DIGUkwraNTwG9aWCZ43vTXq8aR_z1aHkCwQdAFgL4JB5PrrVLP7naOQxfDh5OZppKB_7QaqJleW4ox&sig=Cg0ArKJSzFmMT1d7yODYEAE&urlfix=1&adurl=
Frame ID: E96F60CA3F5F439DF95CBC644B799FCF
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu69xgMAMtPb1SgjhO8-09-cKAFOHEYJkC8OxYxIn1hx4bS_JZaeoJYfHHMEoyq1MiSZCxG6fYRCV01ipQ8efQVoC3_QLxzdyskUTWktrHEjm9Rzc7UyEz7_0QXVEbwDUCW0rw8HAQFadnSNSA9GoxfGecQgCYPBjXM5DEOeG_r3r3zP2UI874ufqtUw2ELYRn8_GEg7sZ29xXNvb8gUEsLrsFG4OeM0JtqlmE_mxdftspPupI7CK9UmHE1R41yXGR5wvsXM7-eGacn6ecoIes0fyCGa64xQYRr_OOPA8Tb5DTST3XFugDNZ-UOUvEZxDeuUBBnlq3o&sai=AMfl-YRd_JAE0LXbPFGGJrF1OIbYWbWPlu1Ei4RSgVk6lHa4Y9AV4f9uPMDxG2lqTNSow5QMbjCB3S0yRdGzhJ-caxF_HXxWB11FdwG4XQCVMYBQrjeNopIQcrgz0SI5L8EP&sig=Cg0ArKJSzF7ETkQYtXMmEAE&adurl=
Frame ID: 5007988C70BEBF15030CC3BA000A0060
Requests: 9 HTTP requests in this frame

Frame: https://cdn.spotxcdn.com/website/integration_test/media/asia/gma/spotx_dfp_v2.js
Frame ID: B23043E96ADED618874A06A2AEBD7155
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszFqMEAnlLRyg7YoNpqcy1TwzkSexuJVC68680LLhwcjUDgPiTSd0p6p1q3XmOk3lZufEMuBhgOgEBQHeYXlcPtrVx0r_tQeBfvpALXwSf8bDZ80Oe2Ittpwlk51d1kko3x-vacFKyeYxdYVvJaaOnpZAW40f39owXeqjV9_QMIyNKFBlwYm1WUFEc14s132FzAc7G3UlvRIai4K_Vf57f4asoOrwD9FyVdVe3a-536S5xSFDKMvpsRiAcxxAyIVkC6cH7N-97JA3e6zZ9B8U_p5hjgZrSMC14n5COvWU2Xt_-cS6aA85F&sai=AMfl-YQZj5UwkJczWUeXT5BCJGQIh_fcgHM-UFIRasljo8xdjpknDvsumw7Q3wRmyi5e4SmQCI47wyLYkBWd579YxTySBVGhfof97gZp6zES9pfcW3OfX00oR73i07F04pEU&sig=Cg0ArKJSzKgoEMkT_DGyEAE&adurl=
Frame ID: 5101952C7A78F9BFB6370D8659FE09E1
Requests: 10 HTTP requests in this frame

Frame: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 42D850714B5AA336515C17D9CC9313A7
Requests: 20 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: B7BBFD8E68D437C8993898DC9BE9F835
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 40D3310DF11EECF53A54C2840D499A42
Requests: 2 HTTP requests in this frame

Frame: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Frame ID: 0193DBC157F68BF2BB92DFA6625E7026
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1eac7dae421a6c%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2291e21a136df%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
Frame ID: 3B4F08C58104070BB3063F54C8B7CCA9
Requests: 4 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=2&key=f33c0edf-9c49-11eb-af07-1f932c7f1706
Frame ID: 3B36071B17E99825739CBFDD9C245492
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=56&pid=5b59760c073ef46a2e6b8f13&key=40390ad3-2d97-4ad7-a2f8-3f8255eaeeb7
Frame ID: 6FE6DD001C52AC09831BAF8D81AF1BFF
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=55&key=5242226420867378909
Frame ID: 8B93C61D136488DE627504DF745D0CD5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: D60766028D666084D555BC2AE616A5D8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E186CCB2FE575123FD3C5FD476A7F059
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 71D84A79B04130ABF4A6E7C01BFF9520
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: A880523313893A97807C657CC953D5D3
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: BA34A7AFD9AA68FA2F9C189DFE231986
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 37A3D7B9D377B90DEC94366A6FA4AE19
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 1AD9CA637F003631970B48673F7CDE5F
Requests: 3 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure/index.html
Frame ID: B15E2ECD32C435A710E3D60883C11694
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CE716A5EEBB165772F532F8072B1E3A3
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 03C15AF89382E8C684208E7FB4097F57
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7BB2016EFE29B6E2538FAA5F0031D4B0
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: E3CC21BAC2549CC57D8BC9C608CFAFAD
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 875CD4ECB0CF84EFC88708D5B0BDD364
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 02F6426DA90AC9A34C23C585770700E2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 73CB7C8F6A3C17FB72F6C64E64DD8722
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AAEB1F3B56D51157C8C3C7000AF0B00A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 444CBB945931E4DB7A60F03CC2E7AD42
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: B3A90A01CF21AFBFE056C18FB5B92738
Requests: 3 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 567A3CA3DBEA5B85C971D2C7E1876337
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 081A34F9587E9638A212048D33C87F48
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9702F40545AB846BD4F17180E8B1A0AB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 318626C0688CE10B42F681FA90D12475
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2F4132E3C31E6128D52BFAFA019396CE
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 57B324915FCB4CA8F33B6686C4A4F91F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 163840054BC1439C3D706336688898BD
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 35ABE4157F1D16AFE177356D4F722B25
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 5932AF1B3655F7976AE5E8B21A9A34BC
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 1458B0CB68FB89E0D90B79D16146BD48
Requests: 14 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 9649FA307CC614410CF82056181E2A68
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 2964A3B8A541DE9CD82D5A3CEF21C405
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: B38646732E4A192C242C33715556F3A6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 159BFB2093D86C1B036BAB6AFE8089A6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3F39AD33538933BD6A1C24C019915A65
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 09770F3AE8DA03AB54B9EC99E4C3F985
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 12E30DBB10EA020CAA163868D01619A9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: D5112E3EF1BBC076933C3CCA91D3A3F7
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9148D008AE549DF18394346DFE90C73F
Requests: 24 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D4909D164C8FABDE3802DEBEAAF4A989
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=418119563271671826
Frame ID: BF98A8A17AE2246925390C147BF3D113
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 9B8797027DEA8327DAF8641C5002FD51
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950600142692022411
Frame ID: 7D8E1D9CC0EA734DA21E28A7E18C7AE4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=hKZUTVIEts8HnR2milX4Womm
Frame ID: 8968F737C9F1009D68C00C3B03BB81D2
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 1DF86FD6D32CC558EF94E256E5C70480
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 82DD80FDA8D642967421D9869250B1AE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=ni160itji1Xd&pid=557219
Frame ID: 53AD64BF4DE5359FA865F4EF39B5108D
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 82903BC75CD46247AC542E6F06FB2F31
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=04df0219-f278-4529-8dd4-c5b7ac827712-tuct76f0381&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: A11DC1F8B41FDFB822B9F29216496BB0
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Frame ID: 35605DA8C0F713D22C2F70BBF67B86CF
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: F8422517D7175DD9A750D7FC7930479E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 28E05EC45563E8D6EAC3A8B05A94B4B6
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 24392DFCED7C5AF231D9AEC7090F6A57
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 3984EA3BD0CFFC9408B4E50965F5D875
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: B160F1AEABFF1A63D1979691306AA380
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: C5ECAB7F5AC01BCDF20C5AA2F42FD66D
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 92427B07F62214814264D8E09F799973
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: CCFD0583EE309F4CF23B2BAB6F148AF7
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 2382DE2F7B66A1DC932B9EB5254D4E26
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 51554DBA3B398A4A95883BFD4E1E2152
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8E532B1EDA7BA35BB56AE270C759289A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FAF943BC2B02CA3D6B584253FA2ABC3C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: D4DDF21198A06E06491E69B9B35576D3
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: B6F249444C202914DF248793B1CE7D75
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: BE52418ED9B49368CF00F81C8A840ECE
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: D6081F39D278CA661CD72C0821871A6D
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 46D3D560D3B77894132CFE36AFA491B6
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 2CCAB5B89E145A4E9619DF7B29102922
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 18A393E7B3094980B87E4D0AC1A5C1CA
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: B954F9DA940B4C4A92987E1094087B05
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 72C1B1707AAE838A162F63BB7BB7E099
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E99D76FA1C69ACD2C4D62DDCF221CC6E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3A0F0DD62CDF3526172E89CB9B2EE9A0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7F58D8421FD7B652010BA0B2BA279458
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 53673C8A68416939B20C88B30842FE9A
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B22F3CA034752471CEB963D5382B1F44
Requests: 24 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 3D6C29C062735A3D6BE0852C5923589E
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 1991FB046B3F1B37880EDAD862ABADCB
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: D13B49D860D8790EAEE4147C4C3DAEA5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950600168469231766
Frame ID: DBE4BACA06ECAC8AACBFABA0D0D5299A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=hKZUTVIEts8HnR2milX4Womm
Frame ID: E8DE9F7F298A997F17FDBF880223EA74
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 23E1D73663EB6E238585B4EDEF919994
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 7C7B31CB2E3C8DE3BD5EAE8471AD0AE4
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
Frame ID: 0147D991D49BAF451298C3E7A07FBB30
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: CF4B4D8938C533FE954F00B3DE7C16EA
Requests: 1 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
Frame ID: EDA17CD4EDFE5ECF83F84E0CB0565308
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Frame ID: E8D3C4BEFB54999C4CC3B66509035CE5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
Frame ID: 93340C0FDF9930A4613954116C18A773
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 1348323859B060B21864937024C43768
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 4B358739D376A6FA74FA63288031499E
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 392058A782A9A5910F3F4A774D44B47B
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: D00DF51B639209FF40F8ECE78F6F5C12
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 85A39F0B5A8E87703E5ACE17C3B13AD3
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 805EB8FE75D57006098FB85939A86188
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 03E8D81A02E01D6292F260AA079EC887
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6BEF838ECF58A745A8796EAC1FA0D1D1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 46AA3E5C741A3106A9E666C178C9AFCF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.silobreaker.com/e2t/tc/VVyZLb27R9cNW8B1sKc3F-R2JVJvnzy4ql1vbMpKrl_2-HwrV1-WJV7CgVNxW4Yknm764... Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VVyZLb27R9cNW8B1sKc3F-R2JVJvnzy4ql1vbMpKrl_2-HwrV1... HTTP 307
https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=889... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

647
Requests

91 %
HTTPS

37 %
IPv6

83
Domains

140
Subdomains

105
IPs

10
Countries

12049 kB
Transfer

36737 kB
Size

1
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/gmanews

Search URL Search Domain Scan URL

URL: https://twitter.com/gmanews

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gmanews

Search URL Search Domain Scan URL

URL: https://www.youtube.com/gmanews

Search URL Search Domain Scan URL

URL: https://chats.viber.com/gmanews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gmanews/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/gmanews/
Title:

Search URL Search Domain Scan URL

URL: http://www.instagram.com/gmanews/
Title:

Search URL Search Domain Scan URL

URL: http://www.youtube.com/gmanews/
Title:

Search URL Search Domain Scan URL

URL: https://chats.viber.com/gmanews/
Title:

Search URL Search Domain Scan URL

URL: http://www.instagram.com/gmanews
Title:

Search URL Search Domain Scan URL

URL: http://www.youtube.com/gmanews
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.silobreaker.com/e2t/tc/VVyZLb27R9cNW8B1sKc3F-R2JVJvnzy4ql1vbMpKrl_2-HwrV1-WJV7CgVNxW4Yknm7645JnKN6qc4djm3tVhVd7rZc3YM12PW6f9hX411LYnSW5ZsfbV6LsRq0W5ZQkk78-Sv_FN7jtt1q6JNpkW6vljLF4Y7ycCN47k_1lQRsPsW3yknsh20nrttW5bJx-g4J1tBZVRQrFG3fcKw6W39vTVr1wQTFtW5lyhkG4_2BdtV4wZ6m5bv6mhW7dbnX6702h0kW3s5Rbn3nxcMsW5Dj-x31n2HCmW51CF-N4ghsYkW4xt1Dh1C_X_BW97nYJn96JQ2hVsfck61MMgMGW8D-KnD2WRPLqN8fL7NqTwp2RW2R03vk4KPds4W4llfyZ5XtL_D3ndT1 Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VVyZLb27R9cNW8B1sKc3F-R2JVJvnzy4ql1vbMpKrl_2-HwrV1-WJV7CgVNxW4Yknm7645JnKN6qc4djm3tVhVd7rZc3YM12PW6f9hX411LYnSW5ZsfbV6LsRq0W5ZQkk78-Sv_FN7jtt1q6JNpkW6vljLF4Y7ycCN47k_1lQRsPsW3yknsh20nrttW5bJx-g4J1tBZVRQrFG3fcKw6W39vTVr1wQTFtW5lyhkG4_2BdtV4wZ6m5bv6mhW7dbnX6702h0kW3s5Rbn3nxcMsW5Dj-x31n2HCmW51CF-N4ghsYkW4xt1Dh1C_X_BW97nYJn96JQ2hVsfck61MMgMGW8D-KnD2WRPLqN8fL7NqTwp2RW2R03vk4KPds4W4llfyZ5XtL_D3ndT1?_ud=abeaa387-3621-4ec0-b25d-698805e0f346&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 176

https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstoliezsjZdgcoBzGFY9IZ2ieyNA5de1zax75Vurg41KQD2nxlooPK1hs5qYMyti1L5QBcEvisaK7WfFCqdewWHz94gjszyXh4z6lCbPCn_GexquiNl6l-_CrcuKTdOn8heyl9e8FYTKUQ_YzoLxl6hLs0_xy6KGWS2xEf57kF01kQsQMcdvC7aDvL61-QoZhJWzaU0-VDoJT-hP3xAlsATF13yEJ8ox7T8jjeSDL4jX1kCoDr4PpVRpjbUf81PhWAWT79-oq_bddzEM_YVEyzmyanusgC2E1m6eMZdob3xTewI7X02hXdPBVWCNfTWBpc&sai=AMfl-YQlGTdq_lcZsrFJGQabYs0S35_2R_rZx72m-PBiQ75kBnuPI5NDVSZw4C2kqcW_sfZ23ehvooEuOjGOPuH3ETyN7L2h7uPLN8NMNP4jH9Pue6CblUEVP54EmLGHDJWb&sig=Cg0ArKJSzCm6hDGyVGGzEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js HTTP 302
https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js

Request Chain 185

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstH3sD3F4idy_gMoR42mKn9hX9m34MuKbprI0veXrsJCqCG9UrAAluWV4gGJM6td_KiDpK2TXJRQlu8kUSv2SjyKemNl3yJnc32LNy5Ft_G7S5n6rDs8qd1h_6U3g5lCtzNwroBhNS5nJZqbJhlfi8ZZnoZtcBPS1wXMriKk-dRJO4Y6PsyuhM1iS3vCZQoWmlmidDaMSGzXELrERp-xifYJ9OhvAGOlL65Rif8K4hcgpVz5fPGAE9RAnM_xoRb0O2ZoynCQV6XAJKWYlWYqW0LfNYS-q2xKG_K4_qLwgTHPWDuAWQP-CetqWXNsofq6X-fa6Q&sai=AMfl-YRM8rV8Vm8PwUSgfcjCbPIuK_0niflI6SdZNVEx2lTGoRJEr9axwpl0mh3HdRKPsNGlHb554krrcuQ5H0DaKf6LgoIO_YrWhSNn26j2AT0fk6ayiZ0f6gjfIJG1jZIF&sig=Cg0ArKJSzEJdAKiqGUe7EAE&urlfix=1&adurl=//cdn.spotxcdn.com/website/integration_test/media/asia/gma/spotx_dfp_v2.js HTTP 302
https://cdn.spotxcdn.com/website/integration_test/media/asia/gma/spotx_dfp_v2.js

Request Chain 228

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC_zOutExDQDxjQDzIIEi_bTOt8szA HTTP 301
https://tpc.googlesyndication.com/simgad/9342234782576588545

Request Chain 232

https://sync.search.spotxchange.com/partner?source=easi HTTP 302
https://sync.search.spotxchange.com/partner?source=easi&__user_check__=1&sync_id=f1cc4bae-9c49-11eb-9f9e-17f3d7a10e06

Request Chain 274

https://sync.search.spotxchange.com/partner?adv_id=271911&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1618312699031-938042847281-020198-002-004901%26biddername%3D2%26key%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=271911&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1618312699031-938042847281-020198-002-004901%26biddername%3D2%26key%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=f33c0f1c-9c49-11eb-af07-1f932c7f1706 HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=2&key=f33c0edf-9c49-11eb-af07-1f932c7f1706

Request Chain 275

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1618312699031-938042847281-020198-002-004901%26biddername%3D56%26pid%3D5b59760c073ef46a2e6b8f13%26key%3D%7Bdevice_id%7D HTTP 307
https://sync.aniview.com/cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=56&pid=5b59760c073ef46a2e6b8f13&key=40390ad3-2d97-4ad7-a2f8-3f8255eaeeb7

Request Chain 276

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1618312699031-938042847281-020198-002-004901%26biddername%3D55%26key%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1618312699031-938042847281-020198-002-004901%2526biddername%253D55%2526key%253D%2524UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=55&key=5242226420867378909

Request Chain 285

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p3c257baa HTTP 302
https://ev4nkzci66zbgydvpx5q-p3c257-1c427e6e9-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 286

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p3c257baa HTTP 302
https://fiaqj6absjkbikqce3ygyaaaabqhk7p3-p3c257-8529880d7-clienttons-s.akamaihd.net/eum/results.txt

Request Chain 317

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&google_hm=ZTQxYmU1YzMtZWQ3Zi00NTA2LWI0ZGItYzc3ZmRjY2JlZjhj&dsp_callback=0 HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEGPNa-6N6hB7H7AXzfdFJqg&google_cver=1 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEGPNa-6N6hB7H7AXzfdFJqg&google_cver=1

Request Chain 319

https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=e41be5c3-ed7f-4506-b4db-c77fdccbef8c&publisher_dsp_id=42&publisher_call_type=redirect&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=e41be5c3-ed7f-4506-b4db-c77fdccbef8c&publisher_dsp_id=42&publisher_call_type=redirect&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1619522300&external_user_id=1240512143984231881

Request Chain 320

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=5Bvlw-1_RQa028d_3MvvjA&google_cm&dsp_callback=0&publisher_dsp_id=340 HTTP 302
https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&google_gid=CAESEBSwxoQBQ6I-Uo9MsWuxBc4&google_cver=1 HTTP 302
https://match.360yield.com/ul_cb/match?dsp_callback=0&publisher_dsp_id=340&google_gid=CAESEBSwxoQBQ6I-Uo9MsWuxBc4&google_cver=1

Request Chain 321

https://ib.adnxs.com/getuid?https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=$UID&publisher_dsp_id=40 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feuc-ice.360yield.com%2Fmatch%3Fdsp_callback%3D0%26external_user_id%3D%24UID%26publisher_dsp_id%3D40 HTTP 302
https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=5049971785150987344&publisher_dsp_id=40

Request Chain 327

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5d54b48c3e753dc5ffd0fe09e567937&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g095_6950600125496713550 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NWQ1NGI0OGMzZTc1M2RjNWZmZDBmZTA5ZTU2NzkzNw==&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKd3OEbvNhb4aeB-4G7Tj6A&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=091079a3-59e3-4442-8ba6-60a4678ce875 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=5049971785150987344 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/5d54b48c3e753dc5ffd0fe09e567937&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-hzlvt09E2oPDij5T7yBuEB_PRelSgHdrB3VqPlP.~A HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=52616075-7dfc-4400-9c8d-ca5c8e752d9e&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YHV9-gAAAgwznQAC HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YHV9-gAAAgwznQAC&gdpr=0&gdpr_consent=&_test=YHV9-gAAAgwznQAC HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=kcTIdKIG1Lwh3M5&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1240512143984231881

Request Chain 332

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5d54b48c3e753dc5ffd0fe09e567937&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g051_6950600125496740346 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NWQ1NGI0OGMzZTc1M2RjNWZmZDBmZTA5ZTU2NzkzNw==&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKd3OEbvNhb4aeB-4G7Tj6A&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=091079a3-59e3-4442-8ba6-60a4678ce875 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=5049971785150987344 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/5d54b48c3e753dc5ffd0fe09e567937&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-hzlvt09E2oPDij5T7yBuEB_PRelSgHdrB3VqPlP.~A HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=52616075-7dfc-4400-9c8d-ca5c8e752d9e&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAEP9E7A6vwAACrm3LYadA&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1240512143984231881 HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=kcTIdKIG1Lwh3M5 HTTP 302
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=

Request Chain 343

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NWQ1NGI0OGMzZTc1M2RjNWZmZDBmZTA5ZTU2NzkzNw==&gdpr=0&gdpr_consent=

Request Chain 344

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=5d54b48c3e753dc5ffd0fe09e567937&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 346

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NWQ1NGI0OGMzZTc1M2RjNWZmZDBmZTA5ZTU2NzkzNw==&gdpr=0&gdpr_consent=

Request Chain 348

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=5d54b48c3e753dc5ffd0fe09e567937&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 356

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1WaeLciNQRiWojuA78nU8Q%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 358

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D5669E2D-C88D-4118-96A2-3B80EFC9D4F1&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D5669E2D-C88D-4118-96A2-3B80EFC9D4F1&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 359

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D5669E2D-C88D-4118-96A2-3B80EFC9D4F1&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D5669E2D-C88D-4118-96A2-3B80EFC9D4F1&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D5669E2D-C88D-4118-96A2-3B80EFC9D4F1&addseg=31

Request Chain 360

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDU2NjlFMkQtQzg4RC00MTE4LTk2QTItM0I4MEVGQzlENEYx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 361

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOEb1KzodjPFP1dy8JOosVY&google_cver=1

Request Chain 363

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=091079a3-59e3-4442-8ba6-60a4678ce875

Request Chain 364

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1240512143984231881

Request Chain 392

https://yieldbird-d.openx.net/v/1.0/av?auid=543857870&url=https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&cb=2009785674&vwd=&vht= HTTP 302
https://yieldbird-d.openx.net/v/1.0/av?cc=1&auid=543857870&url=https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&cb=2009785674&vwd=&vht= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDQ3NTdkMTctM2M3Ni02NDJkLTUxMWYtZDFmZWU0YTNmNTY3

Request Chain 393

https://yieldbird-d.openx.net/v/1.0/av?auid=543857870&url=https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&cb=2009785674&vwd=&vht= HTTP 302
https://yieldbird-d.openx.net/v/1.0/av?cc=1&auid=543857870&url=https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&cb=2009785674&vwd=&vht=

Request Chain 447

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBvks584us_bUa16URk6Ecs&google_cver=1

Request Chain 450

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a1898f38-2ee5-4d3b-8701-cc2077a63b07

Request Chain 451

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6102205540189106618

Request Chain 452

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=418119563271671826

Request Chain 453

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDYlcwN0E2dndBQUNuSk5sNXNVZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 454

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950600142692022411

Request Chain 455

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=hKZUTVIEts8HnR2milX4Womm

Request Chain 458

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=ni160itji1Xd&pid=557219

Request Chain 460

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=04df0219-f278-4529-8dd4-c5b7ac827712-tuct76f0381&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 462

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Request Chain 463

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R4BQI0ybSQ2S3ogiJZNA1w%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R4BQI0ybSQ2S3ogiJZNA1w%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 465

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=47805023-4C9B-490D-92DE-8822259340D7&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=47805023-4C9B-490D-92DE-8822259340D7&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 466

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=47805023-4C9B-490D-92DE-8822259340D7&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=47805023-4C9B-490D-92DE-8822259340D7&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=47805023-4C9B-490D-92DE-8822259340D7&addseg=31

Request Chain 467

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDc4MDUwMjMtNEM5Qi00OTBELTkyREUtODgyMjI1OTM0MEQ3&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDc4MDUwMjMtNEM5Qi00OTBELTkyREUtODgyMjI1OTM0MEQ3&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 468

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:fa086075-7e01-4b00-a6d7-611b5392f9ad&gdpr=0&gdpr_consent=

Request Chain 469

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1852934620691920909&gdpr=0&gdpr_consent=

Request Chain 470

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=6804e922-711b-476b-990a-2d9bef2096c9&ssp=pubmatic

Request Chain 472

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=47805023-4C9B-490D-92DE-8822259340D7&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=47805023-4C9B-490D-92DE-8822259340D7&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.1cG.SVE2uVrtCzdt0gQotwy_nJjn9U-~A&gdpr=0&gdpr_consent=

Request Chain 473

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BHJcAQUnWwUfIFMHUCZGVgRzUwYfJF5RUHHK7lSU

Request Chain 474

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3113209233135258871&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 475

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YHV_AQAAAZo6rQBg HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHV_AQAAAZo6rQBg&gdpr=0&gdpr_consent=&_test=YHV_AQAAAZo6rQBg

Request Chain 476

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5bc66665-e5cf-4d25-beb8-e81999edbf5f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 477

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=

Request Chain 479

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

Request Chain 480

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4a5ebf21-1ea6-4977-ba26-c2d2a8d54f9c

Request Chain 508

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=6c929b6761129c823ebeb866c87615&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g082_6950600151266668596 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NmM5MjliNjc2MTEyOWM4MjNlYmViODY2Yzg3NjE1&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBtzkeW4iaoDRI8JrEV63Lo&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a1898f38-2ee5-4d3b-8701-cc2077a63b07 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=1852934620691920909

Request Chain 513

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=6c929b6761129c823ebeb866c87615&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g077_6950600151266752485 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NmM5MjliNjc2MTEyOWM4MjNlYmViODY2Yzg3NjE1&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBtzkeW4iaoDRI8JrEV63Lo&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a1898f38-2ee5-4d3b-8701-cc2077a63b07

Request Chain 519

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM5MjliNjc2MTEyOWM4MjNlYmViODY2Yzg3NjE1&gdpr=0&gdpr_consent=

Request Chain 520

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=6c929b6761129c823ebeb866c87615&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 528

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM5MjliNjc2MTEyOWM4MjNlYmViODY2Yzg3NjE1&gdpr=0&gdpr_consent=

Request Chain 530

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=6c929b6761129c823ebeb866c87615&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 591

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOvd5hGwKhVqS_ha26xe6Rc&google_cver=1

Request Chain 594

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 595

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Request Chain 597

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

Request Chain 598

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1852934620691920909&gdpr=0&gdpr_consent=

Request Chain 599

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KcancyiToHEyz6QnKsS9f33Do3Eyx6BwLsJtileC

Request Chain 601

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950600168469231766

Request Chain 603

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=hKZUTVIEts8HnR2milX4Womm

Request Chain 605

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_33385dcd-4d52-433a-be7c-7e68b474e400

Request Chain 612

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dq6XmV9tQqSJ1c2EY3PeEw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

647 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVyZLb27R9cNW8B1sKc3F-R2JVJvnzy4ql1vbMpKrl_2-HwrV1-WJV7CgVNxW4Yknm7645JnKN6qc4djm3tVhVd7rZc3YM12PW6f9hX411LYnSW5ZsfbV6LsRq0W5ZQkk78-Sv_FN7jtt1q6JNpkW6vljLF4Y7ycCN47k_1lQRsPsW3yknsh20nrttW5bJx-g4J1t... Show response
info.silobreaker.com/e2t/tc/ 9 KB
3 KB 78ms
77ms Document
text/html 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.silobreaker.com/e2t/tc/VVyZLb27R9cNW8B1sKc3F-R2JVJvnzy4ql1vbMpKrl_2-HwrV1-WJV7CgVNxW4Yknm7645JnKN6qc4djm3tVhVd7rZc3YM12PW6f9hX411LYnSW5ZsfbV6LsRq0W5ZQkk78-Sv_FN7jtt1q6JNpkW6vljLF4Y7ycCN47k_1lQRsPsW3yknsh20nrttW5bJx-g4J1tBZVRQrFG3fcKw6W39vTVr1wQTFtW5lyhkG4_2BdtV4wZ6m5bv6mhW7dbnX6702h0kW3s5Rbn3nxcMsW5Dj-x31n2HCmW51CF-N4ghsYkW4xt1Dh1C_X_BW97nYJn96JQ2hVsfck61MMgMGW8D-KnD2WRPLqN8fL7NqTwp2RW2R03vk4KPds4W4llfyZ5XtL_D3ndT1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01d30dd5b644d3dbc7297d010c1c1774efb0f66f2b517f6f7295aada7b086454

Request headers

:method: GET
:authority: info.silobreaker.com
:scheme: https
:path: /e2t/tc/VVyZLb27R9cNW8B1sKc3F-R2JVJvnzy4ql1vbMpKrl_2-HwrV1-WJV7CgVNxW4Yknm7645JnKN6qc4djm3tVhVd7rZc3YM12PW6f9hX411LYnSW5ZsfbV6LsRq0W5ZQkk78-Sv_FN7jtt1q6JNpkW6vljLF4Y7ycCN47k_1lQRsPsW3yknsh20nrttW5bJx-g4J1tBZVRQrFG3fcKw6W39vTVr1wQTFtW5lyhkG4_2BdtV4wZ6m5bv6mhW7dbnX6702h0kW3s5Rbn3nxcMsW5Dj-x31n2HCmW51CF-N4ghsYkW4xt1Dh1C_X_BW97nYJn96JQ2hVsfck61MMgMGW8D-KnD2WRPLqN8fL7NqTwp2RW2R03vk4KPds4W4llfyZ5XtL_D3ndT1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:10 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d61e00aa4c9e055860aa754aed5110a8b1618312690; expires=Thu, 13-May-21 11:18:10 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=ff1254430f04f0cc673f2349c6093ed96dc43ca6-1618312690; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray: 63f44acd2c51cc3e-ZRH
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 096c8d143f0000cc3edb053000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xKo998ByaYW0n5t%2Bx1mTUZ9lMtAuwu4SkaZ8U5dsAHxS0TnA3o2TMtcv1EP%2B%2BfEppMzoKqaldJUy09BXgJrCFdAL%2BXMdfbshwwbWgfN7%2BPy0%2BP5yzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/
Redirect Chain

https://info.silobreaker.com/events/public/v1/track/tc/VVyZLb27R9cNW8B1sKc3F-R2JVJvnzy4ql1vbMpKrl_2-HwrV1-WJV7CgVNxW4Yknm7645JnKN6qc4djm3tVhVd7rZc3YM12PW6f9hX411LYnSW5ZsfbV6LsRq0W5ZQkk78-Sv_FN7jtt1...
https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5Xy...

423 KB
96 KB

541ms
480ms

Document
text/html

99.86.3.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVyZLb27R9cNW8B1sKc3F-R2JVJvnzy4ql1vbMpKrl_2-HwrV1-WJV7CgVNxW4Yknm7645JnKN6qc4djm3tVhVd7rZc3YM12PW6f9hX411LYnSW5ZsfbV6LsRq0W5ZQkk78-Sv_FN7jtt1q6JNpkW6vljLF4Y7ycCN47k_1lQRsPsW3yknsh20nrttW5bJx-g4J1tBZVRQrFG3fcKw6W39vTVr1wQTFtW5lyhkG4_2BdtV4wZ6m5bv6mhW7dbnX6702h0kW3s5Rbn3nxcMsW5Dj-x31n2HCmW51CF-N4ghsYkW4xt1Dh1C_X_BW97nYJn96JQ2hVsfck61MMgMGW8D-KnD2WRPLqN8fL7NqTwp2RW2R03vk4KPds4W4llfyZ5XtL_D3ndT1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-122.fra6.r.cloudfront.net
Software: eqmod_httpd v1.0 (author: mon sarmiento) /
Resource Hash: 7d1f5be75b390837f3451726f4a297bae0c3cb453cab51a31f9cdfc04f76f084

Request headers

:method: GET
:authority: www.gmanetwork.com
:scheme: https
:path: /news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://info.silobreaker.com/e2t/tc/VVyZLb27R9cNW8B1sKc3F-R2JVJvnzy4ql1vbMpKrl_2-HwrV1-WJV7CgVNxW4Yknm7645JnKN6qc4djm3tVhVd7rZc3YM12PW6f9hX411LYnSW5ZsfbV6LsRq0W5ZQkk78-Sv_FN7jtt1q6JNpkW6vljLF4Y7ycCN47k_1lQRsPsW3yknsh20nrttW5bJx-g4J1tBZVRQrFG3fcKw6W39vTVr1wQTFtW5lyhkG4_2BdtV4wZ6m5bv6mhW7dbnX6702h0kW3s5Rbn3nxcMsW5Dj-x31n2HCmW51CF-N4ghsYkW4xt1Dh1C_X_BW97nYJn96JQ2hVsfck61MMgMGW8D-KnD2WRPLqN8fL7NqTwp2RW2R03vk4KPds4W4llfyZ5XtL_D3ndT1

Response headers

content-type: text/html; charset=UTF-8
content-length: 97937
date: Tue, 13 Apr 2021 11:18:11 GMT
publishedtime: 1618290420
expires: Mon, 12 Apr 2021 11:18:11 GMT
content-encoding: gzip
server: eqmod_httpd v1.0 (author: mon sarmiento)
access-control-allow-origin: www.gmanetwork.com
access-control-allow-methods: POST, OPTIONS, GET, PUT
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With
p3p: CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
access-control-max-age: 1
cache-control: max-age=120, public
etag: "1618341491"
x-elapsed-time: 273791 microseconds
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: V04KnThzCMC9PGll8-bo8qsktJPPEKF050-s_GlmQhvX1qs83EjpPA==

Redirect headers

date: Tue, 13 Apr 2021 11:18:11 GMT
location: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
cf-ray: 63f44acddd8dcc3e-ZRH
link: <https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 096c8d14a50000cc3eb794c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hfUbej55TCB3JqyGtOL9KY0Ys9CG1dJNdi02vxIl7Pgj0RoFxvzIiyh7Tesp6n%2FMvrJ%2FF1G5LTj8%2FlYxJvulZ%2Fyf5IWx1RpItW28xnWTNDj6Vy8CTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=PT+Sans%7CLato:300,400,700%7CUbuntu:300,400%7CSource+Sans+Pro:400,600%7CUbuntu+Condensed%7COswald:400,300,700

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

380b47f6ea7d28de20e705c6c8442ae9e5df6be6c8fb729975dfae6228dbc0c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 11:18:11 GMT
server: ESF
date: Tue, 13 Apr 2021 11:18:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Apr 2021 11:18:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a83f7708114effe858a7974dfd5b2a877a5bc347e9f1b1d7754a1dd64f842ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 11:18:11 GMT
server: ESF
date: Tue, 13 Apr 2021 11:18:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Apr 2021 11:18:11 GMT

GET
H2 200 header_style.css
aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/ 26 KB
5 KB 27ms
9ms Stylesheet
text/css 2600:9000:2057:8600:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d16ed20b3cddde6e086198fe01669c0e1da6063547a4659094ad89de4d88e45

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 07:36:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"2a63140195615aafd28572488c8b64d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Tue, 13 Apr 2021 11:18:11 GMT
x-amz-cf-id: 7e5c7JQM29QjQ_9Vgpkl-xp8cdBNheXuHoheIcaA_wPuVK5L7JEFgQ==

GET
H3-Q050 200 css
fonts.googleapis.com/ 2 KB
558 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400&display=swap

Requested by

Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e332b922db69ae1554d1d67b6df95e42aa4aef82dceaae9540b613735fd817d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aphrodite.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 11:02:50 GMT
server: ESF
date: Tue, 13 Apr 2021 11:18:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Apr 2021 11:18:11 GMT

GET
H2 200 gnoadscript.gz.js Show response
images.gmanetwork.com/res/dist/js/ 15 KB
3 KB 96ms
31ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/gnoadscript.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e373d1ef257fbe7a72515f2d7edb46dde98ae1ef52c663428c81679f49c51db

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:17:15 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 08:39:12 GMT
server: AmazonS3
age: 57
etag: "2f73af1bd94feca38b5f4977e546a52c"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: FRA56-C2
content-length: 2775
x-amz-cf-id: NZKqZSGJkT3KfmGOqopgfo3TJdfcR4JkoMB8TcGTvGdR1w1EUvgWUg==

GET
H2 200 dfp.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 4 KB
1 KB 99ms
34ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/dfp.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d06ac9d723f8a20b2851b8c90aefda827ef956ed5db057a2a68840f82e691cee

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "22b730f6f73dd1c6d46893a639c7ab11"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 1120
x-amz-cf-id: 78Ke5UFY2vxCX4yDM-BmvMIjjbUAMbRmQGgjWlyvkohZg3tjFovkRQ==

GET
H2 200 gma_white.png
aphrodite.gmanetwork.com/assets/revamp/img/ 1 KB
2 KB 10ms
9ms Image
image/png 2600:9000:2057:8600:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/img/gma_white.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8095e046d436d9957b442dad9827d0289469e91f12cd94f68ffc90198e3b4f31

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Z1a4KR1IgQCUibmGiK2ThFq69ie8hdZd
via: 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
last-modified: Thu, 01 Feb 2018 07:44:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "e8749bb5058882d51032084665c54c4f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=180
date: Tue, 13 Apr 2021 11:18:11 GMT
content-length: 1428
x-amz-cf-id: GfoAYrHNgCwmvXcaoW8HBmb9b0SDH_wvF3S3Vu6M_oRRykqUOWdIXQ==
x-amz-meta-s3b-last-modified: 20180201T034941Z

GET
H2 200 my_stream.png
images.gmanetwork.com/res/img/ 1 KB
1 KB 30ms
30ms Image
image/png 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanetwork.com/res/img/my_stream.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f1a21d182b937b569183172ed61bbc084ced8c79e0d1c0cea671f0221cf189b

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 17:34:08 GMT
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Nov 2019 09:48:19 GMT
server: AmazonS3
age: 2915044
etag: "e17b32d7834a1eec803779a1dd2258de"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
x-amz-cf-pop: FRA56-C2
content-length: 1056
x-amz-cf-id: CyQ3rOLT6xb8AC9mk3NH12TORRSqc45DVtGSCGJtWPFGJYgyNKYxdQ==

GET
H2 200 gno_logo_svg1.svg
images.gmanetwork.com/res/img/ 11 KB
5 KB 32ms
32ms Image
image/svg+xml 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanetwork.com/res/img/gno_logo_svg1.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d11b07859fd9c556a2e9382897ff4d5bb2a811327a3f75e95b071f6804d3f52c

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 03:21:15 GMT
content-encoding: gzip
last-modified: Tue, 05 May 2020 08:50:15 GMT
server: AmazonS3
age: 2361417
etag: W/"379589077b63dbd422c97a673ecec40f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 3QLnInr6DjUcroocTdTRfrjCvlnh4cDrZfePwwVi1aPPk1SeWimByw==

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 33 KB
34 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=PT+Sans%7CLato:300,400,700%7CUbuntu:300,400%7CSource+Sans+Pro:400,600%7CUbuntu+Condensed%7COswald:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gmanetwork.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:02:57 GMT
server: sffe
age: 177273
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34260
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gmanetwork.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
age: 465309
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
expires: Fri, 08 Apr 2022 02:03:02 GMT

GET
H2 200 AirAsia_2020_01_22_12_45_27.jpg
images.gmanews.tv/webpics/2020/01/ 24 KB
24 KB 109ms
37ms Image
image/jpeg 13.226.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2020/01/AirAsia_2020_01_22_12_45_27.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-2.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f8c41060967bd4ae52ee0bf057caecbe3946aa41a988b9084e6aa62005138cc

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 05:11:08 GMT
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jan 2020 04:45:27 GMT
server: AmazonS3
age: 22024
etag: "624607a79922c75a40aa06fcd8a0d32a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 24477
x-amz-cf-id: KIMsHrs_7R9a4zOhqfFqee4Cn8tBY_w4Hf9F810zsbuK4iEJBi39SQ==

GET
H2 200 polyfill.min.js Show response
cdn.jsdelivr.net/npm/promise-polyfill@8/dist/ 4 KB
2 KB 27ms
7ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e17ae17f90ae983832f3709e67de0f7902fe1014568410534615235a158d7af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1054
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 1372
etag: W/"f21-7y8qDdUZ0tHOjRWwA1LCbmu2V2I"
x-served-by: cache-fra19127-FRA, cache-hhn4053-HHN
date: Tue, 13 Apr 2021 11:18:11 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a54e8dfab118a1930176d2a7915526ff19bd1e5dd3653709689974306739dad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "841 / 696 of 1000 / last-modified: 1618312126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20905
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:11 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 171 KB
57 KB 74ms
22ms Script
application/x-javascript 184.30.21.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3906a58ee192c51a6ddfd14b4599acd837a89625af1a39032509a2e2bf8ea4e3

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 06:50:54 GMT
etag: W/"2adc2-Lrg1zaRFiXULQQFaPmOzyP6meAg"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 74fd8145736a85900c44842e21610879
timing-allow-origin: *, *
content-length: 58216
expires: Tue, 13 Apr 2021 15:18:11 GMT

GET
H2 200 player_api Show response
www.youtube.com/ 810 B
743 B 36ms
22ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc81d606714209f254fdcc5545fd38428ef3e1bbf1f2518a54b740e915730625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:11 GMT

GET
H2 200 all.js Show response
api.dmcdn.net/ 29 KB
10 KB 112ms
34ms Script
application/x-javascript 87.248.202.99
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dmcdn.net/all.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.248.202.99 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-87-248-202-99.ams.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 4f9325b0e50d54922f785cd9797a3d80de8eda2ddd780e823fbc629d0cb17a92

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
nel: {"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age: 78720
content-length: 9766
last-modified: Tue, 19 Jan 2021 13:25:26 GMT
server: DMS/1.0.42
etag: "6006ddc6-73be"
vary: Accept-Encoding
report-to: {"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-llid: e16d60bcf8bff4171c8c0af1b6065bce
expires: Tue, 13 Apr 2021 13:26:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 31ms
18ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-242242-2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc6cae2704f6c478ba70ac31adf61202eb08db8391db37ad4958b7ec2137e729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40048
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:11 GMT

GET
H2 200 header.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/build/widgets/ 34 KB
9 KB 19ms
5ms Script
application/javascript 2600:9000:2057:8600:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/build/widgets/header.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c77f2497c42c0cf38e4ccf810e651391cbceecd15ae2b8f62e17ebf4524086ab

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 07:36:10 GMT
server: AmazonS3
age: 84
etag: W/"9bc86c07780a023822204de2700e3e70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Tue, 13 Apr 2021 11:16:53 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 0c0yKH0C_wYsJNY9lyVZSG1dEigbdMHYoYsvgOgAzW7YNe5IdcTQaA==

GET
H2 200 initial.gz.js Show response
images.gmanetwork.com/res/dist/js/ 661 B
710 B 48ms
35ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/initial.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bd5c300f9b36036a0be212fdb9a6184a192b5559d7d362760741e9c98cbd2d3

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "47a92dac25d9c4b6c1652783cc13dd34"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 374
x-amz-cf-id: 7zVWsF0E8eEB9_JYKyaavvoRcoUJPpb9J33Zb6MIeyVZtyh2mfx5Jg==

GET
H2 200 ie-emulation-modes-warning.gz.js Show response
images.gmanetwork.com/res/dist/js/btstrap/ 613 B
751 B 47ms
33ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/btstrap/ie-emulation-modes-warning.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3c25479d7c2977020822fb709b73ef277fe1bdf7d18ae1cd15af9f8c097e504

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "56b8cd137926f6d02133bf15808cd20b"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 413
x-amz-cf-id: _yIPwh0m5RRA0cSWWA37pIzvvHnXKK2ApfgskmJ6mGvhmjYCrJXxGw==

GET
H2 200 global.gz.js Show response
images.gmanetwork.com/res/dist/js/ 11 KB
4 KB 48ms
35ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/global.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a85de9065d5a1bdf2f24f8a39125aa86e684c33b86b511d0e43875fc1a12543

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 06:49:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "2ef2334db46a2892e284c98044b95b98"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 3885
x-amz-cf-id: tHcDhrf5TzxarP-P4Cz_2sGK9u_g3orZx75Yq4FLyKKCZ-qgARF7WQ==

GET
H2 200 jquery-ui.gz.js Show response
images.gmanetwork.com/res/dist/js/ 221 KB
59 KB 49ms
37ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/jquery-ui.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 139da75dd27ce3e72eb0511df6e68f3a42e8db2b96effb3750a27e2e3dd3167a

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "595e559d0f510cc53877b57dee8bc05f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 60002
x-amz-cf-id: inEMfBnOD5x_E6p7aLlqpBSzJUtvhpOlbJDN2F250pqDkZ4Csgrl_w==

GET
H2 200 lazyload.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 3 KB
2 KB 47ms
34ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/lazyload.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afbfe8e368a2051af8391ea4c832a3d1e6784c254621e2bedf3e20b241164fe7

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:16:53 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 84
etag: "571fcc5ee90d980f7303971ec23d753b"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: FRA56-C2
content-length: 1228
x-amz-cf-id: iiWjb1btB4GmKSM7z-w57HSBKyxXgMeABmvndmaHeGIpN-NacuhDCQ==

GET
H2 200 jquery.dotdotdot.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 6 KB
3 KB 44ms
32ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jquery.dotdotdot.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d362b60418a5963fe304088ba49ebdc91d1a9279c47ae8a044ddfbee6f52eccd

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 14:51:50 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:51 GMT
server: AmazonS3
age: 3702382
etag: "9e61fb7be190dbbcc7833bbd85675624"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
content-length: 2344
x-amz-cf-id: ogS94DW2QfmDb1VoM_SEzsCsD-VmDdbPinRbfgwj0v5OBrWQgINDmg==

GET
H2 200 jquery.marquee.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 4 KB
2 KB 44ms
31ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jquery.marquee.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05c173701f520cc53fcf2fba4ea74aa600c4daf76ee7d7fc321c1f00c7097603

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 12:08:14 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:51 GMT
server: AmazonS3
age: 5785798
etag: "ceb92161930b1a0192bd0b8ab559bb33"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
content-length: 1757
x-amz-cf-id: qs6DH8ye_Dk5jKXQBZLOb0gUBzNqFhruVFmGs1-jaR1egZSA--ksiw==

GET
H2 200 jquery.mousewheel.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 2 KB
1 KB 44ms
32ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jquery.mousewheel.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad09eb4f381f7bdd2df06a98dde61dd1a8d88c01170865914f972ceefcc45037

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 16:01:34 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:51 GMT
server: AmazonS3
age: 5685398
etag: "b68fffb7025d12d1cfdb53b7f0c98cb1"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
content-length: 1010
x-amz-cf-id: IIguLnEAOHBmtexN3PwNeAemSs6il-2Qz-dsgQhxVwl65QMOeLOPfw==

GET
H2 200 jscrollpane.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 14 KB
5 KB 47ms
35ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jscrollpane.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7cdbfc4262e966041c8dd26a5ba6996cff3991b180fd01f3d24f726ef4f780a1

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "28046dd731aab769ae5b12f1d6bc558f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 4738
x-amz-cf-id: vT-K4X0wRcYoIkGWhnkEOrHWlxGvtPm99FL8pXNknt6XatbSYF0FpQ==

GET
H2 200 jstorage.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 8 KB
3 KB 45ms
33ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jstorage.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e362a1e3d92a5cbd936c2ae0460c62af5f231a2edadd05034e13e6b0ee9b1f81

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:16:53 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 89
etag: "daee76b0a24dd7aefe25054edaf655c9"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: FRA56-C2
content-length: 2787
x-amz-cf-id: 2NM1N3DiwHNt6pS5nzUdqvu2kldvskJhX20fkbZehwM3R5r9iL6dbg==

GET
H2 200 jquery.ck.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 1 KB
1021 B 68ms
56ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jquery.ck.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e9422dcae50c91ac6103d603a3621effc774cf7c3ba15916710963e742282a4

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 09:59:48 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:51 GMT
server: AmazonS3
age: 3374304
etag: "8604b7c9d2c133d5a85c47243e230a18"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
content-length: 671
x-amz-cf-id: nfJrcTb3LRcwHSy2zGTLA7egqoxW_TcPZNpU-gUsh9si5iJcR99t2w==

GET
H2 200 lazyload_initial.gz.js Show response
images.gmanetwork.com/res/dist/js/ 605 B
657 B 88ms
76ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/lazyload_initial.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80a67a582fed34d5f1c3a3cbd37d3fb1866c6f02cd05d9dac1cec59d97be1d07

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "e949d36964c3e45e4c79f8dca154f3bc"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 320
x-amz-cf-id: ioa74smyO9IF6osbQZn-_-yO1eErnD9BuCJnt_PZuwdOgZVTkJmrNw==

GET
H2 200 adsTracking.gz.js Show response
images.gmanetwork.com/res/dist/js/ 2 KB
900 B 70ms
58ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/adsTracking.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bc2947b3cb9aab23eb5ef3b20b4b80aec5d43f4d4c4ef0717d9a09570fdd3ff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "93f097712e06b751009d552aeb30a029"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 563
x-amz-cf-id: qKZWGxnCAkFJ40pBGK70sSn7EiYKuDrIAaS0al1MQD9PRYx4ZKUIvg==

GET
H2 200 breaking_banner.gz.js Show response
images.gmanetwork.com/res/dist/js/widgets/ 7 KB
3 KB 69ms
58ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/widgets/breaking_banner.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f78cb7ec4796fbf923d1c995bfa6aa339020b7778db02fe0d2089bf057ad1e1

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Mon, 16 Nov 2020 07:05:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "af00ceda359fe56d879fc6f01f00121f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 2238
x-amz-cf-id: 6TFiAxUUiyvYrNWM-Gg7HqtuHLynC4_giWE54Ja9DD7Zh3jWQd0lKQ==

GET
H2 200 moment.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 31 KB
11 KB 84ms
73ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/moment.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42396341ae3c3d0cc59c90dc48397115f409545f964e955b9deceabe50b9aecf

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "5d82b3499dbc4da498b3ae1654d597fa"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 10811
x-amz-cf-id: PRddbqrEsPIV946FuCZLyE1pQ7Ia0_TmAshw98iQVdMTBpMTdYZZnw==

GET
H2 200 custom_analytics.gz.js Show response
images.gmanetwork.com/res/dist/js/ 3 KB
1 KB 69ms
58ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/custom_analytics.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 58e76bcd9db528d7fe8acd4b6c6762256a84ab7d4d48ff54b4a4d64050323284

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 06:16:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "9c297263698766e4dddc85dfca9e7b39"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 1003
x-amz-cf-id: faFv8avb0xjZQvbMblojU5ubBXzpqqIWjXXxYdPE_6gJJkuAl26qvQ==

GET
H2 200 listen_new_ad_exec.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 927 B
796 B 87ms
76ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/listen_new_ad_exec.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 881c83b3b2713d24d5b5d0c45043c5c67e6b1c21a9fc821cab1b5223f3c654e3

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Fri, 04 Sep 2020 02:59:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "c7856e565fd5a26de83adebd617c9d0f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 460
x-amz-cf-id: eHai9ZG5JomWy18ZeKnxrVTuByBnFQ_L2edu86s_3sLzNX7ipqM3Gg==

GET
H2 200 moat_content_tag.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 3 KB
2 KB 84ms
74ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/moat_content_tag.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fcd9b5232e83a460316b49b7ae2c1bd73222f00167bc9b70adda941919c6be1a

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "9a27b0e509317f529b45258332d629d3"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 1321
x-amz-cf-id: PnrNJsuC5f7M-uD1ycz5_bRgwlM_8FV_sErht6G0XZB_Q-pV_t64eA==

GET
H2 200 alexa.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 298 B
580 B 83ms
73ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/alexa.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0bb2cc51ed094008a0c4720b3086c1c7ddea74192c32aad90439e23c00a64bcc

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "d652c9c37f20553bc41d2a2aaaeede88"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 245
x-amz-cf-id: lqcC1tqugTfUj-aiDkB_I3p2_jQNo7YEKaE8NoIlaHdUni4vGRduWA==

GET
H2 200 akamai.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 913 B
885 B 85ms
75ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/akamai.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1626bb546b447d9ef6b8772bae92b22e6613ef7b65b21444c7efe3437ef48677

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "3017dbe185848a3c96b759bc9535e63f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 549
x-amz-cf-id: qpwA6grCgQ3dOG2mUdDsLhZGa1mMo_WbiPdjumAVpgJk-wk2-yfcJA==

GET
H2 200 allianz_message_listener.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 1 KB
800 B 68ms
58ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/allianz_message_listener.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cf97a6958f2ba4a3942a9add3202f4f32dc43fd7f637038968550806b92de56

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Mon, 21 Sep 2020 04:28:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "fb7eae206ed960080a010d16b45dd7ef"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 464
x-amz-cf-id: FkdOMk4QZTIZmpRD1zXi5bhrbmKAn16GrAy2bKtHmezsH6hbdA7YUA==

GET
H2 200 facebook_sdk.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 354 B
616 B 84ms
74ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/facebook_sdk.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 530e7f85a527a573329c03e2db7b3862913d14025efb3f4aa4b026f9160600ee

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "f7a7fa9aea46c23122f0adcebccfac2a"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 280
x-amz-cf-id: yAVZdKBVGBoFt517vxTKqRTPJI9yfGe_EgoXlE5GhwJpqG8cOZre8g==

GET
H2 200 facebook_pixel.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 471 B
660 B 85ms
76ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/facebook_pixel.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae1947a2826e5e189f4a57f8d6a2e8cadf74cfc1bc4b529489b2bbfd802bfd14

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "6d84ecc4d5d843913f4b88387f8a4d80"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 323
x-amz-cf-id: C_wLNnpz34t8aflVc81H5uuvXdqR7PWiWBoyOR9cmtEx5n-ZkTWi0w==

GET
H2 200 google_em_scripts.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 486 B
671 B 83ms
73ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/google_em_scripts.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6459f5c8dc1dc1bd6581f0517d67b3d55c143cc419615d4ab772b2b3f24a2c4

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 06:16:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "ad5eec8cd331a2c6305d43e14c26d545"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 336
x-amz-cf-id: LPA1KH9foIR56xcZ91Mdxr1mgPf1HCApdy1uFhnzS8Cjbh3ll0LRfg==

GET
H2 200 _ie_notification.gz.js Show response
images.gmanetwork.com/res/dist/js/partials/ 1 KB
856 B 89ms
80ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/partials/_ie_notification.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89919930da4c7d0f027496907625bb5d97db45b07ca75582ca850b72cad1a44b

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "7ce56ff5e120485ecf770418513dfd5b"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 519
x-amz-cf-id: FKIuhVS4M4voC-liyCeqgC2WVzwICpZbpGgFWg_P9oNBwg6ji9sJeA==

GET
H2 200 interstitial_ads.gz.js Show response
images.gmanetwork.com/res/dist/js/ads/ 620 B
657 B 85ms
76ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/ads/interstitial_ads.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12185420516acfdda1713b70ae0b7d4377cfa88a42bb66bd0b928aaa414dcb28

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "aadbbd983e2bb6adc3902fb1dc3835b9"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 320
x-amz-cf-id: TmsJm9FFfHKFsTGpsHljU1kWr089dU_DMhbzOFtRZtbCRftVKgIUeg==

GET
H2 200 intermittent_pushdown_ad.gz.js Show response
images.gmanetwork.com/res/dist/js/ads/ 4 KB
2 KB 232ms
223ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/ads/intermittent_pushdown_ad.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0e8c5e2a986cbb91a9be1d2db07a3a35843c26f251ad54dd03b8d3a4f2dc691

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:13 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 06:49:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "bba1b85f477feaf37a4e5c506aee9907"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 1244
x-amz-cf-id: OkdvhQgM6Hq1AAbAqX9Xet9SRcoB9s1TkA-o4R2Hooa0A0M65x3ctw==

GET
H2 200 permanent-url.gz.js Show response
images.gmanetwork.com/res/dist/js/ 1 KB
725 B 83ms
74ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/permanent-url.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad6f29ca8a46fd6ceea1d1ccbd28f0bcf41ae8193ca25369da72d1212bba73b4

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "56a5224595e912c9afb1def78e5dfed0"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 390
x-amz-cf-id: rYvO-q3Mzkc_WzrIoglMf0f74wp-Nagthm3I2xhc6cQsjcq5-FR41Q==

GET
H2 200 header.gz.js Show response
images.gmanetwork.com/res/dist/js/ 2 KB
908 B 82ms
73ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/header.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd50088ddee3d663d0a5fa745b9a24a139398fef46685aef75987a881ddf2523

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Fri, 26 Mar 2021 10:12:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "9d0e849bf7cfe58e99954c4a095a9cfe"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 571
x-amz-cf-id: UyfUL7wgtMfkVQP519tNRxpe7b7wFxlZ1H66b4S-Fpqp5gk7gpIa4Q==

GET
H2 200 cross_sell.gz.js Show response
images.gmanetwork.com/res/dist/js/consolidated/ 100 KB
26 KB 65ms
57ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/consolidated/cross_sell.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 81a935f45850ccb6970a821de458801d7ca72b56ac31b5f13607eacbefb794e5

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:16:53 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 02:10:27 GMT
server: AmazonS3
age: 83
etag: "f1189375fb2c464211496fb4c58d7508"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: FRA56-C2
content-length: 25888
x-amz-cf-id: FdzD2-HMQAo-EVYT36VT1hY5kKjMPyVRybHZaEkX9k_k0d6hwYZcuA==

GET
H2 200 story.cec1622ae1cc309f4ef917cbc03f2a63.gz.js Show response
images.gmanetwork.com/res/dist/js/consolidated/hash/ 316 KB
77 KB 65ms
57ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/consolidated/hash/story.cec1622ae1cc309f4ef917cbc03f2a63.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24a54f9f01ce9a671184c9d6e7c8d0f8acaa473d0631911cae13b71e0dae0341

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:06:13 GMT
content-encoding: gzip
last-modified: Mon, 29 Mar 2021 11:06:07 GMT
server: AmazonS3
age: 1296719
etag: "42e4cb77ffbbed20806f212fdaa35aa9"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
content-length: 78676
x-amz-cf-id: 2azS5870G3yJERiRf_TnBNA4eFAktwthIHmbwc2rJZARTJexvOKREg==

GET
H2 200 unruly.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 52 B
414 B 65ms
57ms Script
application/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/unruly.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c905617c98925807a6fdf98d7ead4be0f281661de8de7e061af32bbc328eeab

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:16:53 GMT
content-encoding: gzip
last-modified: Tue, 01 Sep 2020 08:31:53 GMT
server: AmazonS3
age: 80
etag: "bfe18942cb6e66c9d2c68b7b3854f034"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: FRA56-C2
content-length: 72
x-amz-cf-id: pPUk_QE39cykca_HogiL1IFXogn8qUb8R3q_f0ncax7pp-GxUifgcQ==

GET
H2 200 btstrap_min_e10-viewport_js.gz Show response
images.gmanetwork.com/res22/js/btstrap/ 31 KB
9 KB 82ms
74ms Script
text/javascript 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res22/js/btstrap/btstrap_min_e10-viewport_js.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7040f351fa93cddd426c4978c3cd5938173a69efc3365986135fda7da0cb5c67

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2016 11:40:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "2266bd8d5c0a99c405f3b63cdac76983"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=120
content-length: 8618
x-amz-cf-id: EgQo-YzwsqG2rR7Gg5PZeW6lGdHqUgKsopPN9C0L8S5tEv0cTvbHig==

GET
H2 200 side_adv.png
images.gmanews.tv/v3/img/ 677 B
1017 B 92ms
32ms Image
image/png 13.226.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/v3/img/side_adv.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-2.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d85bf6dc7e193ba6aba1c7f19fa7cff8480f6a424f7511d30dd93c098fac77f

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 10:31:24 GMT
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
last-modified: Fri, 01 Apr 2016 01:22:17 GMT
server: AmazonS3
age: 6310007
etag: "d011246b48da6e449ffcef2d3d6a48f9"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
x-amz-cf-pop: DUS51-C1
content-length: 677
x-amz-cf-id: OTR4mXnAFJPmhBQnVCdbNqE8boJobuhiEP8LII20jsF2iYCP5dgUuw==

GET
H2 200 ellipsis.svg
images.gmanetwork.com/res/img/ 6 KB
1 KB 64ms
57ms Image
image/svg+xml 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanetwork.com/res/img/ellipsis.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b22313fd719ae7c104f6bc4be142ffb0b9d2f5c604ab92163ec18a628927ce99

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 16:51:30 GMT
content-encoding: gzip
last-modified: Tue, 05 Nov 2019 09:48:18 GMT
server: AmazonS3
age: 5941602
etag: W/"6373ba91f5bae052a2ca12af09659d66"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: drTas-aWlY4JeFGwXnm6HINtVL0PpY1WEc2JwzV_yVs0VPNTPQ6JIA==

GET
H2 200 MuseoSans-700.otf
images.gmanetwork.com/res/fonts/MuseoSans/ 63 KB
63 KB 144ms
75ms Font
application/vnd.oasis.opendocument.formula-template 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/fonts/MuseoSans/MuseoSans-700.otf
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f0e7735adfcdf2111bdd4128aeff3912c579c0dd0fb415553327c3da059ab4d

Request headers

Origin: https://www.gmanetwork.com
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-length: 64088
last-modified: Wed, 24 Mar 2021 06:49:23 GMT
server: AmazonS3
etag: "1087c6a9da22ebf924be80a001a84d2f"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/vnd.oasis.opendocument.formula-template
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: ETag
cache-control: max-age=120
access-control-allow-credentials: true
x-amz-cf-id: 33LUUu7L4OnOIqkmNv645a6SRKerUqPfANGDZL2aHcw-YF8pJH6SVQ==

GET
H2 200 MuseoSans-500.otf
images.gmanetwork.com/res/fonts/MuseoSans/ 62 KB
62 KB 153ms
84ms Font
application/vnd.oasis.opendocument.formula-template 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/fonts/MuseoSans/MuseoSans-500.otf
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6017bdf5d16d3357b1bf6848ef88af9389a7cb3b4e54f5a8a276676bb0efb65

Request headers

Origin: https://www.gmanetwork.com
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-length: 63024
last-modified: Wed, 24 Mar 2021 06:49:23 GMT
server: AmazonS3
etag: "032337e82232f53e67317d5f6680d729"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/vnd.oasis.opendocument.formula-template
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: ETag
cache-control: max-age=120
access-control-allow-credentials: true
x-amz-cf-id: 5lP-ayrCWe1sJue_AinQKo7ONTye9XEF7WipyXZ5TqfarzfzNcjmdg==

GET
H2 200 Lora-Regular.ttf
images.gmanetwork.com/res/fonts/Lora/ 121 KB
62 KB 106ms
37ms Font
application/font-sfnt 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/fonts/Lora/Lora-Regular.ttf
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 359501180b779548ad4e1ca74f38b08474350c38bed64ad69b278837d179e792

Request headers

Origin: https://www.gmanetwork.com
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:16:32 GMT
content-encoding: gzip
age: 100
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Wed, 24 Mar 2021 06:49:23 GMT
server: AmazonS3
etag: W/"c684a3de5c014a61d5139d5b97da99fc"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/font-sfnt
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=120
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: BIBRML5tMR-1bCq84Ln1e5aUSmzhZx4mJg1Uh-85EaLRm9MXMEpXJw==

GET
H2 200 Lora-Bold.ttf
images.gmanetwork.com/res/fonts/Lora/ 121 KB
63 KB 127ms
58ms Font
application/font-sfnt 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/fonts/Lora/Lora-Bold.ttf
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51906a46cedc27ed5e349475e3bf0eb36d464f0e642eaad0f3d430f5f89af2bf

Request headers

Origin: https://www.gmanetwork.com
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:16:31 GMT
content-encoding: gzip
age: 100
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Wed, 24 Mar 2021 13:03:05 GMT
server: AmazonS3
etag: W/"eec9b1b134bfc16624d240b70db7ed59"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/font-sfnt
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=120
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: G-N3g7dlpNZefIg3dcO2bVlLGV5cShB3A9qSA8l4QFjeaiVCrKd7Wg==

GET
H2 200 pubads_impl_2021040804.js Show response
securepubads.g.doubleclick.net/gpt/ 296 KB
104 KB 25ms
25ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 19:24:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106480
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:11 GMT

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame ADCB 416 B
798 B 22ms
21ms Document
text/html 184.30.21.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1618302632.95975"
last-modified: Tue, 13 Apr 2021 06:50:20 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Tue, 13 Apr 2021 11:18:12 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1618312692~rv=38~id=7ee37fe654224d1e4ab33d7a877a9fbc; path=/; Expires=Tue, 13 Apr 2021 11:18:12 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3LmdtYW5ldHdvcmsuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 65ms
21ms XHR
application/json 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmdtYW5ldHdvcmsuY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:12 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=17474
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 8e4006bb263f40728361f4672523dd5a
Content-Length: 15
Expires: Tue, 13 Apr 2021 16:09:26 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
451 B 34ms
30ms Image
image/gif 184.30.21.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=8.352812300321306
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Thu, 13 May 2021 11:18:12 GMT

GET
H3-Q050 200 www-widgetapi.js Show response
www.youtube.com/s/player/2cea24bf/www-widgetapi.vflset/ 109 KB
39 KB 40ms
21ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2cea24bf/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fae25b47e8beed3323485071bcaa96f1620c2d86f3b5c15c4774e4b29d6c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 14:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Apr 2021 00:17:01 GMT
server: sffe
age: 73835
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39506
x-xss-protection: 0
expires: Tue, 12 Apr 2022 14:47:37 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gmanetwork.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 177274
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 fontello.woff
images.gmanews.tv/res/fonts/social/ 8 KB
8 KB 102ms
36ms Font
application/font-woff 13.226.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanews.tv/res/fonts/social/fontello.woff
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-2.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d59c24b766c8088486b920c1c36e1b3576cd415528dc01a486d3d97c776a2c8b

Request headers

Origin: https://www.gmanetwork.com
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
content-length: 7812
last-modified: Tue, 05 Nov 2019 09:48:08 GMT
server: AmazonS3
etag: "9f972961c468281bf7ee69deec7839e9"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/font-woff
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: ETag
cache-control: max-age=120,public
access-control-allow-credentials: true
x-amz-cf-id: 2XDf0eZHGMCu7u5k4pk2myIoGQ9hxJ6UR295c-82YCjv6vpDl5DHMQ==

GET
H3-Q050 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gmanetwork.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 465310
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 08 Apr 2022 02:03:02 GMT

GET
H2 200 gma-header-logo.svg
aphrodite.gmanetwork.com/ 2 KB
1 KB 6ms
6ms Image
image/svg+xml 2600:9000:2057:8600:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/gma-header-logo.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4265686660c12d10f6954d8dec60884933d680f10dd79a4ff7a76c016d62f39a

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 07:47:19 GMT
server: AmazonS3
age: 58124
etag: W/"6070135b0880a0cca74ba0fc1221e24f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
date: Mon, 12 Apr 2021 19:10:16 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: WGdTo70CrL8gDK5HKeO--APqOFKexSsAAd0_Pcnmb5D9r2Iuyq3QWA==
x-amz-meta-s3b-last-modified: 20200403T073750Z

GET
H2 200 moatcontent.js Show response
z.moatads.com/gmanmicontent461752070830/ 178 KB
58 KB 75ms
27ms Script
application/x-javascript 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/gmanmicontent461752070830/moatcontent.js
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/moat_content_tag.gz.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5b3b78542673c46b4299265778cc870a3fe7d4bffc70cb1cac9c0e5199432c79

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 16:48:35 GMT
server: AmazonS3
x-amz-request-id: A4E99E470053F668
etag: "5d09d15e235e777027a70f856982a114"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31449
accept-ranges: bytes
content-length: 58484
x-amz-id-2: dJYf97V917tog+85kRxI8zCfzKbN14mm2GYA0zHE8GrkVfP67x9vj4dJKoVA/B/rlBu5pWHhe9Y=

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 115ms
40ms Script
application/javascript 13.226.155.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/alexa.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-113.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57d87f4202b259833def537015880ebd3733bb40d19c95df1da49ba126c3b397

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 18:06:02 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 31 Mar 2021 18:01:58 GMT
Server: AmazonS3
Age: 1098731
ETag: W/"22e062f70826be118ae2cae04b9fa227"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: S0CY2uLAl0lZXKuItKPlubo0K7e1LU0K7IGzk0XVbn8o9rZi201Rww==

GET
H2 200 FG65A-Y848M-3TACG-B2LGY-Y72BW Show response
s.go-mpulse.net/boomerang/ Frame 1138 202 KB
49 KB 22ms
7ms Script
application/javascript 2a02:26f0:1700:38a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/FG65A-Y848M-3TACG-B2LGY-Y72BW
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/akamai.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:1700:38a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9fb974b84a129972abbd1e2e5cfdf685cab5f6f22d881adf3845bc73b43eb4ad

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
content-encoding: br
last-modified: Tue, 16 Feb 2021 11:39:37 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50141

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 87ms
86ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/facebook_sdk.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0eb19d3d76cb0adc4e8223eba5ce435d79bfb059bb7a518fd89cf3aa2f4876cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 9S2oDzNYOTY//TCtpn91Ow==
cross-origin-resource-policy: cross-origin
expires: Tue, 13 Apr 2021 11:33:26 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: a/NKIs9yuyFbjsoQJLBIb/pJMfs5vyjwU7QAtL5cVazcdzXqQGefQNAdh/hn7LAFaQfHnFnJ0xbUSMIQuXkqNQ==
x-fb-trip-id: 1512268381
x-fb-content-md5: d350137bb4117a5c670f1a4ffb1752ea
date: Tue, 13 Apr 2021 11:18:12 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "17126c444bf6a180bb21c4b10c159dd6"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 88ms
87ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/facebook_pixel.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a950b3e68d50d11d3f65c32089882d1ce80a3438e36565fb99e20cfc555b9584

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23961
x-fb-rlafr: 0
pragma: public
x-fb-debug: pOR6jxSrHcIh3YlKY9R4OlWvhCrsF20tEqbfbS+vQMdrwtSm2CI8Pz2xezx70HegkzIMyRqKXLZStvt73kAB9Q==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Tue, 13 Apr 2021 11:18:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
49 KB 26ms
24ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TQZBRMKGV4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242242-2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c52e316bc820dbe88113107b1f279a42a2bcf974329ebe5cc4aca675e4f8cf6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50405
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:12 GMT

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 49 KB
20 KB 90ms
21ms Script
text/javascript 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-198.datapacket.com
Software: BunnyCDN-DE1-723 /
Resource Hash: 4e9117f00b958920d6a594588c82bb74e5cf045d786c548b15b91ae65d11cc0f

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
content-encoding: br
cdn-edgestorageid: 632
cdn-cachedat: 2021-04-13 13:13:22
cdn-pullzone: 62714
cheq_headers_order: Content-Type Cache-Control Expires Etag Date Connection Content-Length
server: BunnyCDN-DE1-723
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: 2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control: public, max-age=43200
cdn-requestid: 11c0536f3caad3561bc4a651d35e5cfb
cdn-requestcountrycode: RO
cdn-requestpullsuccess: True

GET
H2 200 52.gz Show response
data2.gmanetwork.com/gno/embeds/ 111 B
599 B 353ms
32ms XHR
text/plain 13.32.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data2.gmanetwork.com/gno/embeds/52.gz?id=52&container=body
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-41.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a5ed8ea4b725375239eefe403700b8739d15e6a910c6a1c529afee1d5f5d4b4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-length: 120
access-control-allow-origin: *
last-modified: Thu, 17 Sep 2020 09:23:19 GMT
server: AmazonS3
etag: "6e1d994c6dbaa0450bb1e555183082e8"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: text/plain
via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
x-amz-cf-id: PJzpksB_NtK6mJitKD8KLUr3-ZOzmC7XbjJHwI76nfL2sax2Om5oVA==

GET
H3-Q050 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 11ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gmanetwork.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
age: 177274
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 home.gz Show response
data2.gmanetwork.com/gno/widgets/at_a_glance_lists/ 17 KB
5 KB 307ms
36ms XHR
application/json 13.32.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data2.gmanetwork.com/gno/widgets/at_a_glance_lists/home.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-41.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 044f9f6324932953d85aeca705c72c9503e8b38c81b2e4d6f946baa3fdfadd84

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-length: 4397
access-control-allow-origin: *
last-modified: Tue, 13 Apr 2021 10:24:11 GMT
server: AmazonS3
etag: "a323f49b1758493ca33a58a065f331b6"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: application/json
via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
x-amz-cf-id: tY-UzjOhKFQIP0PLJW5hkqDDoP_p1DduLTtsCB_qMoKG9ACaRu-o0Q==

GET
H2 200 authors.gz Show response
data2.gmanetwork.com/gno/authors/ 24 KB
4 KB 299ms
31ms XHR
text/plain 13.32.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data2.gmanetwork.com/gno/authors/authors.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-41.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fad05a1473de195f4e634fc8b9111126e6272002e22c03ae54cf8a8e127e345

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:16:53 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 118
x-cache: Hit from cloudfront
content-length: 3777
access-control-allow-origin: *
last-modified: Thu, 07 Nov 2019 09:29:02 GMT
server: AmazonS3
etag: "0f22b49eb29debd969aa3cceee175a83"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: text/plain
via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=120
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: qJYaFlC9dyhpsdBTLIka6cFUP94Y0hwIlJ3YKit2dW_D2zHdGRcEvg==

GET
H/1.1 200
OK Script Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 43 KB
16 KB 480ms
322ms Script
application/x-javascript 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e65b9a5fe1dc0950379456ece59f58ab12b4ee321b108b1e1f3ab4f95f81d5f

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:12 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Last-Modified: Tue, 13 Apr 2021 11:18:12 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: public, max-age=3600
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 16162
Expires: Tue, 13 Apr 2021 12:18:12 GMT

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 btb-logo-200px.svg
images.gmanetwork.com/res/img/ 10 KB
4 KB 30ms
29ms Image
image/svg+xml 13.32.25.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanetwork.com/res/img/btb-logo-200px.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2260a0c10c2fa8903fab19e7b218e5727e4e2ab04b5a68fec7fa9a2a0753a77

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 05:41:19 GMT
content-encoding: gzip
last-modified: Fri, 20 Dec 2019 04:01:32 GMT
server: AmazonS3
age: 5895414
etag: W/"c79fa6a925bb4a37a11558abba1f8a5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: ftsRkISuK7QdA6ujNXz4B_oF2ASasstuRxOMzhK858Hl0ESkxYp-dA==

GET
H2 200 fontello.woff2
aphrodite.gmanetwork.com/assets/revamp/fonts/icons/ 14 KB
15 KB 27ms
12ms Font
binary/octet-stream 2600:9000:2057:8600:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/fonts/icons/fontello.woff2
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10906b8c7ee290918a54bb5510854a38d276b9419e7f91d3781b7af6aeeaebfb

Request headers

Origin: https://www.gmanetwork.com
Referer: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
etag: "f7d914c20b6df8faac5c74ee903a3f9b"
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 14692
last-modified: Thu, 10 Oct 2019 12:34:10 GMT
server: AmazonS3
date: Tue, 13 Apr 2021 11:18:12 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=120,public
x-amz-cf-id: UDNnoKugy6cb8NyfPPFVf_hX9D7QL2nLKXjxGPkuGDkSMwuBcPBsoA==

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame ADCB 610 B
991 B 22ms
22ms Document
text/html 184.30.21.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1618302633.606363"
last-modified: Tue, 13 Apr 2021 06:50:20 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Tue, 13 Apr 2021 11:18:12 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1618312692~rv=19~id=a97204cbcaf1c963d6f33405a3b70248; path=/; Expires=Tue, 13 Apr 2021 11:18:12 GMT; Secure; SameSite=None

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 216 KB
64 KB 88ms
88ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d82e85cbe119b1508c84d6d0bdbaa1ac&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

525605ca690fa01bf2d02a28458f68fb5b1055d50d809be7001ace4062094e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.gmanetwork.com
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yYQbcExRZJSz6HJ7ZF5sqQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65484
x-fb-rlafr: 0
x-fb-debug: zXMtZWc3FbsRwfuRdfwQZoaV5s0B1wC0ECGONgeL7sNItOjjUoINhjQU/lGSEDMQ4qJgXlNZ+hG8onDigP5Xyw==
x-fb-trip-id: 2050670934
x-fb-content-md5: 9a1da442077559d24c476be474911caa
x-frame-options: DENY
date: Tue, 13 Apr 2021 11:18:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ca7c3295d173646638c5c3c2e72aed30"
timing-allow-origin: *
expires: Wed, 13 Apr 2022 08:25:44 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 91ms
32ms Image
image/gif 13.226.155.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=AirAsia%20rolls%20out%20P1%20fare%20promo&time=1618312692369&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&random_number=20115616612&sess_cookie=23eb54cb178caf402906f3c24d3&sess_cookie_flag=1&user_cookie=23eb54cb178caf402906f3c24d3&user_cookie_flag=1&dynamic=true&domain=gmanetwork.com&account=LssQl1aE+GW1O7&jsv=20130128&user_lang=en-US
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-109.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 03:07:25 GMT
Via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 29448
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: DUS51-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: lZtlvW2OzcMP6IW5ABsouhi_wZV72m_KatwjsVPPcTRBpvZ29WyngA==

GET
H2 200 388790207987812 Show response
connect.facebook.net/signals/config/ 247 KB
71 KB 88ms
87ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/388790207987812?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abcf9d8ba66731a37874638be948a8d20efaacb0b464191148002dc4259cbde8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 72386
x-fb-rlafr: 0
pragma: public
x-fb-debug: f9PORiipskqji6zHbgL7TyiGMmwgdc4biyBIvUQxQTfj2+iYRiEG5eL2S5FfiHyqRd9NOV+XUzXLMnOKzBHQYw==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Tue, 13 Apr 2021 11:18:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
85 B 13ms
13ms Other
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TQZBRMKGV4&gtm=2oe3v0&_p=1423463420&sr=1600x1200&ul=en-us&cid=40209135.1618312692&_s=1&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=AirAsia%20rolls%20out%20P1%20fare%20promo&sid=1618312692&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TQZBRMKGV4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 3 KB
2 KB 278ms
96ms Script
text/javascript 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=830150698041660209772690300708775416622897710572522574565017592282&nc=0&tsf=0&tsfmi=&pv=0&cb=1618312692646&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2826626440&at=&bid=e30%3D&di=W1siZWYiLDEzMjJdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFstMSwiLSJdLFstMiwiMTMs%0D%0AWEh4ZzFqMHpFbEFRd0oxUUVja3Z6b3ZiY0FJWlNFRWpBaEpJUVFCd2dsOUY0Q0JBZ1FXZ2lkMExI%0D%0AQkJlT0dqYnZYM3FZeU02Lyt2enZTN0dvWEd3aC8rYk1samJUeWFvN09QZiJdLFstMywiW10iXSxb%0D%0ALTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCIkXCIsXCJqUXVlcnlcIixcImFf%0D%0AdFwiLFwibV90XCIsXCJoX3RcIixcInNfdFwiLFwiblwiLFwiZG9tYWluX25hbWVcIixcImJhc2Vf%0D%0AdXJsXCIsXCJCQVNFX1VSTFwiLFwiYXNzZXRzX3VybFwiLFwiYXNzZXRzX2RvbWFpblwiLFwianNf%0D%0AdXJsXCIsXCJjc3NfdXJsXCIsXCJkYXRhX3VybFwiLFwiZGlzdF91cmxcIixcInJlc291cmNlc19l%0D%0AbnZfdXJsXCIsXCJzdGF0aWNfc2VydmVyXCIsXCJhcHBzX3VybFwiLFwiZGVmYXVsdF96b25lX2lk%0D%0AXCIsXCJ6b25lX2lkXCIsXCJpc19sb2NhbFwiLFwiaXNfZGV2XCIsXCJpc190ZXN0MDAxXCIsXCJp%0D%0Ac190ZXN0XCIsXCJpc19saXZlXCIsXCJpc19kdXBsaWNhdGVcIixcImlzX2FkX3Rlc3RpbmdcIixc%0D%0AImRlYmF0ZV9mb2xkZXJcIixcImduZXdzX2FwcHVybFwiLFwiaXNfYXdzZGV2XCIsXCJpc1VzZXJB%0D%0AZ2VudE1vYmlsZVwiLFwibG9hZEhvbWVGdWxsXCIsXCJzM19pbWFnZXNfdXJsXCIsXCJ0aW1lc3Rh%0D%0AbXBcIixcIndpbmRvd193aWR0aFwiLFwiZGF0YV9leHRcIixcInJvdXRlclwiLFwibW9kdWxlXCIs%0D%0AXCJjb3VudGRvd25fdmlld1wiLFwiY291bnRyeUJ5cGFzc1wiLFwicHJlVVJMUmVzdHJ1Y3RBcnRp%0D%0AY2xlXCIsXCJwcmVVUkxSZXN0cnVjdFBob3RvXCIsXCJwcmVVUkxSZXN0cnVjdFZpZGVvXCIsXCJw%0D%0AcmVVUkxSZXN0cnVjdEFuYWx5dGljc1wiLFwiZXJfZGF0YV91cmxcIixcImUxOV9kYXRhX3VybFwi%0D%0ALFwiZTE5X2JhdGNoX2RhdGFcIixcInNtYXJ0X3NlYXJjaF9hcGlcIl0sXCJuXCI6W10sXCJkXCI6%0D%0AW119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCItIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpc%0D%0AIlwiLFwibVwiOltcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIixcIm9n%0D%0AOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwiZGVzY3JpcHRpb25cIixcImtleXdvcmRzXCIs%0D%0AXCJuZXdzX2tleXdvcmRzXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwie1wib1wi%0D%0AOjB9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxNiJdLFstMTgsIlswLDAsMCwxXSJdLFst%0D%0AMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwx%0D%0AMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIjQwMjA5MTM1LjE2MTgz%0D%0AMTI2OTIiXSxbLTIxLCJsZjhPaExXbiJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0s%0D%0AWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjEwNjAwMDAwLFwidWpoc1wiOjEw%0D%0AMDAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsOS44LDAsXCI0Z1wiLG51bGxd%0D%0AIl0sWy0yOCwiZW4tVVMiXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAs%0D%0AMCwyLDIsMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsInRydWUiXSxbLTMyLCIyIl0s%0D%0AWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTYxODMxMjY5MjQ2NywtMl0iXSxbLTM2LCJbXCI0%0D%0ALzNcIixcIjQvM1wiXSJdLFstMzcsIi0iXSxbLTM4LCJpLC0xLC0xLDIwMiwwLDEsMCwwLDYwLDc4%0D%0ANSw0NSwwLDEwNDguNzUsMTA0OC43NSwxNjMyLDE2MzMiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDAs%0D%0AXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNl%0D%0ALG51bGwsMF0iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00Mywi%0D%0AMDAwMDAwMDEwMDAwMDAwMDAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiNjIwLDAs%0D%0AMCwwLDAsMCw3NjIsMCw2NDgsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCww%0D%0ALDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIkV1cm9wZS9CZXJsaW4sZW4tVVMsbGF0bixncmVnb3J5%0D%0AIl0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFsiYm5jaCIsMjI1XV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A1600%2C%22h%22%3A1963%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=kou9xXaDsL&sdd=%7B%7D&pto=1813
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 41fc4eb8fa970439aa034d435d6fc2496c5ac42bff1782024fc37f284c175c1a

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:12 GMT
content-encoding: gzip
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length: 1581
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 783509.gz Show response
data2.gmanetwork.com/905/gno/story/ 6 KB
2 KB 371ms
370ms XHR
application/json 13.32.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data2.gmanetwork.com/905/gno/story/783509.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-41.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be49abc7cfa20499a544dc96aa661758db5dfb8e97f8c7e6353c676f2829faab

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:13 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA56-C2
x-cache: RefreshHit from cloudfront
content-length: 1892
access-control-allow-origin: *
last-modified: Tue, 13 Apr 2021 05:07:17 GMT
server: AmazonS3
etag: "ed7f6537e23e24299406f5f377fb07ff"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: application/json
via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
x-amz-cf-id: DdXizfYOfXH_ff4itWBdbvCY2XHFBBjCbaEIDxUzhU3vwhZuLhU1tw==

GET
H2 200 steph_2021_04_11_18_52_02.jpeg
images.gmanews.tv/webpics/2021/04/ 246 KB
247 KB 35ms
35ms Image
image/jpeg 13.226.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2021/04/steph_2021_04_11_18_52_02.jpeg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-2.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 078131e5829f405ad65bdfc0132dfda0016770a8daf5f5655a81afb4862002ab

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 11:00:06 GMT
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
last-modified: Sun, 11 Apr 2021 10:52:05 GMT
server: AmazonS3
age: 173887
etag: "c738745b4f3874ed8b8174a186212871"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 251712
x-amz-cf-id: y_lHUWs18ccBcXg3pchx_L-ri_nflvX9vIuROZYkqpEn-okMAfslsw==

GET
H2 200 2021-04-11T011832Z_723046844_MT1USATODAY15878641_RTRMADP_3_NBA-LOS-ANGELES-LAKERS-AT-BROOKLYN-NETS_2021_04_11_18_43_29.JPG
images.gmanews.tv/webpics/2021/04/ 78 KB
78 KB 59ms
58ms Image
image/jpeg 13.226.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2021/04/2021-04-11T011832Z_723046844_MT1USATODAY15878641_RTRMADP_3_NBA-LOS-ANGELES-LAKERS-AT-BROOKLYN-NETS_2021_04_11_18_43_29.JPG
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-2.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3679ea1a21fa6bdde872040a6f816e0c555ff5330cff0a20999a4d866ecf2be8

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:54:17 GMT
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
last-modified: Sun, 11 Apr 2021 10:43:31 GMT
server: AmazonS3
age: 174236
etag: "7eb16923073e7b98f48b26f9b42cc1df"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 79800
x-amz-cf-id: n4W0sRQJGcGmJ1JPB8MsdudKpBu7LEgQ5FJg2Tcjsjt4yjVy_O9SUQ==

GET
H2 200 2021-04-11T014946Z_778464892_MT1USATODAY15878976_RTRMADP_3_NBA-TORONTO-RAPTORS-AT-CLEVELAND-CAVALIERS_2021_04_11_18_35_49.JPG
images.gmanews.tv/webpics/2021/04/ 82 KB
82 KB 78ms
78ms Image
image/jpeg 13.226.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2021/04/2021-04-11T014946Z_778464892_MT1USATODAY15878976_RTRMADP_3_NBA-TORONTO-RAPTORS-AT-CLEVELAND-CAVALIERS_2021_04_11_18_35_49.JPG
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-2.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea7090040ec52217a86123afd1f0b104d6b63537ae200cb0d1e136561345b678

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:41:42 GMT
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
last-modified: Sun, 11 Apr 2021 10:35:51 GMT
server: AmazonS3
age: 174991
etag: "267d61dc45634662564f89a16a2fbd89"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 84002
x-amz-cf-id: 1jYaOiSkxv-J2tnpQyVJCQ0x2ZFavklM72po1wDs3hAqjC5oUtL7Zw==

GET
H2 200 Screen_Shot_2021-04-12_at_11_2021_04_12_11_10_22.png
images.gmanews.tv/webpics/2021/04/ 358 KB
359 KB 57ms
56ms Image
image/png 13.226.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2021/04/Screen_Shot_2021-04-12_at_11_2021_04_12_11_10_22.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-2.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2168642391c840f945b089356e3bbc6b0130c5d1dc161dafebd50d9a23bde1f

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 03:15:08 GMT
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 03:10:24 GMT
server: AmazonS3
age: 115385
etag: "dc8d2f9c135699fc064c61b5e11b243f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 366847
x-amz-cf-id: T9T8B3UkK6WGWfjF2UxVy7rWutGCdwvgSIHxhy49asJVRCpYYtAVlg==

GET
H2 200 Screen_Shot_2021-04-12_at_11_2021_04_12_11_42_50.png
images.gmanews.tv/webpics/2021/04/ 437 KB
438 KB 74ms
73ms Image
image/png 13.226.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2021/04/Screen_Shot_2021-04-12_at_11_2021_04_12_11_42_50.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-2.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef0d249dc936347009f4fbffe05e5adb2f14566149dfd74d916adc4b6b9ab84c

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 03:49:59 GMT
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 03:42:53 GMT
server: AmazonS3
age: 113294
etag: "de402b80a9321603bbc4199d9d00c788"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 447788
x-amz-cf-id: qjEgrmyJsjEwpgxPPoIZVv5fgLgxQhrEAH3HgaWWa_AFuz-Dka7Sxg==

GET
H2 200 dianne_rodjun_baby_2021_04_12_00_03_48.jpg
images.gmanews.tv/webpics/2021/04/ 72 KB
72 KB 82ms
81ms Image
image/jpeg 13.226.155.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2021/04/dianne_rodjun_baby_2021_04_12_00_03_48.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-2.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92d6f3e59e312de1849cfbf4ec315a6ecc6fdda4df22b4c1428ed9e7369da4ee

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 16:21:06 GMT
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
last-modified: Sun, 11 Apr 2021 16:03:50 GMT
server: AmazonS3
age: 154627
etag: "5dd08d4d28838d2478a14e914ad4eac2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-length: 73318
x-amz-cf-id: lUlMKAbfYMZyO4860uoXWb-2oponInIXnc-u5Bp-LUrAGUJ3Llha1w==

GET
H2 200 deliveraw.nmi Show response
ads.allaccess.com.ph/ 0
0 533ms
180ms Script
text/plain 18.138.18.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.allaccess.com.ph/deliveraw.nmi?zoneid=8115&sid=0012&_=1618312691757
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.18.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 deliveraw.nmi Show response
ads.allaccess.com.ph/ 0
0 532ms
179ms Script
text/plain 18.138.18.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.allaccess.com.ph/deliveraw.nmi?zoneid=8215&sid=0012&_=1618312691758
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.18.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 deliveraw.nmi Show response
ads.allaccess.com.ph/ 0
0 517ms
179ms Script
text/plain 18.138.18.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.allaccess.com.ph/deliveraw.nmi?zoneid=8315&sid=0012&_=1618312691759
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.18.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 395ms
98ms XHR
application/json 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1618312692770&sessionId=82165c4a-1e65-0a12-cb75-912edc5da915&url=www.gmanetwork.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:13 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 51214e1ed0493f2a94a90fe35584bd6c
Content-Length: 4
Expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
264 B 89ms
87ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=388790207987812&ev=PageView&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&rl=&if=false&ts=1618312692816&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&it=1618312692381&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 13 Apr 2021 11:18:12 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
219 B 89ms
88ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=388790207987812&ev=ViewContent&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&rl=&if=false&ts=1618312692818&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&it=1618312692381&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 13 Apr 2021 11:18:12 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
218 B 89ms
88ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=388790207987812&ev=Search&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&rl=&if=false&ts=1618312692819&sw=1600&sh=1200&v=2.9.39&r=stable&ec=2&o=30&it=1618312692381&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 13 Apr 2021 11:18:12 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 117ms
116ms Fetch
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=255951164473730&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d82e85cbe119b1508c84d6d0bdbaa1ac&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: SWqjmZGG4R5S3rCHBaaVH1K72GOglvz2njy9wmZNKZEr9gbo8p5hSVQhGEodL+3INWgeFTKgz9nrzr3T2PSgvw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 13 Apr 2021 11:18:12 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 zd_w_s_loading.css
60a6ae725fca.bitsngo.net/content/ 907 B
664 B 27ms
7ms Stylesheet
text/css 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/zd_w_s_loading.css?ver=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F97) / ASP.NET
Resource Hash: df2f130ebaf879966d5e5e8e8623f57a217befe98549db88445fea1e2e1a5797

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
content-encoding: gzip
etag: "07992ef341d71:0"
last-modified: Fri, 12 Feb 2021 11:48:10 GMT
server: ECAcc (frc/8F97)
age: 100075
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 470

GET
H2 200 jquery.tap.min.js Show response
60a6ae725fca.bitsngo.net/common-scripts/ 2 KB
1 KB 30ms
10ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/common-scripts/jquery.tap.min.js
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FFE) / ASP.NET
Resource Hash: 3d9b4c1e21f076d905f1b85a541dda587ee989d1516f1465c6c6ded005cb99a8

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
content-encoding: gzip
etag: "01f41c84ba0d51:0"
last-modified: Thu, 21 Nov 2019 09:12:22 GMT
server: ECAcc (frc/8FFE)
age: 764401
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 1130

GET
H2 200 zoomd.widget.loader.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/ 37 KB
13 KB 27ms
7ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/zoomd.widget.loader.min.js?ver=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA7) / ASP.NET
Resource Hash: 6ceb80df4a2a09a64c6506bea46609e055f2043c2960b72a82e5e2388e016a86

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
content-encoding: gzip
etag: "0d5453c692fd71:0"
last-modified: Mon, 12 Apr 2021 06:58:26 GMT
server: ECAcc (frc/8EA7)
age: 100075
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 12755

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 1138 3 KB
1 KB 28ms
12ms XHR
application/json 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=FG65A-Y848M-3TACG-B2LGY-Y72BW&d=www.gmanetwork.com&t=5394376&v=1.667.0&if=&sl=0&si=nxn47ekx55n-qri22b&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/FG65A-Y848M-3TACG-B2LGY-Y72BW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ccee38a4d8b7f8fccf4de7fd7e293957dbc8866f65a0655aee9d3a08c4f744a0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1011

GET
H2 200 uuid.min.js Show response
cdnjs.cloudflare.com/ajax/libs/node-uuid/1.4.8/ 2 KB
2 KB 28ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/node-uuid/1.4.8/uuid.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87b3e2271b71b1fefe56400637a37ef3fd2a66b84aee860973fa60b839d8262e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1011085
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1095
cf-request-id: 096c8d1cca00002bf62598e000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ni39afxS%2FDJcX6FtqGbqsxHr2UVdvDLYhTOSeucGvO1DWElhoH6r8WvCJr8yMKoRt3AEoaXpARZoZPyk621Rpq21mk4SrUFC1LbPWr6Kj6%2FPWYoWVuQRzoueP3WfKvpc2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 63f44adade3f2bf6-FRA
expires: Sun, 03 Apr 2022 11:18:12 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
324 B 327ms
98ms XHR
application/json 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1618312692937&sessionId=82165c4a-1e65-0a12-cb75-912edc5da915&url=www.gmanetwork.com&cheqSource=1&cheqEvent=2&responseTime=716
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:13 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 8212563214b44ae5a3054ea4b75180d
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
135 B 91ms
90ms Image
image/gif 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136be6c434e841839f9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60632fd78afe7dfe1474ab9488bbd39e821da61c45085052aae2d05f91e46042cc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c1250616e9656ca0990a63ecc89825d957bd1fad811bc551c8c96dd82a77c3d835d2779286bcf0dee6b71b78f427e4bef97b5761bed131c6b541e6424e5585095a82d2c38681eb923bce6a88deb1da2fbb262a67d67e7ec7c2c3157585bc24fa00b3971ac621fe2a421a059935ff439cd0be71f8df78d209f2c3d9d464825e5278f04e1d1f7f44718aa064a15499c38a28a28528fc9d23c881e5f57a9efdb2053729dab21347d0a70a4b09f7a3f239f866d9f703aaa433f27dbd67c411810997ea639a4538a7eacd247620721f385f0905a0e0907e9057e606111d3bf2b753cdda441ef4d3dca6bf6cc7f1e7fc8fe4acf34d5321fd4780aa5a6f805f781dd763416c6af67ab36b1fc2efdd7e8966d73996ad2ccfd5118b281d2b3276090180d2b6c9367a49885d1487d9dda7a2890647d8e5ff0ec98a2d3f818c452e63bdd39c033da564c54d951aae&cb=1618312692937&cri=kou9xXaDsL
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:12 GMT
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type: image/gif
content-length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zoomd.widget.logger.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/ 9 KB
4 KB 7ms
6ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/zoomd.widget.logger.min.js?ver=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F04) / ASP.NET
Resource Hash: c75f65c26c8627f92d561c1574e598ce07ccfae2f3f19cb24b59437f95658259

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
content-encoding: gzip
etag: "02773d692fd71:0"
last-modified: Mon, 12 Apr 2021 06:58:28 GMT
server: ECAcc (frc/8F04)
age: 100074
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 4104

POST
H/1.1 200
OK GetToken Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 224 B
951 B 204ms
52ms XHR
application/json 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 83efb7419e404e58a3dd5dfebc16f74eaebc4b4770a831aa396d08af724c432b

Request headers

Accept: */*
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 13 Apr 2021 11:18:12 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 322

GET
H2 200 jquery.dfp.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ 289 B
423 B 11ms
9ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/extra_content/jquery.dfp.min.js?ver=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1E) / ASP.NET
Resource Hash: 823686237069918cffd8537c4a5a77c27cd84451bef4b07624f44d7e5456c226

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
content-encoding: gzip
etag: "0a74773326d71:0"
last-modified: Wed, 31 Mar 2021 13:40:52 GMT
server: ECAcc (frc/8F1E)
age: 100074
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 327

GET
H2 200 css
fonts.googleapis.com/ 2 KB
642 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 09:54:16 GMT
server: ESF
date: Tue, 13 Apr 2021 11:18:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Apr 2021 11:18:12 GMT

GET
H2 200 icon
fonts.googleapis.com/ 568 B
438 B 25ms
23ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1cf458acc26fd5be1cc1ad94b164e5a05f97af3ea6b2686c154fadd61a1219cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 11:18:12 GMT
server: ESF
date: Tue, 13 Apr 2021 11:18:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Apr 2021 11:18:12 GMT

GET
H2 200 masonry.pkgd.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/ 25 KB
10 KB 10ms
9ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/masonry.pkgd.min.js?v=4.0.v201807040945
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FDC) / ASP.NET
Resource Hash: b4ab3afc167a24f795563b7a51fae8dfbe6efc232ccb2e2add52dacc59cec3e3

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
content-encoding: gzip
etag: "01f41c84ba0d51:0"
last-modified: Thu, 21 Nov 2019 09:12:22 GMT
server: ECAcc (frc/8FDC)
age: 764400
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 10202

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 45ms
17ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 2908241
cdn-cachedat: 2021-03-10 20:26:28
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 096c8d1d1400004e80309dc000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: dbc1afb9a84d639148de495f557e96e6
cf-ray: 63f44adb59c64e80-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 core.min.js Show response
cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/ 86 KB
25 KB 16ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/core.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c062e44ef26a7b57ee5e158af4af360561ed6f3d18d96e4c1faa9b69097add0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 187373
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25572
cf-request-id: 096c8d1d0200002bf665346000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-156f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QPg%2BHUTtBjVaMbM7XrAXqwT%2FBVf3qwacMfityR3U2f3tWBXPUatcTbR68nEv6aBrKrKVBWlrNvwIvrzr9UuDEh%2F1OduCpUoYqpJq%2FQo8hTdxXEZvbNYcbnZR8UyY0AFLcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 63f44adb3ec12bf6-FRA
expires: Sun, 03 Apr 2022 11:18:12 GMT

GET
H2 200 zoomd.widget.externalcontent.loader.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ 15 KB
6 KB 7ms
7ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/extra_content/zoomd.widget.externalcontent.loader.min.js?ver=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE3) / ASP.NET
Resource Hash: 34d2701c293a921dbbaf7b206c1f4ffb541a7223c1ab3c5c6ff2b1fa011a85a0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:12 GMT
content-encoding: gzip
etag: "089a41692fd71:0"
last-modified: Mon, 12 Apr 2021 06:58:34 GMT
server: ECAcc (frc/8FE3)
age: 100074
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 6259

GET
H2 200 jquery.dfp.min.js Show response
60a6ae725fca.bitsngo.net//common-scripts/ 7 KB
3 KB 11ms
8ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net//common-scripts/jquery.dfp.min.js?v=4.0.v201807040945
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E93) / ASP.NET
Resource Hash: 9d566d5a66973cf49495579c828f81361d994a2b2e42690b5824ef1fd7803227

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:13 GMT
content-encoding: gzip
etag: "0f8e8a5ba26d71:0"
last-modified: Thu, 01 Apr 2021 05:48:32 GMT
server: ECAcc (frc/8E93)
age: 764444
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 3225

GET
H2 200 zd_top.searches.css
60a6ae725fca.bitsngo.net/Content/3.0/widget-css/ 16 KB
3 KB 12ms
10ms Stylesheet
text/css 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/Content/3.0/widget-css/zd_top.searches.css?ver=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA7) / ASP.NET
Resource Hash: 176f3ca1ee7b655aa9f2c16e71c09dc548d315c9b77ff39d637eebb931d70d81

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:13 GMT
content-encoding: gzip
etag: "04c61ee341d71:0"
last-modified: Fri, 12 Feb 2021 11:48:08 GMT
server: ECAcc (frc/8EA7)
age: 100075
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 2799

GET
H2 200 zd_top.searches.min.js Show response
60a6ae725fca.bitsngo.net/widget-scripts/extra_content/ 17 KB
7 KB 9ms
7ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/widget-scripts/extra_content/zd_top.searches.min.js?ver=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FAA) / ASP.NET
Resource Hash: 1426c56748e464a4c9a1dae580dc73acf291663684aa701711537d8709329014

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:13 GMT
content-encoding: gzip
etag: "05cd93f692fd71:0"
last-modified: Mon, 12 Apr 2021 06:58:32 GMT
server: ECAcc (frc/8FAA)
age: 100075
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 6909

GET
H2 200 runtime.js Show response
60a6ae725fca.bitsngo.net/content/4.0/js/ 3 KB
2 KB 11ms
11ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/4.0/js/runtime.js?v=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F22) / ASP.NET
Resource Hash: 341b452ea238e1335d40629bba580839ada6fd9e227b89ba4f3a7a9b1413861b

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:13 GMT
content-encoding: gzip
etag: "0b668736a2fd71:0"
last-modified: Mon, 12 Apr 2021 07:07:08 GMT
server: ECAcc (frc/8F22)
age: 100075
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 1992

GET
H/1.1 200
OK loader.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/js/ 8 KB
3 KB 49ms
18ms Script
application/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js?dynamic=1&_=1618312691760
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: adbd2d20a9543ad40a5a66a187209902d1013e67b569fbee9bac3f7d9dafc474

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: LHR62-C3
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 2896
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Mon, 12 Apr 2021 09:20:35 GMT
Server: AmazonS3
ETag: W/"a13aa5b57d25ceda2ed7ea95f92c6a80"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: eG7dsyoG0RF2AXYPd2jtnnU6Xc2WN9mxhVJN-mTxCxtR1NmmNRGBNQ==

GET
H2 200 like.php Show response
www.facebook.com/v2.5/plugins/ Frame 6E2F 35 KB
13 KB 220ms
220ms Document
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2df6710b5f20bc%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2291e21a136df%26relation%3Dparent.parent&container_width=734&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d82e85cbe119b1508c84d6d0bdbaa1ac&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd83cd33926b9a10ac9cbaa0ee10a5a8044a1c1fedeaa843adb4e14f55dd662f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2df6710b5f20bc%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2291e21a136df%26relation%3Dparent.parent&container_width=734&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0KuiP6icwm4BJBvZe..BgdX30...1.0.BgdX30.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: IijQGhqae24u8f8CRckycTFJ0ebZh0Uphpj4MXGboFAcHDYZp0T8itP0QBt+t3dMDyGn7izb5+FgDyzEkQmJgA==
date: Tue, 13 Apr 2021 11:18:13 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 / Show response
trinitymedia.ai/player/trinity/2900001772/ 4 KB
2 KB 350ms
129ms Script
application/javascript 52.21.204.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/trinity/2900001772/?pageURL=$$PAGE_URL$$&GDPR=$$GDPR_MACRO$$&GDPR_CONSENT=$$GDPR_CONSENT_MACRO$$&textSelector=I3N0b3J5MSAuc3RvcnlfdGl0bGUgLnN0b3J5X2xpbmtzLCAjc3RvcnkxIC5zdG9yeV9tYWlu
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/consolidated/hash/story.cec1622ae1cc309f4ef917cbc03f2a63.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.21.204.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-204-168.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 5c6eb8de07644cf5976f3d8e47d992b740c31e1000e19f606a0086aaafd28338

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:13 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store
content-length: 1595

GET
H2 200 buttons.js Show response
ws.sharethis.com/button/ 59 KB
17 KB 9ms
9ms Script
application/javascript 2600:9000:2182:ca00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/buttons.js?_=1618312691761
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ca00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 06:51:44 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 188789
etag: W/"60256fd0-eabe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: DUS51-C1
x-robots-tag: noindex, nofollow
content-length: 16639
x-amz-cf-id: I_k3Lsfs_D-dA7Jzy7_do-ORHnVwuvLaUF29jBG_S6YFDdZHvRQIcg==
expires: Wed, 14 Apr 2021 06:51:44 GMT

GET
H/1.1 200
OK 783509.json Show response
related.gmanews.tv/12/articleTag/905/ 3 KB
2 KB 423ms
358ms XHR
application/json 99.86.3.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://related.gmanews.tv/12/articleTag/905/783509.json
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-44.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb6bc519670fd86509a258100db040fef5c526ebbe4090d0b237702879e3590e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:14 GMT
Content-Encoding: gzip
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Pop: FRA6-C1
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Tue, 13 Apr 2021 05:08:04 GMT
Server: AmazonS3
ETag: W/"e3e47c5a2ead8f22768bd3bad16d0261"
Access-Control-Max-Age: 1200
Access-Control-Allow-Methods: GET
Content-Type: application/json
Via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
Cache-Control: max-age=1200
X-Amz-Cf-Id: -WXDgJk8hXFJ0M3YT-JrHMLFvJIhrXWfJAPZdKkCZgY199e1-03Fmw==

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242242-2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 1499
date: Tue, 13 Apr 2021 10:53:14 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Tue, 13 Apr 2021 12:53:14 GMT

GET
H/1.1 200
OK tagr_lib_learn_ph_v3.js Show response
static-tagr.gd1.mookie1.com/s1/ 4 KB
1 KB 86ms
29ms Script
application/javascript 104.111.240.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tagr.gd1.mookie1.com/s1/tagr_lib_learn_ph_v3.js?tagid=V2_153300&id=GMA
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/custom_analytics.gz.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.240.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-240-100.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5ddadabbf40d5ed6cc3b3735f87451e0a5ec1782cec93f338005566ad060fbc6

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2016 05:35:34 GMT
Server: nginx
ETag: "579999a6-1153"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1217

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 23ms
22ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=34&ud=false&qa=1600&qb=1200&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qi=1600&qj=1200&ql=&qo=0&qm=-120&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5Eh%3B%3BG%24%2509QAk%7Ci%3E3%24.ekO2m%2F%26u~q%60RP%3CG.FT0J%5D%5B(v%7CQM%3CJ.Vo!Ge%23D3lBuoytIDNmGupI%5B%5B%26u5k72kF0beMQ2%26(rX%3BU4%22s%40_Qx!%40D4%2BFTJKZ%5ESCeSztOJ5p6CGuk%3Fy6lAet66%3CBl%3F%24b%3AameaUc%5EKu%3BUDXp%2B3W%60R2zp%2FTjqU%7B(8fYqbB%7B0%60%23ym7D%5DD7gwb%5DG8F%25uHb%5DQ%22_5.eaL57IM%3C%7D)XLKX2fc%2Cie8!iwGFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.yB%3AU!%2FpwvWUuaU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&i=GMANMI_CONTENT1&hp=1&pl=1&zMoatIS=1&kq=1&dnt=0&bq=0&f=0&o=3&t=1618312692171&de=103540330375&m=0&ar=e687a89-clean&q=0&cb=0&cu=1618312692653&ll=2&ln=0&em=0&en=0&d=www.gmanetwork.com%2Fnews%3AAirAsia%20rolls%20out%20P1%20fare%20promo%3A__page__%3A-&qs=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&vc=2&gw=gmanmicontent461752070830&fd=1&ac=1&it=500&fs=99042&na=126793270&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:13 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
545 B 18ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 180 KB
30 KB 704ms
703ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1908209281913195&correlator=2387285519621980&output=ldjh&impl=fifs&eid=31060517%2C31060683&vrg=2021040804&ptt=17&sc=1&sfv=1-0-38&ecs=20210413&iu_parts=344684475%2CGNO_Money_Article_Mrec_1%2CGNO_Money_Article_Leaderboard_1%2CGNO_Money_Desktop_Outstream%2CGNO_Money_Mrec_1%2CGNO_Money_Desktop_Pushdown%2CGNO_Money_Article_Leaderboard_2%2CGNO_Money_Desktop_Interstitial%2CGNO_Money_Desktop_Skinning&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=300x250%7C336x280%7C250x250%2C728x90%2C1x1%2C300x250%7C336x280%7C250x250%7C300x600%2C1x1%2C728x90%2C1x1%2C1x1&ists=43&prev_scp=keyword%3Dpromofares%2Cair_asia%26ad_pt%3DMoney_Article_Inside_Page%26ad_pos%3DGNO_Money_Article_Mrec_1_1%26site_id%3DGMA_News_Online%7Ckeyword%3Dpromofares%2Cair_asia%26ad_pt%3DMoney_Article_Inside_Page%26ad_pos%3DGNO_Money_Article_Leaderboard_1_1%26site_id%3DGMA_News_Online%7Cad_pt%3DMoney_Article_Inside_Page%26ad_pos%3DGNO_Money_Desktop_Outstream_1%26site_id%3DGMA_News_Online%7Ckeyword%3Dpromofares%2Cair_asia%26ad_pt%3DMoney_Article_Inside_Page%26ad_pos%3DGNO_Money_Mrec_1_1%26site_id%3DGMA_News_Online%7Ckeyword%3Dpromofares%2Cair_asia%26ad_pt%3DMoney_Article_Inside_Page%26ad_pos%3DGNO_Money_Desktop_Pushdown_1%26site_id%3DGMA_News_Online%7Ckeyword%3Dpromofares%2Cair_asia%26ad_pt%3DMoney_Article_Inside_Page%26ad_pos%3DGNO_Money_Article_Leaderboard_2_1%26site_id%3DGMA_News_Online%7Ckeyword%3Dpromofares%2Cair_asia%26ad_pt%3DMoney_Article_Inside_Page%26ad_pos%3DGNO_Money_Desktop_Interstitial_1%26site_id%3DGMA_News_Online%7Ckeyword%3Dpromofares%2Cair_asia%26ad_pt%3DMoney_Article_Inside_Page%26ad_pos%3DGNO_Money_Desktop_Skinning_1%26site_id%3DGMA_News_Online&cookie_enabled=1&bc=31&abxe=1&lmt=1618312693&dt=1618312693155&dlt=1618312691581&idt=657&frm=20&biw=1600&bih=1200&oid=3&adxs=710%2C269%2C276%2C1057%2C-12245933%2C276%2C0%2C0&adys=1172%2C184%2C1524%2C187%2C-12245933%2C1847%2C165%2C166&adks=2457435214%2C4206139222%2C1735134489%2C2712109156%2C174957874%2C2904088913%2C3384347666%2C2996953453&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250%7C760x90%7C733x1%7C300x-1%7C1x-1%7C760x95%7C1600x1%7C1600x1&msz=300x250%7C760x90%7C733x1%7C300x-1%7C0x-1%7C760x90%7C1600x1%7C1600x1&ga_vid=40209135.1618312692&ga_sid=1618312693&ga_hid=1423463420&ga_fc=false&fws=0%2C0%2C0%2C4%2C644%2C0%2C0%2C0&ohw=0%2C0%2C0%2C349%2C1%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e967b443105b8c6befd08389ab5700a674d0fe3688fe230176bf7cc5788066ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30279
x-xss-protection: 0
google-lineitem-id: 5471012876,5647733405,5471216368,5647733405,-2,-1,4500995234,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138322335932,138343566858,138322410455,138343566855,-2,-1,138218203833,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 28ms
13ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK MultipleTopSearch Show response
zdwidget3-bs.sphereup.com/ 511 B
703 B 60ms
59ms Script
text/javascript 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/MultipleTopSearch?callback=jQuery1111003003718286995838_1618312691762&clientId=84092033&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&query=&title=&loader=false&containerType=SR1&overrideActions=true&targetUrl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&_=1618312691763
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 36251711e27e4c8db1c3ed84871c205f14cd46077010c013150104ec3ef0b841

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:13 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Content-Type: text/javascript; charset=utf-8
Content-Length: 321
Expires: -1

POST
H/1.1 200
OK GetToken Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 230 B
958 B 53ms
52ms XHR
application/json 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 74b4f400810ee9fe4167affd284644ed26bd7a2614a5cae6be03d1706586328e

Request headers

Accept: */*
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 13 Apr 2021 11:18:12 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 329

POST
H/1.1 200
OK GetToken Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 230 B
958 B 102ms
54ms XHR
application/json 104.40.187.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.40.187.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 74b4f400810ee9fe4167affd284644ed26bd7a2614a5cae6be03d1706586328e

Request headers

Accept: */*
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 13 Apr 2021 11:18:12 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 329

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 884ms
286ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Apr 2021 11:18:13 GMT

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 737ms
134ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Apr 2021 11:18:13 GMT

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 758ms
139ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Apr 2021 11:18:12 GMT

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 221ms
218ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=UikR97f5poFTPpFNwwXQitiIrIo4YKV3tR4M5wG8aZ0%3D&se=1618316115&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: pageView
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clientId: "84092033"

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 13 Apr 2021 11:18:13 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 147ms
147ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=UikR97f5poFTPpFNwwXQitiIrIo4YKV3tR4M5wG8aZ0%3D&se=1618316115&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: TSrequested
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clientId: "84092033"

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 13 Apr 2021 11:18:13 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 160ms
159ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=UikR97f5poFTPpFNwwXQitiIrIo4YKV3tR4M5wG8aZ0%3D&se=1618316115&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: DFPLoaded
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clientId: "84092033"

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 13 Apr 2021 11:18:13 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 29ms
28ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&qs=1&ak=https%3A%2F%2Fimages.gmanews.tv%2Fwebpics%2F2020%2F01%2FAirAsia_2020_01_22_12_45_27.jpg&i=GMANMI_CONTENT1&ud=false&qm=-120&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5Eh%3B%3BG%24%2509QAk%7Ci%3E3%24.ekO2m%2F%26u~q%60RP%3CG.FT0J%5D%5B(v%7CQM%3CJ.Vo!Ge%23D3lBuoytIDNmGupI%5B%5B%26u5k72kF0beMQ2%26(rX%3BU4%22s%40_Qx!%40D4%2BFTJKZ%5ESCeSztOJ5p6CGuk%3Fy6lAet66%3CBl%3F%24b%3AameaUc%5EKu%3BUDXp%2B3W%60R2zp%2FTjqU%7B(8fYqbB%7B0%60%23ym7D%5DD7gwb%5DG8F%25uHb%5DQ%22_5.eaL57IM%3C%7D)XLKX2fc%2Cie8!iwGFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.yB%3AU!%2FpwvWUuaU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=0&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=4719&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&f=0&o=3&t=1618312692171&de=103540330375&cu=1618312692653&m=940&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&pg=0&pf=0&cc=0&bw=0&bx=0&em=0&en=0&bu=1&cd=0&ah=1&am=0&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3AAirAsia%20rolls%20out%20P1%20fare%20promo%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=1067203992&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:13 GMT

GET
H2 200 vendor.js Show response
60a6ae725fca.bitsngo.net/content/4.0/js/ 451 KB
154 KB 7ms
7ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/4.0/js/vendor.js?v=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA0) / ASP.NET
Resource Hash: 43a3180bf543501f3c010d886d652d3da0997798bd88b071de838fa876560c8d

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:13 GMT
content-encoding: gzip
etag: "0b668736a2fd71:0"
last-modified: Mon, 12 Apr 2021 07:07:08 GMT
server: ECAcc (frc/8EA0)
age: 100075
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 157759

GET
H/1.1 200
OK bundle.js Show response
player.ivideosmart.com/ivsplayer/v4/dist/js/ 196 KB
48 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js?dynamic=1&_=1618312691760
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js?dynamic=1&_=1618312691760
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e41043312451f9bc9bd77243c2a9a93bfdaefcfd753305bc33b59c882d2d9255

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: LHR61-C1
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 48907
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Mon, 12 Apr 2021 09:20:35 GMT
Server: AmazonS3
ETag: W/"a97d7fafd8fa93555fc602329089291e"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: qE5SGPrvpaWb6u4SwTFDMSrascNi5Kw4lvl_xm_ButCwKdmr3rCjOg==

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 11ms
9ms Script
application/javascript 2600:9000:2182:ca00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/async-buttons.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js?_=1618312691761
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ca00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 14:58:49 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 159564
etag: W/"60257011-16245"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: DUS51-C1
x-robots-tag: noindex, nofollow
content-length: 18815
x-amz-cf-id: Yr22Z7Y3QWuahmCKckPUdKHrbUyRQS4SW5g_8HlULrSZ77OxqopKAw==
expires: Wed, 14 Apr 2021 14:58:49 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1423463420&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dp=%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&ul=en-us&de=UTF-8&dt=AirAsia%20rolls%20out%20P1%20fare%20promo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAUABAAAAAC~&jid=1277662155&gjid=1461150874&cid=40209135.1618312692&tid=UA-242242-2&_gid=1390006276.1618312693&_r=1&cd6=article&cd7=&cd8=Companies&cd9=Business%20and%20Industry&cd10=&cd11=April%2013%2C%202021&cd12=promo%20fares%2C%20Air%20Asia&gtm=2ou3v0&z=1161652702

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 7C54 2 KB
1 KB 9ms
9ms Document
text/html 2600:9000:2182:1800:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js?_=1618312691761
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:1800:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Tue, 13 Apr 2021 11:00:13 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: JZ5ZEvaZMipQHZmXzSRQJmPYX9DGHcVSwsDSheF_gXqtLuuuQM2EYg==
age: 1080

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-242242-2&cid=40209135.1618312692&jid=1277662155&gjid=1461150874&_gid=1390006276.1618312693&_u=IADAAUAAAAAAAC~&z=604476286

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 13 Apr 2021 11:18:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 learn
ph-gmtdmp.mookie1.com/t/v2/ 43 B
606 B 307ms
279ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ph-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_153300&src.domain=www.gmanetwork.com&src.url=%252Fnews%252Fmoney%252Fcompanies%252F783509%252Fairasia-rolls-out-p1-fare-promo%252Fstory%252F&src.id=GMA&src.rand=2928776103
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:13 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK bugsnag.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/v6/ 40 KB
13 KB 108ms
35ms Script
application/javascript 13.226.156.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js?dynamic=1&_=1618312691760
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-114.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 18:06:24 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 05 Feb 2020 15:23:02 GMT
Server: AmazonS3
Age: 3690710
ETag: W/"e63788b8657ac52b3cdbb970e551c2a4"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
Cache-Control: public, max-age=315360000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: BZsyRi5ego_Bf3BrGQGKoZxEL4br_IjTE10tWQTSe-MKxCXCNPW8vg==

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 9ms
9ms Stylesheet
text/css 2600:9000:2182:ca00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/css/buttons-secure.css
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ca00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 18:08:22 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 17:57:38 GMT
server: nginx/1.16.1
age: 61791
etag: W/"60257012-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: EQWRQjnKaff9U4KWh1daYJcMDUdoxbwQQOCMea14w9WSycLGAH9VzA==

GET
H/1.1 200
OK get_counts Show response
count-server.sharethis.com/v2.0/ 204 B
450 B 481ms
126ms Script
text/javascript 35.174.194.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://count-server.sharethis.com/v2.0/get_counts?url=http%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F&cb=stButtons.processCB&wd=true
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.194.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: 7107adfdec1a0a2945a2f36453f19ba007f0630c9ee763264911337ca0eb3ad7

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:13 GMT
Cache-Control: public, max-age=900
ETag: a8130445da3ea992463da8df12cbb3e2
Connection: keep-alive
X-Powered-By: Express
Content-Length: 204
Content-Type: text/javascript; charset=utf-8

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-242242-2&cid=40209135.1618312692&jid=1277662155&_u=IADAAUAAAAAAAC~&z=989328275

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-242242-2&cid=40209135.1618312692&jid=1277662155&_u=IADAAUAAAAAAAC~&z=989328275

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 720ms
182ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Tue, 13 Apr 2021 11:18:13 GMT

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 425ms
425ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=kqdDza5QwYbNug%2FGcIDJZ2uRlOqC7K79w%2FNEe12%2B8hY%3D&se=1618315094&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: TopSearchesPath-not-found-on-page
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
clientId: "84092033"

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 13 Apr 2021 11:18:13 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

GET
H2 200 main.js Show response
60a6ae725fca.bitsngo.net/content/4.0/js/ 78 KB
25 KB 9ms
8ms Script
application/x-javascript 2606:2800:233:9de:380:d6:22cb:12e3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://60a6ae725fca.bitsngo.net/content/4.0/js/main.js?v=4.0.v20210412065811.73000
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:9de:380:d6:22cb:12e3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F14) / ASP.NET
Resource Hash: aa643aca8d5fa444b863a9ddb8ab5b4451637ee4cab23b668455e2ad4530b02a

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:13 GMT
content-encoding: gzip
etag: "0b668736a2fd71:0"
last-modified: Mon, 12 Apr 2021 07:07:08 GMT
server: ECAcc (frc/8F14)
age: 100075
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 25517

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
340 B 132ms
33ms XHR
text/plain 3.122.26.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1618312693210.99853&hostname=www.gmanetwork.com&location=%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F&product=widget&fcmp=false&fcmpv2=false&publisher=2fe2f580-75f9-45bd-ad56-972d8c36a727&bsamesite=true&consent_cookie_duration=95&consent_duration=95&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F&title=AirAsia%20rolls%20out%20P1%20fare%20promo&sop=false&description=AirAsia%20said%20the%20promo%20started%20on%20April%2012%20and%20will%20last%20until%20April%2018%2C%202021.%20This%20covers%20flights%20from%20April%2013%20until%20November%2021%2C%202021.%20%26nbsp%3B
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js?_=1618312691761
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.26.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-26-231.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:13 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 zone.min.js Show response
cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/ 43 KB
13 KB 14ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=84092033&_=1618312691756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

937fdab3409538bd4f6164b79c2caf886f7bb6170fcc37d9bb2fa3c9c010940f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1616766
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12870
cf-request-id: 096c8d1e5d00002bf617322000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:18:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04044-ac73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uKtUOxPMQhvEp5o3VAG0ltxgwjvc2EXSLHXsb3G5mPu5V71XDwPN3zotjo2zmxOlKeIxFbQdTQS0MldG1qvfcvkq%2B7LYksM1abgH8tEIYoToYUUMZR3W396rQrBSF1tACA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 63f44add6a462bf6-FRA
expires: Sun, 03 Apr 2022 11:18:13 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
37 B 87ms
86ms Other
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary8Cu2ax3lClBX3OtW

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 13 Apr 2021 11:18:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 6E2F 400 B
619 B 89ms
86ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2df6710b5f20bc%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2291e21a136df%26relation%3Dparent.parent&container_width=734&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2df6710b5f20bc%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2291e21a136df%26relation%3Dparent.parent&container_width=734&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: oXo8KKiKQ/uMxJbsc3ih/azzkCB3Co6+KEZKQyRigH9ISTGZq+bLt3QD2zxiZ1qZm9hSXz13Km6p5XmBjLP3LA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Sat, 10 Apr 2021 20:50:33 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Sun, 10 Apr 2022 20:50:33 GMT

GET
H2 200 wE8-W9hF4eg.js Show response
www.facebook.com/rsrc.php/v3iEpO4/y7/l/en_US/ Frame 6E2F 480 KB
124 KB 90ms
86ms Script
application/x-javascript 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/y7/l/en_US/wE8-W9hF4eg.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ac560c4bb9d8586f655aeaed02985888ba3b8ae620cda5fa1b64014cc6c741e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2df6710b5f20bc%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2291e21a136df%26relation%3Dparent.parent&container_width=734&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: QCbyPA+yzi6xHqBPlJo86hKyJYQ7+Pw0REP+IsOc51gt0KTTAFXqAlpxrOQ3yIT3HPcwgpoyRWIeQtm459HALA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 8wFV4gGnMf++v/q3GwYSTQ==
date: Mon, 12 Apr 2021 23:51:21 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 126941
x-fb-rlafr: 0
expires: Tue, 12 Apr 2022 23:51:21 GMT

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 36ms
33ms Image
text/plain 3.122.26.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1618312693210.99853&hostname=www.gmanetwork.com&location=%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F&product=widget&fcmp=false&fcmpv2=false&publisher=2fe2f580-75f9-45bd-ad56-972d8c36a727&bsamesite=true&consent_cookie_duration=95&consent_duration=95&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F&title=AirAsia%20rolls%20out%20P1%20fare%20promo&sop=false&description=AirAsia%20said%20the%20promo%20started%20on%20April%2012%20and%20will%20last%20until%20April%2018%2C%202021.%20This%20covers%20flights%20from%20April%2013%20until%20November%2021%2C%202021.%20%26nbsp%3B&gdpr_domain=.consensu.org&gdpr_method=cookie&description=AirAsia%20said%20the%20promo%20started%20on%20April%2012%20and%20will%20last%20until%20April%2018%2C%202021.%20This%20covers%20flights%20from%20April%2013%20until%20November%2021%2C%202021.%20%26nbsp%3B&img_pview=true
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.26.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-26-231.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:13 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 trinity-injector-script.js Show response
vd.trinitymedia.ai/trinity-player/tts-player/20210413_c36111c3fe4c63a950b4c60800ddcf12a7d35b1a/ 301 KB
47 KB 38ms
37ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210413_c36111c3fe4c63a950b4c60800ddcf12a7d35b1a/trinity-injector-script.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity/2900001772/?pageURL=$$PAGE_URL$$&GDPR=$$GDPR_MACRO$$&GDPR_CONSENT=$$GDPR_CONSENT_MACRO$$&textSelector=I3N0b3J5MSAuc3RvcnlfdGl0bGUgLnN0b3J5X2xpbmtzLCAjc3RvcnkxIC5zdG9yeV9tYWlu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: f2bc1cfc0d06bfa0724ee1d6a512b42282016d2c078e9d8058c26f8fb85bfd45

Request headers

Origin: https://www.gmanetwork.com
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:13 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 07:50:13 GMT
server: AmazonS3
x-amz-request-id: 2Y3FEHP9J3N7EDPV
etag: "f6c4ef5270f8dbd93561d66c685b0937"
x-hw: 1618312693.dop234.fr8.t,1618312693.cds201.fr8.hn,1618312693.cds109.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 47832
x-amz-id-2: 3f5BUWHH7fipwFEMIJWfAxgQq5aS7E+ojA2osrz26D83Gseqn2OLfNX2eJhGzMRUDmoWW6Pit/Q=

GET
H2 200 deliveraw.nmi Show response
ads.allaccess.com.ph/ 0
0 185ms
182ms Script
text/plain 18.138.18.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.allaccess.com.ph/deliveraw.nmi?zoneid=8070&sid=0012&_=1618312691764
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.18.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 6E2F 67 B
233 B 117ms
115ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1618312693349&t_start=1618312693349&t_domcontent=1618312693354&t_layout=1618312693567&t_onload=1618312693567&t_paint=1618312693567&t_creport=1618312693567&t_tti=1618312693354&lid=6950600092377002265-0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2df6710b5f20bc%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2291e21a136df%26relation%3Dparent.parent&container_width=734&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 7oM91FxlbchJ4SMrI2A+QSnvwpgl0oNoR4zVixV4W+IEGdidm95/TkSiwN23slylDC77Ciwk/W+BsotlKVpFOA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 13 Apr 2021 11:18:13 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect
depart.trinitymedia.ai/api/ 0
0 93ms
30ms Fetch 18.193.136.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.136.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-136-3.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 13 Apr 2021 11:18:13 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 learn
ph-gmtdmp.mookie1.com/t/v2/ 43 B
388 B 274ms
274ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ph-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_153300&src.domain=www.gmanetwork.com&src.url=%252Fnews%252Fmoney%252Fcompanies%252F783509%252Fairasia-rolls-out-p1-fare-promo%252Fstory%252F&src.id=GMA&src.rand=2928776103
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210413_c36111c3fe4c63a950b4c60800ddcf12a7d35b1a/trinity-injector-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:13 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 audio.php Show response
trinitymedia.ai/player/ Frame 886C 15 KB
8 KB 190ms
189ms Document
text/html 52.21.204.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/audio.php?pageURL=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&textSelector=I3N0b3J5MSAuc3RvcnlfdGl0bGUgLnN0b3J5X2xpbmtzLCAjc3RvcnkxIC5zdG9yeV9tYWlu&sCampaignID=2900001772&FAB=true&backgroundColor=rgb%28255%2C+255%2C+255%29&playerId=96e0530aa3cc817d2ad8c035745802b3&isLegacyBrowser=false&version=20210413_c36111c3fe4c63a950b4c60800ddcf12a7d35b1a&useCFCDN=0&ts=1618312693509&tsServer=1618312693398&FABOnly=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.21.204.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-204-168.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 2b95cd7444a2e25139b2e3425b153b1326749a6e3514b70ae9a0ac0fe43740ea

Request headers

:method: POST
:authority: trinitymedia.ai
:scheme: https
:path: /player/audio.php?pageURL=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&textSelector=I3N0b3J5MSAuc3RvcnlfdGl0bGUgLnN0b3J5X2xpbmtzLCAjc3RvcnkxIC5zdG9yeV9tYWlu&sCampaignID=2900001772&FAB=true&backgroundColor=rgb%28255%2C+255%2C+255%29&playerId=96e0530aa3cc817d2ad8c035745802b3&isLegacyBrowser=false&version=20210413_c36111c3fe4c63a950b4c60800ddcf12a7d35b1a&useCFCDN=0&ts=1618312693509&tsServer=1618312693398&FABOnly=0
content-length: 2639
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.gmanetwork.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: AWSALBCORS=5wKL43cx+nVr0sbgUStZf7Q6odl4X19w1IXoMRfaj1kXA0nTCYJJBQuu5Kl5dtgDIsltHSeOL7B5nEgSgaCDuYhv6IhnoobM6cuoSNfxcgbddgYLFy+WNpB72KGe
Upgrade-Insecure-Requests: 1
Origin: https://www.gmanetwork.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

date: Tue, 13 Apr 2021 11:18:14 GMT
content-type: text/html; charset=UTF-8
content-length: 7402
set-cookie: AWSALB=woBC4ZaKZE+hBVlrvFoGW6TbhGOiBxZ8V+W65ZhED+vfjawI4HC7PUPbxxf7Ktn7JZO0Bec2kkaZHZRjEfeH2D7lZTTsAzsPghjTzYd6d9r08FqbW9pcA1nyeo9S; Expires=Tue, 20 Apr 2021 11:18:13 GMT; Path=/ AWSALBCORS=woBC4ZaKZE+hBVlrvFoGW6TbhGOiBxZ8V+W65ZhED+vfjawI4HC7PUPbxxf7Ktn7JZO0Bec2kkaZHZRjEfeH2D7lZTTsAzsPghjTzYd6d9r08FqbW9pcA1nyeo9S; Expires=Tue, 20 Apr 2021 11:18:13 GMT; Path=/; SameSite=None; Secure AUID=9fa5875d-a867-4077-96da-610bf496fb7e; expires=Wed, 13-Apr-2022 11:18:13 GMT; Max-Age=31536000; path=/; domain=trinitymedia.ai; secure; SameSite=None
server: Apache
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *

GET
H2 200 bubble_arrow_below.png
ws.sharethis.com/secure/images/ 969 B
1 KB 18ms
17ms Image
image/png 2600:9000:2182:ca00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/secure/images/bubble_arrow_below.png
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ca00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677

Request headers

Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 5242267
etag: "60257011-3c9"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 969
x-amz-cf-id: kn5Nnj51oNTcZQm4tTq5jiGkQPAqTM8bYh-xRCvqhIzLERVAyi9WeQ==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E96F 0
0 61ms
59ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsua5Ek6S_hEb5dNq1qBl_NrAB9O1Ko86Jhzs3cGw1ygPX53DlIYeY0eJIEHCSmNonbM-zLqOkehFNGn6ZnYiklTGwVR0zSF634VR9FS4VacEvqiTAQtqdEDR5BsZvXtCT4GGqID8gCepHIvM3gAuGdP37GZ52hMcs2_Qf4ERDY30m_FPkDrM2G2kodDUdyvLIQRLEf7gbvRZj6jCDapOp9_y7Q0FYdUR5mNUTEbXuqHT_btExCM5RvJd_J4b7rl_3tnGuQRpIBWoIvBRRfFgt9KpsEdvu0i1UoU7FZVkWqdyhZWMNuxv-6ECYT-ydnsESAfMd0GBzfwoTq5jvzRA8cIeg&sai=AMfl-YSdmCL9We_4jfYyjsoAMeM4TXRmCgMbqd_qB-tAq0dRi08fC2DIGUkwraNTwG9aWCZ43vTXq8aR_z1aHkCwQdAFgL4JB5PrrVLP7naOQxfDh5OZppKB_7QaqJleW4ox&sig=Cg0ArKJSzFmMT1d7yODYEAE&urlfix=1&adurl=

Requested by

Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVyZLb27R9cNW8B1sKc3F-R2JVJvnzy4ql1vbMpKrl_2-HwrV1-WJV7CgVNxW4Yknm7645JnKN6qc4djm3tVhVd7rZc3YM12PW6f9hX411LYnSW5ZsfbV6LsRq0W5ZQkk78-Sv_FN7jtt1q6JNpkW6vljLF4Y7ycCN47k_1lQRsPsW3yknsh20nrttW5bJx-g4J1tBZVRQrFG3fcKw6W39vTVr1wQTFtW5lyhkG4_2BdtV4wZ6m5bv6mhW7dbnX6702h0kW3s5Rbn3nxcMsW5Dj-x31n2HCmW51CF-N4ghsYkW4xt1Dh1C_X_BW97nYJn96JQ2hVsfck61MMgMGW8D-KnD2WRPLqN8fL7NqTwp2RW2R03vk4KPds4W4llfyZ5XtL_D3ndT1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 13 Apr 2021 11:18:14 GMT

GET
H/1.1

200
OK

Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js Show response
cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/ Frame E96F
Redirect Chain

https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstoliezsjZdgcoBzGFY9IZ2ieyNA5de1zax75Vurg41KQD2nxlooPK1hs5qYMyti1L5QBcEvisaK7WfFCqdewWHz94gjszyXh4z6lCbPCn_GexquiNl6l-_CrcuKTdOn8heyl9e8FYTKUQ_Y...
https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js

35 KB
10 KB

122ms
22ms

Script
application/octet-stream

69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: ddae76a3a53d98e6150666e1b1f5b6ec9ce3a510e42e837754c6c9eac60eaf3f

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Apr 2021 08:33:11 GMT
Server: AmazonS3
x-amz-request-id: C5R8S9A3VJXSQ2HY
ETag: "3d05b97470b34b2b8511ad4876262c66"
X-HW: 1618312694.dop234.fr8.t,1618312694.cds217.fr8.shn,1618312694.dop234.fr8.t,1618312694.cds097.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=30836044
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 10068
x-amz-id-2: VFQWsY0fYHUSjoEpHNaG5vpfYk9V6sSzS+wmhLvoS60U0hVC/Iu597HOJgMmXHXPJ/F5NOnsUPw=

Redirect headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E96F 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:14 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/gmanmidfpdisplay183413089896/ Frame E96F 290 KB
99 KB 26ms
25ms Script
application/x-javascript 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/gmanmidfpdisplay183413089896/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4767c73d3e505ff9816e8c37f94802189d0a26588436b7490fe9faa1332fbaa7

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:14 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 15:18:50 GMT
server: AmazonS3
x-amz-request-id: YDAKYC42XEQZCVEG
etag: "28e043a9fa59946d71965c3afc983197"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=5952
accept-ranges: bytes
content-length: 100387
x-amz-id-2: IGqUDYwLBh0RsbHNYHMcD8fTbRf3CfUATNFkCMqirtBEYmqKcR1zkvVpestiBh/DsmcMusLOM9Q=

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5007 0
0 65ms
53ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu69xgMAMtPb1SgjhO8-09-cKAFOHEYJkC8OxYxIn1hx4bS_JZaeoJYfHHMEoyq1MiSZCxG6fYRCV01ipQ8efQVoC3_QLxzdyskUTWktrHEjm9Rzc7UyEz7_0QXVEbwDUCW0rw8HAQFadnSNSA9GoxfGecQgCYPBjXM5DEOeG_r3r3zP2UI874ufqtUw2ELYRn8_GEg7sZ29xXNvb8gUEsLrsFG4OeM0JtqlmE_mxdftspPupI7CK9UmHE1R41yXGR5wvsXM7-eGacn6ecoIes0fyCGa64xQYRr_OOPA8Tb5DTST3XFugDNZ-UOUvEZxDeuUBBnlq3o&sai=AMfl-YRd_JAE0LXbPFGGJrF1OIbYWbWPlu1Ei4RSgVk6lHa4Y9AV4f9uPMDxG2lqTNSow5QMbjCB3S0yRdGzhJ-caxF_HXxWB11FdwG4XQCVMYBQrjeNopIQcrgz0SI5L8EP&sig=Cg0ArKJSzF7ETkQYtXMmEAE&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 13 Apr 2021 11:18:14 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/ Frame 5007 17 KB
7 KB 17ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

621c1887d62b0efc13debf4c23006b8b7d50b13880651e72b2602544592fcfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 3769647970510480794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 11:17:13 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 5007 2 KB
1 KB 18ms
12ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 11:17:25 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5007 118 KB
36 KB 31ms
26ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:14 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/gmanmidfpdisplay183413089896/ Frame 5007 290 KB
99 KB 51ms
48ms Script
application/x-javascript 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/gmanmidfpdisplay183413089896/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4767c73d3e505ff9816e8c37f94802189d0a26588436b7490fe9faa1332fbaa7

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:14 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 15:18:50 GMT
server: AmazonS3
x-amz-request-id: YDAKYC42XEQZCVEG
etag: "28e043a9fa59946d71965c3afc983197"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=33655
accept-ranges: bytes
content-length: 100387
x-amz-id-2: IGqUDYwLBh0RsbHNYHMcD8fTbRf3CfUATNFkCMqirtBEYmqKcR1zkvVpestiBh/DsmcMusLOM9Q=

GET
H2 200 3101312293309010484
tpc.googlesyndication.com/simgad/ Frame 5007 29 KB
29 KB 19ms
13ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3101312293309010484

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c5afec22fbdee5535024910654b2fc33137c9a8b3a935c1233a229b32549663

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 03:23:06 GMT
x-content-type-options: nosniff
age: 460508
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29817
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 15:58:33 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 03:23:06 GMT

GET
H/1.1

200
OK

spotx_dfp_v2.js Show response
cdn.spotxcdn.com/website/integration_test/media/asia/gma/ Frame B230
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstH3sD3F4idy_gMoR42mKn9hX9m34MuKbprI0veXrsJCqCG9UrAAluWV4gGJM6td_KiDpK2TXJRQlu8kUSv2SjyKemNl3yJnc32LNy5Ft_G7S5n6rDs8qd1h_6U3g5lCtzNwroBhNS5n...
https://cdn.spotxcdn.com/website/integration_test/media/asia/gma/spotx_dfp_v2.js

5 KB
2 KB

86ms
27ms

Script
application/javascript

184.30.20.91
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.spotxcdn.com/website/integration_test/media/asia/gma/spotx_dfp_v2.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.91 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-91.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fc74afe4144289e584fc7079b556579721f4ab11c2a918ce17bb3da10e192a8c

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2020 09:36:50 GMT
Server: nginx
ETag: "5f59f3b2-1309"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2155

Redirect headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: //cdn.spotxcdn.com/website/integration_test/media/asia/gma/spotx_dfp_v2.js
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 38ms
26ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988871915048"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28262
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:14 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5101 0
0 31ms
30ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszFqMEAnlLRyg7YoNpqcy1TwzkSexuJVC68680LLhwcjUDgPiTSd0p6p1q3XmOk3lZufEMuBhgOgEBQHeYXlcPtrVx0r_tQeBfvpALXwSf8bDZ80Oe2Ittpwlk51d1kko3x-vacFKyeYxdYVvJaaOnpZAW40f39owXeqjV9_QMIyNKFBlwYm1WUFEc14s132FzAc7G3UlvRIai4K_Vf57f4asoOrwD9FyVdVe3a-536S5xSFDKMvpsRiAcxxAyIVkC6cH7N-97JA3e6zZ9B8U_p5hjgZrSMC14n5COvWU2Xt_-cS6aA85F&sai=AMfl-YQZj5UwkJczWUeXT5BCJGQIh_fcgHM-UFIRasljo8xdjpknDvsumw7Q3wRmyi5e4SmQCI47wyLYkBWd579YxTySBVGhfof97gZp6zES9pfcW3OfX00oR73i07F04pEU&sig=Cg0ArKJSzKgoEMkT_DGyEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/ Frame 5101 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

621c1887d62b0efc13debf4c23006b8b7d50b13880651e72b2602544592fcfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 3769647970510480794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 11:17:13 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 5101 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 11:17:25 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5101 118 KB
36 KB 29ms
29ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5101 0
0 21ms
21ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSn2FMA37MS6Fqs0_P2oYs-UWDtng-mmenPbijDz_Ylxsg1cdbDr0LA1u1MSM0oLUSLHAK-
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/gmanmidfpdisplay183413089896/ Frame 5101 290 KB
99 KB 23ms
21ms Script
application/x-javascript 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/gmanmidfpdisplay183413089896/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4767c73d3e505ff9816e8c37f94802189d0a26588436b7490fe9faa1332fbaa7

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:14 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 15:18:50 GMT
server: AmazonS3
x-amz-request-id: YDAKYC42XEQZCVEG
etag: "28e043a9fa59946d71965c3afc983197"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=33655
accept-ranges: bytes
content-length: 100387
x-amz-id-2: IGqUDYwLBh0RsbHNYHMcD8fTbRf3CfUATNFkCMqirtBEYmqKcR1zkvVpestiBh/DsmcMusLOM9Q=

GET
H3-Q050 200 4171578170316872703
tpc.googlesyndication.com/simgad/ Frame 5101 41 KB
41 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4171578170316872703

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4840ce6e3fdcfd0fb5e58ba3d53d7eeedaf3fadc3fe186b54a96910161fdba5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:47:31 GMT
x-content-type-options: nosniff
age: 462643
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41746
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 15:58:32 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 02:47:31 GMT

GET
H2 200 container.html Show response
1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 42D8 6 KB
3 KB 8ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 13 Apr 2021 11:18:13 GMT
expires: Wed, 13 Apr 2022 11:18:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame B7BB 62 KB
21 KB 39ms
27ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e9ef23fd1f9e6a6b36dfff1d7569c2f51699f57ffbe865154a67a2ccb9d315da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "841 / 851 of 1000 / last-modified: 1618312175"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20924
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:14 GMT

GET
DATA 200
OK truncated
/ Frame B7BB 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a49b2804d2e4708b0d1205bfa84e37b52391130516e6427f29ed1237e14d151

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view%3Fxai%3DAKAOjsuQbmuMoMpW4P7Nyt-LDblk1cJCNePVSV_FAOrx_Iuo1yiwg4sKMhTP4NcTxrQ8XgpmX-OGmSyq7a7AYQjpmOj6njbbndkeHH3TwlgFfpcJGOLdXJ7egdzqjANs78-loxDltq6baz-J4vN-uLvEpawbzsyn71NSOnogUt9ZbiHSQ8GIy7Wi...
securepubads.g.doubleclick.net/pcs/ Frame B7BB 0
27 B 40ms
28ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsuQbmuMoMpW4P7Nyt-LDblk1cJCNePVSV_FAOrx_Iuo1yiwg4sKMhTP4NcTxrQ8XgpmX-OGmSyq7a7AYQjpmOj6njbbndkeHH3TwlgFfpcJGOLdXJ7egdzqjANs78-loxDltq6baz-J4vN-uLvEpawbzsyn71NSOnogUt9ZbiHSQ8GIy7WiuOQQRa53K-w7xk8rf1U0-5PY-zb5XlsurISgF3Hci6VjryWXIA1RyP59PuNuKwc2hpXcw20Jbks0YgfMXMjCxwJmf-D0fvG5QlNegAqQ-8oWiiE0_gxS47HDYqNAVtbdHH5vQg_OUHQtS_tHFbXJdPjbdEaQM4VaRn19RX92pcZJsg%26sai%3DAMfl-YSINDsp-pbTB7N2vY7PxItD6pANCoM5MMeu3F14KmQJ0W5rsB6HQRsdjtvu1LHoIJGSuhRRIsVyXeOhjaSi0r3Nu088Z3yg1XQCXryuWjZBy19A6Qm0FU1qh23UFNSH%26sig%3DCg0ArKJSzG1RgZvoo_3MEAE%26urlfix%3D1%26adurl%3D

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 30ms
29ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&kq=1&lo=0&qs=1&ak=-&i=GMANMI_CONTENT1&ud=false&qm=-120&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5Eh%3B%3BG%24%2509QAk%7Ci%3E3%24.ekO2m%2F%26u~q%60RP%3CG.FT0J%5D%5B(v%7CQM%3CJ.Vo!Ge%23D3lBuoytIDNmGupI%5B%5B%26u5k72kF0beMQ2%26(rX%3BU4%22s%40_Qx!%40D4%2BFTJKZ%5ESCeSztOJ5p6CGuk%3Fy6lAet66%3CBl%3F%24b%3AameaUc%5EKu%3BUDXp%2B3W%60R2zp%2FTjqU%7B(8fYqbB%7B0%60%23ym7D%5DD7gwb%5DG8F%25uHb%5DQ%22_5.eaL57IM%3C%7D)XLKX2fc%2Cie8!iwGFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.yB%3AU!%2FpwvWUuaU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=1&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=4740&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&fy=268.8125&gp=298&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&f=0&o=3&t=1618312692171&de=103540330375&cu=1618312692653&m=2105&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=298&le=1&gm=1&io=1&ch=0&as=1&ag=1202&an=0&gf=0&gg=0&ez=1&ck=1202&kw=1169&aj=1&pg=55&pf=0&ib=0&cc=1&bw=1202&bx=0&undefined=1&ci=1202&jz=1168&dj=1&aa=0&ad=354&cn=0&gk=0&gl=0&cq=1&em=0&en=0&bu=1168&cd=1&ah=1169&am=1&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3AAirAsia%20rolls%20out%20P1%20fare%20promo%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=1351804939&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:14 GMT

GET
DATA 200
OK truncated
/ Frame E96F 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1d19f2708e8295fc45db645565ceaaaaa2690a841e5049a01ad6efc8c5509e6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
21ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=GMANMI_DFP_DISPLAY1&hp=1&wf=1&pxm=4&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1618312694483&de=103814470250&m=0&ar=e4967b0-clean&iw=e384779a&q=2&cb=0&ym=0&cu=1618312694483&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4914438385%3A2739195827%3A5471012876%3A138322335932&zMoatPT=Money_Article_Inside_Page&zMoatSZ=300x250&zMoatPS=GNO_Money_Article_Mrec_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&bo=343684595&bd=346123955&gw=gmanmidfpdisplay183413089896&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1049%3A1049%3A0%3A1094&tz=GNO_Money_Article_Mrec_1_1&iq=na&tt=na&fs=189983&na=1210869791&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:14 GMT

GET
DATA 200
OK truncated
/ Frame 5007 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 252336de63ab3d21c3490cbabc028da6c5d4810029cab09ed3b712c9fe1a0506

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5101 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c06ce0931158e05fc9fdc5d2523eb66db7b669a6ab822badbf633963ed2ed2e4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5007 0
0 109ms
76ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiTjvKsrms5Wl1YkiCmlwt2VhNUT8N4-zXYV4gv9CLWxlNwTUS3UDTRPCxDOqobrFJhvFyyulN5mBd9q385xmT9xa3mAdnPKYNYJ1FifFx57Vo_cUh8yx_6qSwTMYkfKt4BiXhGuWqMkI_5aYBBxLJ2FEDq8ApyJIYkNU9tYUNbMuu8_vCOBA9QWMX3hQeSnmgxWFugKt4T2n8EXIpSirUDITjGcX5O-XdjZARQMcNfVQsD8V-CDM2C8S9Yl0lqk9DkvwDRZS8dU-HE3NMFTtYDumLF_Sbo1NWX3RSqyGYe4cA2l1uSjArgaKWTdDrL9fngUktZNm_90Y&sai=AMfl-YS6XXB_VX3KAq8PpCT8qSCjTz2_rC-oDsycXTZbroyXjI0-TyztxtBscHLDysMCShfyTHiB7-WcbxbPF1uSJT4Nn0R2fFtRusOBOi7S0o-7FdzFArczsmAUhjXySc06&sig=Cg0ArKJSzOXlaSjaP-GuEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 13 Apr 2021 11:18:15 GMT

GET
H/1.1 200
OK EASI.js Show response
cdn.spotxcdn.com/website/integration_test/media/asia/ 430 KB
104 KB 57ms
39ms Script
application/javascript 184.30.20.91
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.spotxcdn.com/website/integration_test/media/asia/EASI.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstH3sD3F4idy_gMoR42mKn9hX9m34MuKbprI0veXrsJCqCG9UrAAluWV4gGJM6td_KiDpK2TXJRQlu8kUSv2SjyKemNl3yJnc32LNy5Ft_G7S5n6rDs8qd1h_6U3g5lCtzNwroBhNS5nJZqbJhlfi8ZZnoZtcBPS1wXMriKk-dRJO4Y6PsyuhM1iS3vCZQoWmlmidDaMSGzXELrERp-xifYJ9OhvAGOlL65Rif8K4hcgpVz5fPGAE9RAnM_xoRb0O2ZoynCQV6XAJKWYlWYqW0LfNYS-q2xKG_K4_qLwgTHPWDuAWQP-CetqWXNsofq6X-fa6Q&sai=AMfl-YRM8rV8Vm8PwUSgfcjCbPIuK_0niflI6SdZNVEx2lTGoRJEr9axwpl0mh3HdRKPsNGlHb554krrcuQ5H0DaKf6LgoIO_YrWhSNn26j2AT0fk6ayiZ0f6gjfIJG1jZIF&sig=Cg0ArKJSzEJdAKiqGUe7EAE&urlfix=1&adurl=//cdn.spotxcdn.com/website/integration_test/media/asia/gma/spotx_dfp_v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.91 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-91.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ffe92d430d48aca98f3401f9743e725b09f0ae823c9bd0acf48022ae236fea61

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Feb 2020 14:33:17 GMT
Server: nginx
ETag: "5e5924ad-6b790"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106045

GET
DATA 200
OK truncated
/ Frame B230 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8b1c97f08cbb36be46f8ef6b2c5b3ad7db42486dfc85bbc24423f21ac704601

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5101 0
0 127ms
53ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSgEhbiaKVZdNy35fscHoKy0RqlUO3xe8kqVERfdkWl2SnDwG1WT5bNlysvGWmbmpjYJ0R0eRsYP4y_sAgiJk07baIDD7P7e-WOlQt8So9ufv6OFqXGnJmv2aM1rjFKVJpeR09svHou2emoxCKb6qvXuZC6gLBsnRe9tqQZGmv-h0LH9iKd4VGYYY5cwATv4vexZm4sDa-gxWBpFV8EzMj8M0Y1TqeaKOhzqhkarzCpaPxnoVZD2yr-ok80gk8BpYWoUOW0v_98OTiehEOHh_9rILM5zTRvlnImyAETcP_5kp5q3LPR7fcHg0&sai=AMfl-YTvSygqNWHXG0CRM-cC1VzjvsgYqL5CXJcKjNkR91dM0GjPafKYXrn6aG_eOfURqIrt22aZGOtjkpQaluQuNtBH-QMWBxg04AboNElYBHIRUbMrD476Cf2ItU-ZbH6X&sig=Cg0ArKJSzJ_xjhApCXiXEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 13 Apr 2021 11:18:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 23ms
23ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=GMANMI_DFP_DISPLAY1&hp=1&wf=1&pxm=4&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1618312694883&de=510407129504&m=0&ar=e4967b0-clean&iw=e384779a&q=5&cb=0&ym=0&cu=1618312694883&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=88868795%3A424147475%3A5647733405%3A138343566858&zMoatPT=Money_Article_Inside_Page&zMoatSZ=728x90&zMoatPS=GNO_Money_Article_Leaderboard_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&bo=343684595&bd=346123355&gw=gmanmidfpdisplay183413089896&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1049%3A1049%3A0%3A1094&tz=GNO_Money_Article_Leaderboard_1_1&iq=na&tt=na&fs=189983&na=266710311&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:15 GMT

GET
H3-Q050 200 pubads_impl_2021041201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B7BB 294 KB
104 KB 34ms
33ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

f9b0195ab22815c68db0b05e89abfc88fcb0b46b8b9a28d70ca731f17e07053e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Apr 2021 08:37:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106031
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:15 GMT

GET
H2 200 trinity-player.js Show response
vd.trinitymedia.ai/trinity-player/tts-player/20210413_c36111c3fe4c63a950b4c60800ddcf12a7d35b1a/ Frame 886C 1 MB
222 KB 52ms
51ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210413_c36111c3fe4c63a950b4c60800ddcf12a7d35b1a/trinity-player.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/audio.php?pageURL=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&textSelector=I3N0b3J5MSAuc3RvcnlfdGl0bGUgLnN0b3J5X2xpbmtzLCAjc3RvcnkxIC5zdG9yeV9tYWlu&sCampaignID=2900001772&FAB=true&backgroundColor=rgb%28255%2C+255%2C+255%29&playerId=96e0530aa3cc817d2ad8c035745802b3&isLegacyBrowser=false&version=20210413_c36111c3fe4c63a950b4c60800ddcf12a7d35b1a&useCFCDN=0&ts=1618312693509&tsServer=1618312693398&FABOnly=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: 008928f52dfd086cde5f078df6c2c2b053e53723321da037e5bf9768f0e9e74d

Request headers

Origin: https://trinitymedia.ai
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:15 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 07:50:13 GMT
server: AmazonS3
x-amz-request-id: JKCY2PH503XBN98G
etag: "45382d18c06478ba413210c84557c60a"
x-hw: 1618312695.dop234.fr8.t,1618312695.cds201.fr8.hn,1618312695.cds214.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 226887
x-amz-id-2: JKhQ07lttbjaU+YCso1xts7YrHitnVjz/pM6XcXoLyuiSkHWTgXBJ/couOH9XEMwktp63fS+1Hk=

GET
H/1.1 200
OK 5f212d9d5440c96fb49c4d53.js Show response
cdn.vidcrunch.com/ Frame E96F 440 B
816 B 167ms
147ms Script
text/javascript 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/5f212d9d5440c96fb49c4d53.js
Requested by: Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstoliezsjZdgcoBzGFY9IZ2ieyNA5de1zax75Vurg41KQD2nxlooPK1hs5qYMyti1L5QBcEvisaK7WfFCqdewWHz94gjszyXh4z6lCbPCn_GexquiNl6l-_CrcuKTdOn8heyl9e8FYTKUQ_YzoLxl6hLs0_xy6KGWS2xEf57kF01kQsQMcdvC7aDvL61-QoZhJWzaU0-VDoJT-hP3xAlsATF13yEJ8ox7T8jjeSDL4jX1kCoDr4PpVRpjbUf81PhWAWT79-oq_bddzEM_YVEyzmyanusgC2E1m6eMZdob3xTewI7X02hXdPBVWCNfTWBpc&sai=AMfl-YQlGTdq_lcZsrFJGQabYs0S35_2R_rZx72m-PBiQ75kBnuPI5NDVSZw4C2kqcW_sfZ23ehvooEuOjGOPuH3ETyN7L2h7uPLN8NMNP4jH9Pue6CblUEVP54EmLGHDJWb&sig=Cg0ArKJSzCm6hDGyVGGzEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 27c8dd8b9b8947535a0d67cc1f009f4d724711935637b3f4919c9a52c0a6aad8

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Feb 2021 13:34:23 GMT
Server: AmazonS3
x-amz-request-id: D1DD775BBE666708
ETag: "fcb49bb3d2c35a94eaa35b1b6c03c647"
X-HW: 1618312694.dop234.fr8.t,1618312694.cds217.fr8.shn,1618312695.dop234.fr8.t,1618312695.cds270.fr8.c
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=26273796
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 236
x-amz-id-2: xdxp7FOpnozVcoVpnJHU/2Swoch33s6hsUsjNxyzCtZGFJdw6lrnG6rYNNuEZf5DYfUgY/pSszI=

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5007 42 B
108 B 129ms
17ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLipXidwXwNz7u474kGeQ51h5lYiYSa3yln41V5b0MU1aLoaDI0hsLCoFO1DbhbgPqM3Kaf8-kF6Nsqx0lr3AHf1c374itLtLyk_X5Kew&sig=Cg0ArKJSzP6AeceCfhG3EAE&id=osdim&mcvt=1117&p=0,0,90,728&mtos=1117,1117,1117,1117,1117&tos=1117,0,0,0,0&v=20210409&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=4206139222&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618312694060&dlt=0&rpt=1536&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 42D8 2 KB
627 B 110ms
36ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
URL: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 09:23:32 GMT
server: ESF
date: Tue, 13 Apr 2021 11:18:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Apr 2021 11:18:16 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 42D8 1 KB
990 B 63ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
URL: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:15:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 11:15:53 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 42D8 0
0 88ms
53ms Fetch
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYjYB9X11YOqXDpuQrASvt4jQC8Xa541hq5vUgv8IyK3e7dMbEAEg2pGAa2D1lc6B4ASgAeqrqfgDyAEJqQJOVVc64_OzPuACAKgDAcgDmwSqBLwDT9ChhpWyZPS_PlR8SXMuG0Zg12_Kxw1D6-KIAOhI2SFMqisqjysWONje6NVcXK8I3pExRgSGJjFbxFtrcsUw4kxSJcRvSpseWrjoXWsqeGnK45reW3yZq96hnuok1qAqeds7yFQgvIkmCcJsavjvQEDNeL29VgLz1HQWGjD5bL12eWJ-zc9ddr28Ws2mzFF0TlfsBERw8O-Itf2jJZc_29HnkWEMK6RpUp5FULFLoXr5U391o7fCoNjBI6dkdDK8ivNS3MjgrMJu92VcCXJLSf_F2L1t-d9XUWiyeGmZkm-Cl4JSqQO4ZzsWqSio-d0JkN-oZJq__PLznM_RardNXgL7hGNOziy2y5sY0E_ocyKePxKiRAsBx89dN5apHpcydRTruLUbNs710dXv5chOr_XKFSOKzosMb_XZo0y2YRKkUDouYV9_Dj4tJFVx_1bU__-S9WTDFSwinILL06klNhGqKaPgRxzuMcfdqIDbv7WMoMtbDDq1ipfY6tLx1a4Oabd6FnaWlXm7kpw0xcLDZja3aZU4PGpz9jRiqPhkQIgZZMaryEjsS9d_PVf7cSvEZ-tU3WNDsUKcoc-GwATdnK7-5wHgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHuf2wAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQwPwU0ggJCIDhgEAQARgdgAoDyAsB2BMLiBQCshcaChgIABIUcHViLTU3ODM3OTgwODcxNDgyMjU&sigh=fP39CW8kiug&template_id=494&tpd=AGWhJmtTQHycKRlXBvVhPCz7lzoYfpM3iwBFZoEiz0JeSoIiwA
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVyZLb27R9cNW8B1sKc3F-R2JVJvnzy4ql1vbMpKrl_2-HwrV1-WJV7CgVNxW4Yknm7645JnKN6qc4djm3tVhVd7rZc3YM12PW6f9hX411LYnSW5ZsfbV6LsRq0W5ZQkk78-Sv_FN7jtt1q6JNpkW6vljLF4Y7ycCN47k_1lQRsPsW3yknsh20nrttW5bJx-g4J1tBZVRQrFG3fcKw6W39vTVr1wQTFtW5lyhkG4_2BdtV4wZ6m5bv6mhW7dbnX6702h0kW3s5Rbn3nxcMsW5Dj-x31n2HCmW51CF-N4ghsYkW4xt1Dh1C_X_BW97nYJn96JQ2hVsfck61MMgMGW8D-KnD2WRPLqN8fL7NqTwp2RW2R03vk4KPds4W4llfyZ5XtL_D3ndT1
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f162.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/ Frame 42D8 17 KB
7 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/abg_lite_fy2019.js

Requested by

Host: 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
URL: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

621c1887d62b0efc13debf4c23006b8b7d50b13880651e72b2602544592fcfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 3769647970510480794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 11:17:13 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 42D8 2 KB
1 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
URL: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 11:17:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 42D8 118 KB
36 KB 51ms
32ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
URL: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:16 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 42D8 13 KB
6 KB 34ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
URL: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 11:17:53 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 42D8 0
0 45ms
31ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5gLRIcxU0VSOFWgmsHIl83HhpbWNnoK4J9tA_2c3aLhpsiNX9CGCVzqd4HQiKiVvKQ6uN
Requested by: Host: 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
URL: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame 42D8 25 KB
11 KB 157ms
7ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
URL: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 01:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 01:23:38 GMT
server: sffe
age: 380531
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Thu, 08 Jul 2021 01:36:05 GMT

GET
H2 200 10313113983947285733_1812811447613509010.jpeg
static.doubleclick.net/dynamic/5/41141860/ Frame 42D8 15 KB
15 KB 23ms
17ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/41141860/10313113983947285733_1812811447613509010.jpeg

Requested by

Host: 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
URL: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4f3e93904320e9f0f61bbe5c74dd66b942d195f5f788b5c25ff1af6e293b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 22:26:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 10:18:43 GMT
server: sffe
age: 305520
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15286
x-xss-protection: 0
expires: Sat, 09 Apr 2022 22:26:16 GMT

GET
DATA 200
OK truncated
/ Frame 42D8 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed51c137c8b3e47674448db8f2d537ef5a3f98e2fbc8a44d5e3cd65262e9da7d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 14045919545654406791_1027126733068952115.jpeg
static.doubleclick.net/dynamic/5/41141860/ Frame 42D8 7 KB
7 KB 137ms
31ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/41141860/14045919545654406791_1027126733068952115.jpeg

Requested by

Host: 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
URL: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e54bc072a8bf015d5e4a075a0d1e1b6bfd09e23494ddd954cdd780e9c9daca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 06:56:32 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Dec 2020 10:27:48 GMT
server: sffe
age: 534104
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7393
x-xss-protection: 0
expires: Thu, 07 Apr 2022 06:56:32 GMT

GET
H3-Q050 200 6074594559786690650_5359393725435233721.jpeg
static.doubleclick.net/dynamic/5/41141860/ Frame 42D8 6 KB
7 KB 132ms
28ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/41141860/6074594559786690650_5359393725435233721.jpeg

Requested by

Host: 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
URL: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fa6557f80bb9cdb7edfb7b287852720a1c3a63675b579a8b3f8cef1220ca656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 06:56:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 10:31:10 GMT
server: sffe
age: 534105
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6452
x-xss-protection: 0
expires: Thu, 07 Apr 2022 06:56:31 GMT

GET
H3-Q050 200 8541007925445649069_9548620142846552284.jpeg
static.doubleclick.net/dynamic/5/41141860/ Frame 42D8 10 KB
10 KB 133ms
34ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/41141860/8541007925445649069_9548620142846552284.jpeg

Requested by

Host: 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
URL: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75da1408e5d7d9d8dbeeec3484f9fd3c5f5b5857d3b387aaaee7196cb57d5085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 06:50:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Jan 2021 09:58:58 GMT
server: sffe
age: 534494
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9843
x-xss-protection: 0
expires: Thu, 07 Apr 2022 06:50:02 GMT

GET
H3-Q050 200 15689294038205716808_5544149985547024256.jpeg
static.doubleclick.net/dynamic/5/41141860/ Frame 42D8 9 KB
9 KB 132ms
31ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/41141860/15689294038205716808_5544149985547024256.jpeg

Requested by

Host: 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
URL: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfc12c29162b99e4a927aff9953377d25b518708e25325f8531cfe06e640617c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 04:59:07 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Dec 2020 10:35:43 GMT
server: sffe
age: 454749
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9216
x-xss-protection: 0
expires: Fri, 08 Apr 2022 04:59:07 GMT

GET
H3-Q050 200 16169913043072901557_291878503244956747.jpeg
static.doubleclick.net/dynamic/5/41141860/ Frame 42D8 6 KB
6 KB 129ms
27ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/41141860/16169913043072901557_291878503244956747.jpeg

Requested by

Host: 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
URL: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58756f16874b1b7b290df6254c5c18ff8c9137d84b3154acd5863bf62a7c9fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 12:18:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Nov 2020 12:49:18 GMT
server: sffe
age: 82803
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6493
x-xss-protection: 0
expires: Tue, 12 Apr 2022 12:18:13 GMT

GET
H3-Q050

200

9342234782576588545
tpc.googlesyndication.com/simgad/ Frame 42D8
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC_zOutExDQDxjQDzIIEi_bTOt8szA
https://tpc.googlesyndication.com/simgad/9342234782576588545

101 KB
102 KB

8ms
7ms

Image
image/png

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9342234782576588545

Requested by

Host: 1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
URL: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e2b1732f1424a97605faf689e96633e8c46a123abe308498b4ced585ec97cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:08:55 GMT
x-content-type-options: nosniff
age: 346161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103906
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 09:28:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Apr 2022 11:08:55 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 12 Apr 2021 15:46:13 GMT
x-content-type-options: nosniff
server: cafe
age: 70323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/9342234782576588545
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 12 May 2021 15:46:13 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 78ms
14ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3101312293309010484&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312694883&de=510407129504&cu=1618312694883&m=73&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=0&ag=9&an=0&gf=9&gg=0&ix=9&ic=9&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=9&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=18&cd=0&ah=18&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566858&bo=343684595&bd=346123355&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=728x90&zMoatPS=GNO_Money_Article_Leaderboard_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Article_Leaderboard_1_1&iq=na&tt=na&tc=0&fs=189983&na=437717301&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:16 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5101 42 B
479 B 58ms
28ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssv5WLcmwZ8lxv28yb6rdQj19XBGe65qQGNSA1KJPIX-Kw7icNUs4291zbWLgprZfgHEM3Pp73TymkQT-2WZl152B-kNUZqr1ZOJnzyb0w&sig=Cg0ArKJSzL6yi76scavZEAE&id=osdim&mcvt=1372&p=206,1057,456,1357&mtos=1372,1372,1372,1372,1372&tos=1372,0,0,0,0&v=20210409&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2712109156&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 digitrust.min.js Show response
cdn.digitru.st/prod/1/ 49 KB
14 KB 34ms
8ms Script
application/javascript 2a02:26f0:64::210:6ad3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.digitru.st/prod/1/digitrust.min.js
Requested by: Host: cdn.spotxcdn.com
URL: https://cdn.spotxcdn.com/website/integration_test/media/asia/EASI.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6ad3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: DTOrigin-AK /
Resource Hash: 64a13fb927e2ef03f3a59a79d0588d7514c4fbfb85f9237abb59dc04e7a49707

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:16 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 20:51:16 GMT
server: DTOrigin-AK
etag: "4075fa912cfaa93cb7d74358264fe3b9"
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=26203
accept-ranges: bytes
content-type: application/javascript
content-length: 13628
expires: Tue, 13 Apr 2021 18:34:59 GMT

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=easi
https://sync.search.spotxchange.com/partner?source=easi&__user_check__=1&sync_id=f1cc4bae-9c49-11eb-9f9e-17f3d7a10e06

0
588 B

28ms
24ms

Image
text/plain

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=easi&__user_check__=1&sync_id=f1cc4bae-9c49-11eb-9f9e-17f3d7a10e06
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Tue, 13 Apr 2021 11:18:17 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 56
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Tue, 13 Apr 2021 11:18:16 GMT
Server: nginx
Location: /partner?source=easi&__user_check__=1&sync_id=f1cc4bae-9c49-11eb-9f9e-17f3d7a10e06
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 126
Connection: keep-alive
Content-Length: 0

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ Frame B7BB 107 B
165 B 19ms
19ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B7BB 107 B
165 B 19ms
19ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B7BB 448 B
710 B 58ms
55ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4132574344658410&correlator=4300770678733276&output=ldjh&impl=fifs&eid=31060312%2C31060782%2C21068766&vrg=2021041201&ptt=17&sc=1&sfv=1-0-38&ecs=20210413&iu_parts=23642863%2Cgma_november_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&cookie_enabled=1&cdm=www.gmanetwork.com&bc=31&abxe=1&lmt=1618312696&dt=1618312696832&dlt=1618312694229&idt=2573&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=3&adxs=0&adys=184&adks=3117236443&ucis=y4etc19c3ebh&ifi=1&ifk=3342985861&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&top=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x1&msz=1x1&ga_vid=2028944305.1618312697&ga_sid=1618312697&ga_hid=713352816&ga_fc=false&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

248f5615c21e61118cd9a819c28bd671fdb58a52d0bc5e9db52519dba572e549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7ae0bdec8bda0504fa96cf10b0703f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B7BB 0
0 35ms
14ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7ae0bdec8bda0504fa96cf10b0703f55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame B7BB 0
0 7ms
6ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame 886C 0
0 35ms
32ms Fetch 18.193.136.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210413_c36111c3fe4c63a950b4c60800ddcf12a7d35b1a/trinity-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.136.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-136-3.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 13 Apr 2021 11:18:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 23ms
20ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=GMANMI_DFP_DISPLAY1&hp=1&wf=1&pxm=4&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1618312695197&de=155808745231&m=0&ar=e4967b0-clean&iw=e384779a&q=8&cb=0&ym=0&cu=1618312695197&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=88868795%3A424147475%3A5647733405%3A138343566855&zMoatPT=Money_Article_Inside_Page&zMoatSZ=300x250&zMoatPS=GNO_Money_Mrec_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&bo=343684595&bd=346125515&gw=gmanmidfpdisplay183413089896&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1049%3A1049%3A0%3A1094&tz=GNO_Money_Mrec_1_1&iq=na&tt=na&fs=189983&na=2079534626&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:17 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:17 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B7BB 8 KB
7 KB 21ms
19ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69ca8aa598e4db95faeaf69b05a66f6207d2ed8624c0d6da81b9b6af269bb842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6572
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E96F 0
0 52ms
52ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsth327imnSL-co_z0V-Kc4QMq3a2pDNndqOnXyuh0htc2jm_53x_bo5Ch0GYxriSpaQwGUrh7izD3LBBoNvGGvOQRc_xyqsnLfKhgOX7PIaNJMX9QQCnVkRR_Z2wxDxROUtYw8NEc_QOJtTsFmrtMnc59VD2MPBLVBFtug1arDOjb9Pxd3Jfchbq-tFk6_TM7tBTxWntO7yV5iWDEbXpR_R_Ad4iIY1OXbTxGEf5DX7Y6QF06T1QphjB5B5Kxh61N62W4UvNUMAFDrE6jf9d9jh7lCwqFGsdLswNfG79qGtKs37dHwS-J3bbr6BxH3HJv73lsTP-w&sai=AMfl-YRj0hx7lveFv3h1uW97TRPXPfRncpp1nJZcB5M27DdWVj1ebdh2B5FesiwLp0sGyO7yWTF9UoIrKfR-Jkp0YWHh1FbhRpI0-FRlPkb4cw3FEjvQrdvKB0QCgSIN0tpd&sig=Cg0ArKJSzE7Ns_AMQhwmEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 13 Apr 2021 11:18:17 GMT

GET
H2 200 aniview.js Show response
player.aniview.com/script/6.1/ Frame E96F 25 KB
9 KB 516ms
428ms Script
application/javascript 2a02:26f0:7100:184::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/aniview.js
Requested by: Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstoliezsjZdgcoBzGFY9IZ2ieyNA5de1zax75Vurg41KQD2nxlooPK1hs5qYMyti1L5QBcEvisaK7WfFCqdewWHz94gjszyXh4z6lCbPCn_GexquiNl6l-_CrcuKTdOn8heyl9e8FYTKUQ_YzoLxl6hLs0_xy6KGWS2xEf57kF01kQsQMcdvC7aDvL61-QoZhJWzaU0-VDoJT-hP3xAlsATF13yEJ8ox7T8jjeSDL4jX1kCoDr4PpVRpjbUf81PhWAWT79-oq_bddzEM_YVEyzmyanusgC2E1m6eMZdob3xTewI7X02hXdPBVWCNfTWBpc&sai=AMfl-YQlGTdq_lcZsrFJGQabYs0S35_2R_rZx72m-PBiQ75kBnuPI5NDVSZw4C2kqcW_sfZ23ehvooEuOjGOPuH3ETyN7L2h7uPLN8NMNP4jH9Pue6CblUEVP54EmLGHDJWb&sig=Cg0ArKJSzCm6hDGyVGGzEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:184::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 52abfaf6e3c44d481f4e8e64b0250b1befde90deef920a1eac6614ca8d625b27

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:18 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UzKy5iqLAlgv0svTrmpQWiHCHHJ-w0Qt34DER0Er3inRh22xsSJpTp2UOKeLskpYxr7P9eMArV4GplbEtM94-D5kn7rRQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 9068
last-modified: Tue, 13 Apr 2021 08:46:03 GMT
server: UploadServer
etag: "997267a10da885c4b0790117d96d783c"
vary: Accept-Encoding
x-goog-hash: crc32c=sETNUQ==, md5=mXJnoQ2ohcSweQEX2W14PA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1618303563150378
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9068
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 13 Apr 2021 11:23:18 GMT

GET
H2 200 track
track1.aniview.com/ Frame E96F 0
71 B 350ms
116ms Image
text/plain 52.206.198.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5eea0864e08b0760d33128ae&cid=5f212d174b419e3bf16f66ad&e=playerLoaded&cb=1618312697588
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.198.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-198-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:17 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
DATA 200
OK truncated
/ Frame 42D8 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ae67afbf00a0d957e44c6abbd9e3bd8aa32d1f629946f60ae5c7333de1d7c39

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 42D8 20 KB
20 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:32 GMT
server: sffe
age: 177279
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B7BB 17 KB
6 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:17 GMT

GET
H/1.1 200
OK 293572 Show response
search.spotxchange.com/vast/3.00/ 67 B
1 KB 157ms
44ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/3.00/293572?VPAID=js&player_width=400&player_height=235&content_page_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&ad_mute=1&ad_volume=0&ad_unit=incontent&media_transcoding=low&sdk_name=local-SDK&sdk_version=local-Version&sdk_dist=local-Dist&hide_skin=false
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ad753512028ab9454846db78b92c123be24f761177422832bad76120e06a6cd

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:17 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000292
X-SpotX-Timing-SpotMarket: 0.003560
X-SpotX-Timing-Page-Mux: 0.000817
X-SpotX-Timing-Page-Require: 0.000394
X-fe: 108
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000004
Content-Length: 77
X-SpotX-Timing-Page: 0.010359
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.003534
Last-Modified: Tue, 13 Apr 2021 11:18:17 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.003560
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.gmanetwork.com
X-SpotX-Timing-Page-Misc: 0.001747
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame 886C 0
0 30ms
29ms Fetch 18.193.136.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210413_c36111c3fe4c63a950b4c60800ddcf12a7d35b1a/trinity-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.136.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-136-3.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 13 Apr 2021 11:18:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 31ms
26ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F4171578170316872703&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312695197&de=155808745231&cu=1618312695197&m=50&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=0&ag=9&an=0&gf=9&gg=0&ix=9&ic=9&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=9&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=18&cd=0&ah=18&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566855&bo=343684595&bd=346125515&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=300x250&zMoatPS=GNO_Money_Mrec_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Mrec_1_1&iq=na&tt=na&tc=0&fs=189983&na=230674656&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:18 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 54ms
33ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&qs=1&ak=-&i=GMANMI_CONTENT1&ud=false&qm=-120&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5Eh%3B%3BG%24%2509QAk%7Ci%3E3%24.ekO2m%2F%26u~q%60RP%3CG.FT0J%5D%5B(v%7CQM%3CJ.Vo!Ge%23D3lBuoytIDNmGupI%5B%5B%26u5k72kF0beMQ2%26(rX%3BU4%22s%40_Qx!%40D4%2BFTJKZ%5ESCeSztOJ5p6CGuk%3Fy6lAet66%3CBl%3F%24b%3AameaUc%5EKu%3BUDXp%2B3W%60R2zp%2FTjqU%7B(8fYqbB%7B0%60%23ym7D%5DD7gwb%5DG8F%25uHb%5DQ%22_5.eaL57IM%3C%7D)XLKX2fc%2Cie8!iwGFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.yB%3AU!%2FpwvWUuaU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=2&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=4740&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&fy=268.8125&gp=298&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&f=0&o=3&t=1618312692171&de=103540330375&cu=1618312692653&m=5948&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=298&le=1&gm=1&io=1&ch=0&as=1&ag=5044&an=1202&gf=0&gg=0&ez=1&ck=1202&kw=1169&aj=1&pg=55&pf=55&ib=0&cc=1&bw=5044&bx=1202&undefined=1&ci=1202&jz=1168&dj=1&aa=0&ad=354&cn=354&gk=0&gl=0&cq=1&em=0&en=0&bu=5011&cd=1168&ah=5011&am=1169&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3AAirAsia%20rolls%20out%20P1%20fare%20promo%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=1235404664&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:18 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 31ms
26ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312694883&de=510407129504&cu=1618312694883&m=1332&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=1&ag=1290&an=9&gi=1&gf=1290&gg=9&ix=1290&ic=1290&ez=1&ck=1290&kw=762&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1290&bx=9&ci=1290&jz=762&dj=1&aa=0&ad=909&cn=0&gk=909&gl=0&ik=909&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=762&cd=18&ah=762&am=18&rf=0&re=1&ft=909&fv=0&fw=909&wb=1&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566858&bo=343684595&bd=346123355&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=728x90&zMoatPS=GNO_Money_Article_Leaderboard_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Article_Leaderboard_1_1&iq=na&tt=na&tc=0&fs=189983&na=848965442&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:18 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 40D3 12 KB
5 KB 9ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 13 Apr 2021 10:21:44 GMT
expires: Wed, 13 Apr 2022 10:21:44 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3394
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame 886C 0
0 31ms
29ms Fetch 18.193.136.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210413_c36111c3fe4c63a950b4c60800ddcf12a7d35b1a/trinity-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.136.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-136-3.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 13 Apr 2021 11:18:18 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

POST
H3-Q050 200 collect
www.google-analytics.com/ Frame 886C 35 B
98 B 15ms
14ms Other
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20210413_c36111c3fe4c63a950b4c60800ddcf12a7d35b1a/trinity-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://trinitymedia.ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 23ms
22ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&kq=1&lo=0&qs=1&ak=-&i=GMANMI_CONTENT1&ud=false&qm=-120&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5Eh%3B%3BG%24%2509QAk%7Ci%3E3%24.ekO2m%2F%26u~q%60RP%3CG.FT0J%5D%5B(v%7CQM%3CJ.Vo!Ge%23D3lBuoytIDNmGupI%5B%5B%26u5k72kF0beMQ2%26(rX%3BU4%22s%40_Qx!%40D4%2BFTJKZ%5ESCeSztOJ5p6CGuk%3Fy6lAet66%3CBl%3F%24b%3AameaUc%5EKu%3BUDXp%2B3W%60R2zp%2FTjqU%7B(8fYqbB%7B0%60%23ym7D%5DD7gwb%5DG8F%25uHb%5DQ%22_5.eaL57IM%3C%7D)XLKX2fc%2Cie8!iwGFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.yB%3AU!%2FpwvWUuaU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=3&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=4740&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&fy=268.8125&gp=298&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&f=0&o=3&t=1618312692171&de=103540330375&cu=1618312692653&m=6147&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=298&le=1&gm=1&io=1&ch=0&as=1&ag=5244&an=5044&gf=0&gg=0&ez=1&ck=1202&kw=1169&aj=1&pg=55&pf=55&ib=0&cc=1&bw=5244&bx=5044&undefined=1&ci=1202&jz=1168&dj=1&aa=0&ad=354&cn=354&gk=0&gl=0&cq=1&em=0&en=0&bu=5211&cd=5011&ah=5211&am=5011&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3AAirAsia%20rolls%20out%20P1%20fare%20promo%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=1391756545&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:18 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 25ms
24ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312694883&de=510407129504&cu=1618312694883&m=1348&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=1&ag=1290&an=1290&gi=1&gf=1290&gg=1290&ix=1290&ic=1290&ez=1&ck=1290&kw=762&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1290&bx=1290&ci=1290&jz=762&dj=1&aa=0&ad=909&cn=909&gk=909&gl=909&ik=909&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=762&cd=762&ah=762&am=762&rf=0&re=1&ft=909&fv=909&fw=909&wb=1&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566858&bo=343684595&bd=346123355&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=728x90&zMoatPS=GNO_Money_Article_Leaderboard_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Article_Leaderboard_1_1&iq=na&tt=na&tc=0&fs=189983&na=734966240&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:18 GMT

GET
H/1.1 200
OK AVmanager.js Show response
player.vidcrunch.com/script/6.1/ Frame 0193 335 KB
95 KB 66ms
7ms Script
application/javascript 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 34b165d9cdfcd24c7b73f0c195f1d87607224bddf3131eecc013c5c7bd6e178c

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:18 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ABg5-UzNW_vXTh6H7JeRSLOtGQDC6r8tCbsoQzOAH5tZ2Z6Opakn5LMdPpaSsTAuE1TzV1lFPS9OaAW9IzyV67Rtg_vsD1V4tQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 96803
Last-Modified: Tue, 13 Apr 2021 08:45:24 GMT
Server: UploadServer
ETag: "6f19073c543ddbbe8f1644ade265fc81"
Vary: Accept-Encoding
x-goog-hash: crc32c=8CI7JA==, md5=bxkHPFQ9276PFkSt4mX8gQ==
Content-Language: en
Access-Control-Allow-Origin: *
x-goog-generation: 1618303524042608
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=300
x-goog-stored-content-length: 96803
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Tue, 13 Apr 2021 11:23:18 GMT

GET
H2 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 40D3 14 KB
6 KB 36ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 08:49:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 8905
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Wed, 13 Apr 2022 08:49:53 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 25ms
22ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312694883&de=510407129504&cu=1618312694883&m=1350&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=1&ag=1290&an=1290&gi=1&gf=1290&gg=1290&ix=1290&ic=1290&ez=1&ck=1290&kw=762&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1290&bx=1290&ci=1290&jz=762&dj=1&aa=0&ad=909&cn=909&gk=909&gl=909&ik=909&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=762&cd=762&ah=762&am=762&rf=0&re=1&ft=909&fv=909&fw=909&wb=1&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566858&bo=343684595&bd=346123355&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=728x90&zMoatPS=GNO_Money_Article_Leaderboard_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Article_Leaderboard_1_1&iq=na&tt=na&tc=0&fs=189983&na=98796632&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:18 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 43ms
40ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312695197&de=155808745231&cu=1618312695197&m=1296&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=1&ag=1275&an=9&gi=1&gf=1275&gg=9&ix=1275&ic=1275&ez=1&ck=1275&kw=711&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1275&bx=9&ci=1275&jz=711&dj=1&aa=0&ad=920&cn=0&gk=920&gl=0&ik=920&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=711&cd=18&ah=711&am=18&rf=0&re=0&wb=1&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566855&bo=343684595&bd=346125515&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=300x250&zMoatPS=GNO_Money_Mrec_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Mrec_1_1&iq=na&tt=na&tc=0&fs=189983&na=584694834&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:18 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 127ms
118ms Image
text/plain 52.206.198.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.gmanetwork.com&sn=&ic=0&tgt=0&app=&wi=300&he=250&test=&apppkg=&fv=3&proto=https&pid=5eea0864e08b0760d33128ae&cid=5f212d174b419e3bf16f66ad&e=inventory&vi=0&cb=1618312698596
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.198.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-198-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:18 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 26 KB
4 KB 505ms
205ms XHR
application/json 18.208.241.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&AV_PUBLISHERID=5eea0864e08b0760d33128ae&AV_CHANNELID=5f212d174b419e3bf16f66ad&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gmanetwork.com&AV_DADPOS=3&AV_PLACEMENT=1&v=6.1.1.243&avtoken=698595&AV_WIDTH=300&AV_HEIGHT=250&AV_DNT=0&cb=1618312698654
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.241.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 62e3fb20c0bb4fe9125914c1de7e05770a54a51b2921fcbc681137c511c28603

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:19 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 01 Apr 2021 21:31:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 101ms
85ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312695197&de=155808745231&cu=1618312695197&m=1297&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=1&ag=1275&an=1275&gi=1&gf=1275&gg=1275&ix=1275&ic=1275&ez=1&ck=1275&kw=711&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1275&bx=1275&ci=1275&jz=711&dj=1&aa=0&ad=920&cn=920&gk=920&gl=920&ik=920&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=711&cd=711&ah=711&am=711&rf=0&re=0&wb=1&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566855&bo=343684595&bd=346125515&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=300x250&zMoatPS=GNO_Money_Mrec_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Mrec_1_1&iq=na&tt=na&tc=0&fs=189983&na=188302439&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:18 GMT

GET
H/1.1 206
Partial Content 5f212d9d5440c96fb49c4d53.mp4
cdn.vidcrunch.com/ Frame E96F 80 KB
0 70ms
24ms Media
video/mp4 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/5f212d9d5440c96fb49c4d53.mp4
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.gmanetwork.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 13 Apr 2021 11:18:18 GMT
Last-Modified: Thu, 11 Feb 2021 13:34:23 GMT
Server: AmazonS3
x-amz-request-id: EFD629FEF3E2103A
ETag: "a04cff6869c41100ad02a39be1f1d163"
X-HW: 1618312698.dop008.fr8.shc,1618312698.dop008.fr8.t,1618312698.cds267.fr8.c
Content-Type: video/mp4
Content-Range: bytes 0-3396290/3396291
Cache-Control: max-age=26273787
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 3396291
x-amz-id-2: kC7C68rGlbzwdGQtiEij65TuHdXkVFzCn+cQYlJLni3BlRE081yDm8NBpDuOoEtF/nB/rvwDH2c=

GET
DATA 200
OK truncated
/ Frame E96F 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 37ms
31ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312695197&de=155808745231&cu=1618312695197&m=1333&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=1&ag=1275&an=1275&gi=1&gf=1275&gg=1275&ix=1275&ic=1275&ez=1&ck=1275&kw=711&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1275&bx=1275&ci=1275&jz=711&dj=1&aa=0&ad=920&cn=920&gk=920&gl=920&ik=920&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=711&cd=711&ah=711&am=711&rf=0&re=0&wb=1&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566855&bo=343684595&bd=346125515&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=300x250&zMoatPS=GNO_Money_Mrec_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Mrec_1_1&iq=na&tt=na&tc=0&fs=189983&na=1382763173&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:18 GMT

GET
H/1.1 206
Partial Content 5f212d9d5440c96fb49c4d53.mp4
cdn.vidcrunch.com/ Frame E96F 117 KB
117 KB 90ms
22ms Media
video/mp4 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/5f212d9d5440c96fb49c4d53.mp4
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: e54019ff3642cdcccd80395a23daee6b3e1e858fa7f5d325cd8d48ad5e0ae171

Request headers

Referer: https://www.gmanetwork.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=3276800-

Response headers

Date: Tue, 13 Apr 2021 11:18:18 GMT
Last-Modified: Thu, 11 Feb 2021 13:34:23 GMT
Server: AmazonS3
x-amz-request-id: EFD629FEF3E2103A
ETag: "a04cff6869c41100ad02a39be1f1d163"
X-HW: 1618312698.dop234.fr8.shc,1618312698.dop234.fr8.t,1618312698.cds267.fr8.c
Content-Type: video/mp4
Content-Range: bytes 3276800-3396290/3396291
Cache-Control: max-age=26273787
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 119491
x-amz-id-2: kC7C68rGlbzwdGQtiEij65TuHdXkVFzCn+cQYlJLni3BlRE081yDm8NBpDuOoEtF/nB/rvwDH2c=

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 33ms
28ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312694883&de=510407129504&cu=1618312694883&m=1871&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=1&ag=1829&an=1290&gi=1&gf=1829&gg=1290&ix=1829&ic=1829&ez=1&ck=1290&kw=762&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1829&bx=1290&ci=1290&jz=762&dj=1&aa=1&ad=1448&cn=909&gn=1&gk=1448&gl=909&ik=1448&co=1448&cp=1299&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1299&cd=762&ah=1299&am=762&rf=0&re=1&ft=1448&fv=909&fw=909&wb=1&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566858&bo=343684595&bd=346123355&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=728x90&zMoatPS=GNO_Money_Article_Leaderboard_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Article_Leaderboard_1_1&iq=na&tt=na&tc=0&fs=189983&na=515682068&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:18 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 31ms
26ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312695197&de=155808745231&cu=1618312695197&m=2238&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=1&ag=2218&an=1275&gi=1&gf=2218&gg=1275&ix=2218&ic=2218&ez=1&ck=1275&kw=711&aj=1&pg=100&pf=100&ib=0&cc=1&bw=2218&bx=1275&ci=1275&jz=711&dj=1&aa=1&ad=1863&cn=920&gn=1&gk=1863&gl=920&ik=1863&co=1863&cp=1284&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1284&cd=711&ah=1284&am=711&rf=0&re=0&wb=1&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566855&bo=343684595&bd=346125515&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=300x250&zMoatPS=GNO_Money_Mrec_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Mrec_1_1&iq=na&tt=na&tc=0&fs=189983&na=1995901176&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:19 GMT

GET
H/1.1 206
Partial Content 5f212d9d5440c96fb49c4d53.mp4
cdn.vidcrunch.com/ Frame E96F 3 MB
0 35ms
31ms Media
video/mp4 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/5f212d9d5440c96fb49c4d53.mp4
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/?_hsmi=88974744&_hsenc=p2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.gmanetwork.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=65536-

Response headers

Date: Tue, 13 Apr 2021 11:18:19 GMT
Last-Modified: Thu, 11 Feb 2021 13:34:23 GMT
Server: AmazonS3
x-amz-request-id: EFD629FEF3E2103A
ETag: "a04cff6869c41100ad02a39be1f1d163"
X-HW: 1618312698.dop234.fr8.shc,1618312698.dop234.fr8.t,1618312699.cds267.fr8.c
Content-Type: video/mp4
Content-Range: bytes 65536-3396290/3396291
Cache-Control: max-age=26273786
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 3330755
x-amz-id-2: kC7C68rGlbzwdGQtiEij65TuHdXkVFzCn+cQYlJLni3BlRE081yDm8NBpDuOoEtF/nB/rvwDH2c=

GET
H2 200 like.php Show response
www.facebook.com/v2.5/plugins/ Frame 3B4F 35 KB
13 KB 186ms
169ms Document
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1eac7dae421a6c%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2291e21a136df%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d82e85cbe119b1508c84d6d0bdbaa1ac&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be179064ea488f96ac9242fdab63163a0bda999530f26dbc0dae0365d3bae384

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1eac7dae421a6c%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2291e21a136df%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: irbhbs/u/i3+n7I8GEvORyMyMdG/zLOBKKNprii+fCjffErJMpqMSNihn15FDXpu1wtMlJ0TkDivFxWyHURHVA==
date: Tue, 13 Apr 2021 11:18:19 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 55ms
33ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040804&st=env

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d819c4cdaca45bfe752b1e17f87b08a8410b4d0ebf7346df6755577b58836c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6468
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:19 GMT

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 3B36
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=271911&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1618312699031-938042847281-020198-002-004901%26biddername%3D2%26key%3D%2...
https://sync.search.spotxchange.com/partner?adv_id=271911&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1618312699031-938042847281-020198-002-004901%26biddername%3D2%26key%3D%2...
https://sync.aniview.com/cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=2&key=f33c0edf-9c49-11eb-af07-1f932c7f1706

0
236 B

377ms
112ms

Document
text/plain

52.1.101.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=2&key=f33c0edf-9c49-11eb-af07-1f932c7f1706
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.101.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=2&key=f33c0edf-9c49-11eb-af07-1f932c7f1706
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aniC=1618312699031-938042847281-020198-002-004901
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

date: Tue, 13 Apr 2021 11:18:19 GMT
content-length: 0
set-cookie: 2_C_2=f33c0edf-9c49-11eb-af07-1f932c7f1706; Path=/; Domain=aniview.com; Expires=Tue, 20 Apr 2021 11:18:19 GMT; Secure; SameSite=None 2_C_2=f33c0edf-9c49-11eb-af07-1f932c7f1706; Path=/; Expires=Tue, 20 Apr 2021 11:18:19 GMT; Secure; SameSite=None

Redirect headers

Server: nginx
Date: Tue, 13 Apr 2021 11:18:19 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=f33c0edf-9c49-11eb-af07-1f932c7f1706; expires=Wed, 13-Apr-2022 12:24:59 GMT; path=/; domain=.spotxchange.com; SameSite=none; Secure
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=2&key=f33c0edf-9c49-11eb-af07-1f932c7f1706
X-fe: 84
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 6FE6
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1618312699031-938042847281-020198-002-004901%26biddername%3D56%26pid%3D5b59760c073ef46a2e6b8f13%26key%...
https://sync.aniview.com/cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=56&pid=5b59760c073ef46a2e6b8f13&key=40390ad3-2d97-4ad7-a2f8-3f8255eaeeb7

0
238 B

328ms
113ms

Document
text/plain

52.1.101.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=56&pid=5b59760c073ef46a2e6b8f13&key=40390ad3-2d97-4ad7-a2f8-3f8255eaeeb7
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.101.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=56&pid=5b59760c073ef46a2e6b8f13&key=40390ad3-2d97-4ad7-a2f8-3f8255eaeeb7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aniC=1618312699031-938042847281-020198-002-004901
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

date: Tue, 13 Apr 2021 11:18:19 GMT
content-length: 0
set-cookie: 2_C_56=40390ad3-2d97-4ad7-a2f8-3f8255eaeeb7; Path=/; Domain=aniview.com; Expires=Tue, 20 Apr 2021 11:18:19 GMT; Secure; SameSite=None 2_C_56=40390ad3-2d97-4ad7-a2f8-3f8255eaeeb7; Path=/; Expires=Tue, 20 Apr 2021 11:18:19 GMT; Secure; SameSite=None

Redirect headers

set-cookie: viewer_token=40390ad3-2d97-4ad7-a2f8-3f8255eaeeb7; path=/; domain=csync.loopme.me; Expires=Thu, 13-May-2021 11:18:19 GMT
location: https://sync.aniview.com/cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=56&pid=5b59760c073ef46a2e6b8f13&key=40390ad3-2d97-4ad7-a2f8-3f8255eaeeb7
content-length: 0
date: Tue, 13 Apr 2021 11:18:19 GMT
server: _

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 8B93
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1618312699031-938042847281-020198-002-004901%26biddername%3D55%26key%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1618312699031-938042847281-020198-002-004901%2526biddername%253D55%2526key%253D%...
https://sync.aniview.com/cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=55&key=5242226420867378909

0
215 B

185ms
111ms

Document
text/plain

52.1.101.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=55&key=5242226420867378909
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.101.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=55&key=5242226420867378909
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aniC=1618312699031-938042847281-020198-002-004901
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

date: Tue, 13 Apr 2021 11:18:19 GMT
content-length: 0
set-cookie: 2_C_55=5242226420867378909; Path=/; Domain=aniview.com; Expires=Tue, 20 Apr 2021 11:18:19 GMT; Secure; SameSite=None 2_C_55=5242226420867378909; Path=/; Expires=Tue, 20 Apr 2021 11:18:19 GMT; Secure; SameSite=None

Redirect headers

Server: nginx/1.17.9
Date: Tue, 13 Apr 2021 11:18:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1618312699031-938042847281-020198-002-004901&biddername=55&key=5242226420867378909
AN-X-Request-Uuid: c2131aa6-e20d-4f02-99f4-b6625dc0f75c
Set-Cookie: uuid2=5242226420867378909; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Jul-2021 11:18:19 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.81:80

GET
H/1.1 200
OK vast2 Show response
tag.1rx.io/rmp/202011/0/ 168 B
487 B 215ms
65ms XHR
application/xml 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/202011/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&w=300&h=250&schain=1.0,1!vidcrunch.com,5eea0864e08b0760d33128ae,1,,Gmanetwork.com,Gmanetwork.com&us_privacy=1---&ip=37.120.213.100&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lon=8.44500&lat=47.39400&cbb=8312699231
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:19 GMT
Server: Tengine
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 168

GET
H/1.1 200
OK 12268545 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 94ms
37ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/12268545?_fw_gdpr=0&_fw_gdpr_consent=&_fw_us_privacy=1---&schain=1.0,1!vidcrunch.com,5eea0864e08b0760d33128ae,1,,Gmanetwork.com,Gmanetwork.com&cbb=8312699236
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bd0866deb5934004ec5b7a098ad3f00d6503b56e2f827d3da0127642435ce865

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:19 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1328
x-sticky-vk: 1618312699220074-122
Expires: Tue, 13 Apr 2021 11:18:19 GMT

GET
H2 200 advast Show response
ice.360yield.com/ 27 B
445 B 129ms
123ms XHR
application/xml 18.185.208.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/advast?p=22324347&w=16&h=9&player_width=300&player_height=250&referrer=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&schain=1.0,1!vidcrunch.com,5eea0864e08b0760d33128ae,1,,Gmanetwork.com,Gmanetwork.com&us_privacy=1---&cbb=8312699243
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.208.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:19 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK 12268577 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 100ms
38ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/12268577?_fw_gdpr=0&_fw_gdpr_consent=&_fw_us_privacy=1---&schain=1.0,1!vidcrunch.com,5eea0864e08b0760d33128ae,1,,Gmanetwork.com,Gmanetwork.com&cbb=8312699247
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e045b6be24a6a2c486658ec57e45cf48da1658fa0c3d7089e26feee8d9d3cbf2

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:19 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1328
x-sticky-vk: 1618312699241036-71
Expires: Tue, 13 Apr 2021 11:18:19 GMT

GET
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
236 B 391ms
131ms XHR
text/plain 34.236.214.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=1d6b5ceec65a6188be877b2c23cd07c2_1723149115&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1618312699031-938042847281-020198-002-004901&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&AV_PUBLISHERID=5eea0864e08b0760d33128ae&AV_CHANNELID=5f212d174b419e3bf16f66ad&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gmanetwork.com&AV_DADPOS=3&AV_PLACEMENT=1&v=6.1.1.243&avtoken=698595&AV_WIDTH=300&AV_HEIGHT=250&AV_DNT=0&cb=8312699251&tgt=0&
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:19 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 01 Apr 2021 21:31:39 GMT

GET
H/1.1 200
OK avpb3.js Show response
player.vidcrunch.com/script/6.1/ Frame 0193 267 KB
85 KB 50ms
12ms Script
application/javascript 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vidcrunch.com/script/6.1/avpb3.js
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 518b76ad95502ba636b444205d27674749f915eb19173e249ce44ff64871a9cd

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:19 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ABg5-UzHkvDBgTBTdj25TjDoIK5wCEsq1djgCakpE3Z54cA1MyAarLfzl0rendkQ-OKLvgxx66jxZTQGD09VZ1sU-m5B1L87RQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 86063
Last-Modified: Tue, 13 Apr 2021 08:44:42 GMT
Server: UploadServer
ETag: "e578acf6f5ac4617e9d7471496ae0dfa"
Vary: Accept-Encoding
x-goog-hash: crc32c=FTi8jQ==, md5=5Xis9vWsRhfp10cUlq4N+g==
Content-Language: en
Access-Control-Allow-Origin: *
x-goog-generation: 1618303482556708
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=300
x-goog-stored-content-length: 86063
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Tue, 13 Apr 2021 11:23:19 GMT

GET
H/1.1 200
OK avpb3a0.js Show response
player.vidcrunch.com/script/6.1/ Frame 0193 127 KB
39 KB 51ms
15ms Script
application/javascript 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vidcrunch.com/script/6.1/avpb3a0.js
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 1b61522e1cfb21ae9ce906d0122b2e1b75ff23a7832bdd73baf808fe102d674c

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:19 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ABg5-Uz2vqsD-NUDbJOYXE_Bk_heVLL5oN-zGcRUCoGodC9srmt2rNATHJ87keguRUjsS8hdIjp5VSwZiOUIan2QuzVpTUHDDA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 38633
Last-Modified: Tue, 13 Apr 2021 08:44:58 GMT
Server: UploadServer
ETag: "b54c3a33b249bd05f949ac17ea01ba0d"
Vary: Accept-Encoding
x-goog-hash: crc32c=Q10t4A==, md5=tUw6M7JJvQX5SawX6gG6DQ==
Content-Language: en
Access-Control-Allow-Origin: *
x-goog-generation: 1618303498847351
Access-Control-Expose-Headers: Content-Type
Cache-Control: no-transform, max-age=300
x-goog-stored-content-length: 38633
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Tue, 13 Apr 2021 11:23:19 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 162ms
118ms Image
text/plain 52.206.198.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=26232&t=1618312699&cip=37.120.213.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1618312699031-938042847281-020198-002-004901&cha=0.7&cb=59803934945&d9=0000&AV_WIDTH=300&AV_HEIGHT=250&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=request&cb=1618312699259&asid=5ff589dc4b337c40965101c3%2C602d2c85082e28357f77e7e8%2C6000b9ec9e10b015a725e2ea%2C5eeb62382e9087423f2047ea%2C5e17488228a06163020cc073%2C5f3e3920763ad5309400b589%2C5eeb61d689e42756c3479a25%2C5fd5d85915b86d7ecd0a28ea%2C5eeb769c64dc3851426b47d7%2C6005b0143b408362c32b4815%2C5f8eb19c8c493a3dc02fd4e7%2C5f9b07e039fc2e74ed5ef690%2C5f3e3919aec02a723d5318c3%2C600e8e3f296ae010c47c2094%2C5f2fd7715c5fcc3dbb4252c1&ofpr=%2C%2C%2C1.4%2C%2C%2C1.4%2C2%2C%2C%2C1.3%2C1.3%2C%2C1.3%2C1.3&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.198.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-198-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:19 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1

200
OK

results.txt Show response
ev4nkzci66zbgydvpx5q-p3c257-1c427e6e9-clientnsv4-s.akamaihd.net/eum/ Frame 1138
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p3c257baa
https://ev4nkzci66zbgydvpx5q-p3c257-1c427e6e9-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

137ms
25ms

XHR
text/plain

72.247.178.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ev4nkzci66zbgydvpx5q-p3c257-1c427e6e9-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 72.247.178.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-178-19.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:19 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://ev4nkzci66zbgydvpx5q-p3c257-1c427e6e9-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Tue, 13 Apr 2021 11:18:19 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqj6absjkbikqce3ygyaaaabqhk7p3-p3c257-8529880d7-clienttons-s.akamaihd.net/eum/ Frame 1138
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p3c257baa
https://fiaqj6absjkbikqce3ygyaaaabqhk7p3-p3c257-8529880d7-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

77ms
6ms

XHR
text/plain

2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqj6absjkbikqce3ygyaaaabqhk7p3-p3c257-8529880d7-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:19 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqj6absjkbikqce3ygyaaaabqhk7p3-p3c257-8529880d7-clienttons-s.akamaihd.net/eum/results.txt
Date: Tue, 13 Apr 2021 11:18:19 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame D607 12 KB
5 KB 13ms
9ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 13 Apr 2021 10:21:44 GMT
expires: Wed, 13 Apr 2022 10:21:44 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3395
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E186 783 B
743 B 54ms
44ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0d63351e51dde5a98a12a8a4cb8a8cb6c3433709670d9f5cbafcbfcca6caf4e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yV/wC/bomTm3XQ4Y0wPPjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

expires: Tue, 13 Apr 2021 11:18:19 GMT
date: Tue, 13 Apr 2021 11:18:19 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-yV/wC/bomTm3XQ4Y0wPPjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7BB 0
56 B 64ms
28ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041201&jk=4132574344658410&bg=!trWltfHNAAY56aLOOek7ACkAdvg8Wo-FPRBt7P6MFilmW2WHW9s9EnCo87VT5-axixKCTpXJkechkAIAAAINUgAAARloAQcKADsE1GuzYSLbVhgXw-jUIdBAwfFvuBTKoLmku3hEmMZt6hc-fVxjpjc5PuGjZBgqrHQWFth2CHK_t1WHXpkB__KazcPwQS17b5dNjb8G1bJZJhZhw38-clCbgEX362EOmkLwu9pUKRzPBk1HkepPlLRJvPQrrHm8KI8frzPp4ghxeUACDluhwHdg8m3Q1w-lnWWPKIG7JIEdZGOF-TjDNc68N5_CqkhJmfaUHQk3ms9Uvruy1qfUEv6ZADeAJIe5XP9O4QRjqo9v9qK2lHfmHBuqV2C2ezlzBLNqEl8DE7SVzVssj8xXIpYm0EohypVP1Er8blH1XiapLFeIdKbHUdbBKFhF7QMd5gcwBeu--7wrygIIuPv5_mk2nBINXXOTBJGOS6PF0nvECzsxozqFAi5dz5s4rJyVm3hS8JDmVNissRftsobvC5iKJ6SK3mlP-AASAE8In5HnUto_u4IIiv8DGSDlXqsgBry9NI243lK7Hje76Yd_LoM5QzidhWCiNXNTof_Wea9oA3ObrpwfkH6BaAtdbTnw9ezx-T8cYfqTPu7ciCNUG9Urdyp9qnp_BMxF2wU6KEs6FN4snbzetELMg9yjWZgqAXp_ixO1fEZI6pxTt66uu-YqtwgJDU6fY6rwkYMb3V1wD93kahRrBKG4WFl_sCAWlRTjJc7jwDo_u6tzQ8I9TVOcvo4gH-Rz6H3Y0qN_bcaOrZn5NQKrSQHTsO5e4h5mv2-PNXcQyXMq6_sSBALxzTKC6x5nK6I

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E96F 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E96F 492 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/205428/0/ 0
275 B 54ms
52ms XHR
text/plain 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=4.25,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:19 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 31ms
29ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:19 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 29ms
27ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:19 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
717 B 216ms
104ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12967601&componentId=prebid&componentSubId=mustang&timestamp=1618312699624&pKey=1022253580&schain=1.0%2C1!vidcrunch.com%2C5eea0864e08b0760d33128ae%2C1%2C%2CGmanetwork.com%2CGmanetwork.com&loc=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&playerSize=300x250
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:19 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1618312699667054-88
Expires: Tue, 13 Apr 2021 11:18:19 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
1 KB 166ms
72ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

57aa2d2e763475ce5294ae1d5d85482a27e2e7fb1036b22a4e9fb9929be7d774

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:19 GMT
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.167:80
AN-X-Request-Uuid: 4d72fadf-81ca-47f2-ade1-c5b3eafb115a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 hb Show response
ice.360yield.com/ 958 B
1 KB 126ms
119ms XHR
application/json 18.185.208.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2215d06010b4d9678%22%2C%22version%22%3A%227.2.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%225eea0864e08b0760d33128ae%22%2C%22rid%22%3A%221d6b5ceec65a6188be877b2c23cd07c2_1723149115%22%2C%22name%22%3A%22Gmanetwork.com%22%2C%22hp%22%3A1%2C%22domain%22%3A%22Gmanetwork.com%22%2C%22asi%22%3A%22vidcrunch.com%22%7D%5D%2C%22complete%22%3A1%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221203d9cea890f7c%22%2C%22ad_types%22%3A%5B%22video%22%5D%2C%22bidfloor%22%3A2%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22416254%2C%22tid%22%3A%22cebeb28d-5127-4ece-abf5-487747105e53%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.208.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: af02508033816278e84d0801fbc23e437f8ae97d78c4c86ba61994c1e979bcc6

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:19 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 958
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/205427/0/ 0
275 B 73ms
55ms XHR
text/plain 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205427/0/mvo?z=1r&hbv=4.25,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:19 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 3B4F 400 B
551 B 151ms
85ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1eac7dae421a6c%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2291e21a136df%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1eac7dae421a6c%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2291e21a136df%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: oXo8KKiKQ/uMxJbsc3ih/azzkCB3Co6+KEZKQyRigH9ISTGZq+bLt3QD2zxiZ1qZm9hSXz13Km6p5XmBjLP3LA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Sat, 10 Apr 2021 20:50:33 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Sun, 10 Apr 2022 20:50:33 GMT

GET
H2 200 wE8-W9hF4eg.js Show response
www.facebook.com/rsrc.php/v3iEpO4/y7/l/en_US/ Frame 3B4F 480 KB
124 KB 141ms
86ms Script
application/x-javascript 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/y7/l/en_US/wE8-W9hF4eg.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1eac7dae421a6c%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2291e21a136df%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ac560c4bb9d8586f655aeaed02985888ba3b8ae620cda5fa1b64014cc6c741e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1eac7dae421a6c%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2291e21a136df%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: QCbyPA+yzi6xHqBPlJo86hKyJYQ7+Pw0REP+IsOc51gt0KTTAFXqAlpxrOQ3yIT3HPcwgpoyRWIeQtm459HALA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 8wFV4gGnMf++v/q3GwYSTQ==
date: Mon, 12 Apr 2021 23:51:21 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 126941
x-fb-rlafr: 0
expires: Tue, 12 Apr 2022 23:51:21 GMT

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame D607 14 KB
6 KB 25ms
22ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 08:49:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 8906
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Wed, 13 Apr 2022 08:49:53 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 118ms
117ms Image
text/plain 52.206.198.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=26232&t=1618312699&cip=37.120.213.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1618312699031-938042847281-020198-002-004901&cha=0.7&cb=59803934945&d9=0000&AV_WIDTH=300&AV_HEIGHT=250&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=bid&cb=1618312699878&asid=5ff589dc4b337c40965101c3%2C602d2c85082e28357f77e7e8%2C6000b9ec9e10b015a725e2ea%2C6005b0143b408362c32b4815%2C5f3e3920763ad5309400b589%2C5f3e3919aec02a723d5318c3&ofpr=%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.198.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-198-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 71D8 328 KB
111 KB 334ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1618312700.dop053.fr8.t,1618312700.cds228.fr8.shn,1618312700.cds228.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113077

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame A880 328 KB
111 KB 333ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1618312700.dop019.fr8.t,1618312700.cds212.fr8.shn,1618312700.cds212.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113077

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
22ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312694883&de=510407129504&cu=1618312694883&m=5187&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=1&ag=5145&an=1829&gi=1&gf=5145&gg=1829&ix=5145&ic=5145&ez=1&ck=1290&kw=762&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5145&bx=1829&ci=1290&jz=762&dj=1&aa=1&ad=4764&cn=1448&gn=1&gk=4764&gl=1448&ik=4764&co=1448&cp=1299&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4809&cd=1299&ah=4809&am=1299&rf=0&re=1&ft=4764&fv=1448&fw=909&wb=2&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566858&bo=343684595&bd=346123355&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=728x90&zMoatPS=GNO_Money_Article_Leaderboard_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Article_Leaderboard_1_1&iq=na&tt=na&tc=0&fs=189983&na=1144073811&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:20 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:20 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BA34 334 KB
115 KB 34ms
12ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:20 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 37A3 334 KB
115 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:20 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1AD9 334 KB
115 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:20 GMT

GET
H2 200 index.html Show response
ws.sharethis.com/secure/ Frame B15E 7 KB
2 KB 12ms
9ms Document
text/html 2600:9000:2182:ca00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure/index.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ca00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3917548928197150addc288f30af88f2ab034ab333aea4b5d99ae97465563720

Request headers

:method: GET
:authority: ws.sharethis.com
:scheme: https
:path: /secure/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

content-type: text/html
content-length: 2089
content-encoding: gzip
date: Mon, 12 Apr 2021 23:36:41 GMT
etag: W/"60257012-1ade"
last-modified: Thu, 11 Feb 2021 17:57:38 GMT
server: nginx/1.16.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 7qWLaZQSYKUtLfS4vRCTCodG8zlcY5Mnyfqmf6t2VzVMJcdCvdM-ww==
age: 42099

POST /
6852bd14.akstat.io/ 0
0

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 3B4F 67 B
226 B 125ms
123ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1618312699673&t_start=1618312699674&t_domcontent=1618312699735&t_layout=1618312700276&t_onload=1618312700276&t_paint=1618312700276&t_creport=1618312700276&t_tti=1618312699735&lid=6950600117868639866-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1eac7dae421a6c%26domain%3Dwww.gmanetwork.com%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ff2291e21a136df%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: rElG3qJhs9mD4Imw+Y6ML5/UofhfJu7UZzPMcCQl+FYA9S50v6t3I1hjq7GxKCuejDdREQcJRL4d4YjJ7MiliA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 13 Apr 2021 11:18:20 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 31ms
30ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312695197&de=155808745231&cu=1618312695197&m=5102&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=1&ag=5081&an=2218&gi=1&gf=5081&gg=2218&ix=5081&ic=5081&ez=1&ck=1275&kw=711&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5081&bx=2218&ci=1275&jz=711&dj=1&aa=1&ad=4726&cn=1863&gn=1&gk=4726&gl=1863&ik=4726&co=1863&cp=1284&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4871&cd=1284&ah=4871&am=1284&rf=0&re=0&wb=2&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566855&bo=343684595&bd=346125515&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=300x250&zMoatPS=GNO_Money_Mrec_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Mrec_1_1&iq=na&tt=na&tc=0&fs=189983&na=425145470&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:20 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:20 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame CE71 38 KB
14 KB 92ms
48ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.gmanetwork.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

Last-Modified: Thu, 01 Apr 2021 09:51:48 GMT
ETag: "13006b6-98c9-5bee62e0efabf"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14061
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=63893
Expires: Wed, 14 Apr 2021 05:03:13 GMT
Date: Tue, 13 Apr 2021 11:18:20 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 03C1 52 KB
17 KB 93ms
40ms Document
text/html 184.30.20.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-185.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.gmanetwork.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 14 Apr 2021 11:18:22 GMT
Date: Tue, 13 Apr 2021 11:18:20 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7BB2 38 KB
14 KB 71ms
25ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.gmanetwork.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

Last-Modified: Thu, 01 Apr 2021 09:51:48 GMT
ETag: "13006b6-98c9-5bee62e0efabf"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14061
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=63893
Expires: Wed, 14 Apr 2021 05:03:13 GMT
Date: Tue, 13 Apr 2021 11:18:20 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

match
ad.360yield.com/ul_cb/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&google_hm=ZTQxYmU1YzMtZWQ3Zi00NTA2LWI0ZGItYzc3ZmRjY2JlZjhj&dsp_callback=0
https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEGPNa-6N6hB7H7AXzfdFJqg&google_cver=1
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEGPNa-6N6hB7H7AXzfdFJqg&google_cver=1

43 B
431 B

37ms
35ms

Image
image/gif

18.185.208.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEGPNa-6N6hB7H7AXzfdFJqg&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.208.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Apr 2021 11:18:21 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=0&external_user_id=CAESEGPNa-6N6hB7H7AXzfdFJqg&google_cver=1
date: Tue, 13 Apr 2021 11:18:20 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK img
pixel.mathtag.com/sync/ 43 B
506 B 142ms
36ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?sync=auto&publisher_user_id=e41be5c3-ed7f-4506-b4db-c77fdccbef8c&publisher_dsp_id=5&publisher_call_type=redirect&publisher_redirecturl=https://euc-ice.360yield.com/match
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3660 495c301 master zrh-pixel-x15 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:20 GMT
Server: MT3 3660 495c301 master zrh-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 13 Apr 2021 11:18:19 GMT

GET
H2

200

match
euc-ice.360yield.com/
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=e41be5c3-ed7f-4506-b4db-c77fdccbef8c&publisher_dsp_id=42&publisher_call_type=redirect&publisher_redirecturl=https://euc-ice....
https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=e41be5c3-ed7f-4506-b4db-c77fdccbef8c&publisher_dsp_id=42&publisher_call_type=redirect&publisher_redirecturl=https://euc...
https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1619522300&external_user_id=1240512143984231881

43 B
484 B

47ms
37ms

Image
image/gif

3.125.240.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1619522300&external_user_id=1240512143984231881
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.240.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Apr 2021 11:18:21 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:20 GMT
server: nginx
location: https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1619522300&external_user_id=1240512143984231881
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

match
match.360yield.com/ul_cb/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=5Bvlw-1_RQa028d_3MvvjA&google_cm&dsp_callback=0&publisher_dsp_id=340
https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&google_gid=CAESEBSwxoQBQ6I-Uo9MsWuxBc4&google_cver=1
https://match.360yield.com/ul_cb/match?dsp_callback=0&publisher_dsp_id=340&google_gid=CAESEBSwxoQBQ6I-Uo9MsWuxBc4&google_cver=1

43 B
434 B

59ms
35ms

Image
image/gif

3.125.240.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/ul_cb/match?dsp_callback=0&publisher_dsp_id=340&google_gid=CAESEBSwxoQBQ6I-Uo9MsWuxBc4&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.240.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Apr 2021 11:18:21 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://match.360yield.com/ul_cb/match?dsp_callback=0&publisher_dsp_id=340&google_gid=CAESEBSwxoQBQ6I-Uo9MsWuxBc4&google_cver=1
date: Tue, 13 Apr 2021 11:18:20 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

match
euc-ice.360yield.com/
Redirect Chain

https://ib.adnxs.com/getuid?https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=$UID&publisher_dsp_id=40
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feuc-ice.360yield.com%2Fmatch%3Fdsp_callback%3D0%26external_user_id%3D%24UID%26publisher_dsp_id%3D40
https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=5049971785150987344&publisher_dsp_id=40

43 B
423 B

50ms
36ms

Image
image/gif

3.125.240.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=5049971785150987344&publisher_dsp_id=40
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.240.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Apr 2021 11:18:21 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:20 GMT
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.165:80
AN-X-Request-Uuid: 4d850b4e-5b57-4194-9543-6cd267b742ab
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=5049971785150987344&publisher_dsp_id=40
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
599 B 142ms
43ms Image
image/gif 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:20 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1618312700626000-88
Expires: Tue, 13 Apr 2021 11:18:20 GMT

GET
H2 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E3CC 574 KB
188 KB 30ms
7ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462890
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame BA34 44 KB
17 KB 56ms
13ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:20 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BA34 107 B
165 B 20ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame A880 25 KB
25 KB 42ms
6ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1618312700860
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:20 GMT
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1618312700.dop244.fr8.t,1618312700.cds002.fr8.shn,1618312700.cds002.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET

user-registering
ads.stickyadstv.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5d54b48c3e753dc5ffd0fe09e567937&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g095_6950600125496713550
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NWQ1NGI0OGMzZTc1M2RjNWZmZDBmZTA5ZTU2NzkzNw==&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKd3OEbvNhb4aeB-4G7Tj6A&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=091079a3-59e3-4442-8ba6-60a4678ce875
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=5049971785150987344
https://pr-bh.ybp.yahoo.com/sync/stickyads/5d54b48c3e753dc5ffd0fe09e567937&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-hzlvt09E2oPDij5T7yBuEB_PRelSgHdrB3VqPlP.~A
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=52616075-7dfc-4400-9c8d-ca5c8e752d9e&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr...
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YHV9-gAAAgwznQAC&gdpr=0&gdpr_consent=&_test=YHV9-gAAAgwznQAC
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=kcTIdKIG1Lwh3M5&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1240512143984231881

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame A880 301 B
859 B 96ms
34ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=12268545&loc=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:20 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1618312700896065-122
Expires: Tue, 13 Apr 2021 11:18:20 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame A880 67 B
724 B 169ms
116ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12268545&_fw_gdpr=0&cbb=8312699236&_fw_us_privacy=1---&_fw_gdpr_consent=&schain=1.0%2C1!vidcrunch.com%2C5eea0864e08b0760d33128ae%2C1%2C%2CGmanetwork.com%2CGmanetwork.com&vav=173918dbdc7ce19e810f53c7a39c92a4&vaviv=404aba6e4c98aae72ab163b029a5569b&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&playerSize=300x250&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:21 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1618312700896081-122
Expires: Tue, 13 Apr 2021 11:18:21 GMT

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 71D8 25 KB
25 KB 8ms
8ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1618312700937
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:20 GMT
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1618312700.dop244.fr8.t,1618312700.cds002.fr8.shn,1618312700.cds002.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame 71D8 0
0

GET

cs
ad.turn.com/r/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5d54b48c3e753dc5ffd0fe09e567937&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g051_6950600125496740346
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NWQ1NGI0OGMzZTc1M2RjNWZmZDBmZTA5ZTU2NzkzNw==&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKd3OEbvNhb4aeB-4G7Tj6A&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=091079a3-59e3-4442-8ba6-60a4678ce875
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=5049971785150987344
https://pr-bh.ybp.yahoo.com/sync/stickyads/5d54b48c3e753dc5ffd0fe09e567937&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-hzlvt09E2oPDij5T7yBuEB_PRelSgHdrB3VqPlP.~A
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=52616075-7dfc-4400-9c8d-ca5c8e752d9e&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAEP9E7A6vwAACrm3LYadA&gdpr=0
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1240512143984231881
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=kcTIdKIG1Lwh3M5
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 71D8 301 B
858 B 46ms
40ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=12268577&loc=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:21 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1618312701005003-27
Expires: Tue, 13 Apr 2021 11:18:21 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 71D8 67 B
724 B 216ms
177ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12268577&_fw_gdpr=0&cbb=8312699247&_fw_us_privacy=1---&_fw_gdpr_consent=&schain=1.0%2C1!vidcrunch.com%2C5eea0864e08b0760d33128ae%2C1%2C%2CGmanetwork.com%2CGmanetwork.com&vav=fe0f5639167dfc0514b871bf858ae34c&vaviv=2478c35b0ada9660fdd6fb76763c2d2d&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&playerSize=300x250&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:21 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1618312701017034-415
Expires: Tue, 13 Apr 2021 11:18:21 GMT

GET
H2 200 st.a9c2f47cfbd1f141fb724cef861110d7.js Show response
ws.sharethis.com/secure/js/ Frame B15E 88 KB
23 KB 11ms
11ms Script
application/javascript 2600:9000:2182:ca00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure/js/st.a9c2f47cfbd1f141fb724cef861110d7.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ca00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 85a0afc2f45cecec31d8ccd1498cd8bfe428b3d79018efb1bf4da2cb3050b847

Request headers

Referer: https://ws.sharethis.com/secure/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 5242275
etag: W/"60257012-15e0f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-robots-tag: noindex, nofollow
content-length: 23428
x-amz-cf-id: ENFeKxzeTLIlMaTKI27AcccKOU8rY8hmqolcON6KsLiy3BlKaO9mIQ==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 875C 574 KB
188 KB 37ms
21ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462891
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 37A3 44 KB
17 KB 55ms
31ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:21 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 37A3 107 B
146 B 25ms
19ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 02F6 574 KB
187 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462891
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1AD9 44 KB
16 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:21 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1AD9 107 B
123 B 17ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 28ms
28ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=9&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fimasdk.googleapis.com%2Fjs%2Fcore%2Fbridge3.450.0_en.html%23goog_2022152316&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=150&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312694483&de=103814470250&cu=1618312694483&m=6702&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4760&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=498&cd=0&ah=498&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4914438385%3A2739195827%3A5471012876%3A138322335932&bo=343684595&bd=346123955&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=300x250&zMoatPS=GNO_Money_Article_Mrec_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Article_Mrec_1_1&iq=na&tt=na&tc=0&fs=189983&na=759302089&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:21 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:21 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NWQ1NGI0OGMzZTc1M2RjNWZmZDBmZTA5ZTU2NzkzNw==&gdpr=0&gdpr_consent=

170 B
473 B

30ms
29ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NWQ1NGI0OGMzZTc1M2RjNWZmZDBmZTA5ZTU2NzkzNw==&gdpr=0&gdpr_consent=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:21 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NWQ1NGI0OGMzZTc1M2RjNWZmZDBmZTA5ZTU2NzkzNw==&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1618312701205049-168
Expires: Tue, 13 Apr 2021 11:18:21 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=5d54b48c3e753dc5ffd0fe09e567937&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

343ms
114ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=5d54b48c3e753dc5ffd0fe09e567937&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:21 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:21 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=5d54b48c3e753dc5ffd0fe09e567937&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1618312701166052-93
Expires: Tue, 13 Apr 2021 11:18:21 GMT

GET user-matching
ads.stickyadstv.com/ Frame 71D8 0
0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NWQ1NGI0OGMzZTc1M2RjNWZmZDBmZTA5ZTU2NzkzNw==&gdpr=0&gdpr_consent=

170 B
190 B

28ms
28ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NWQ1NGI0OGMzZTc1M2RjNWZmZDBmZTA5ZTU2NzkzNw==&gdpr=0&gdpr_consent=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:21 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NWQ1NGI0OGMzZTc1M2RjNWZmZDBmZTA5ZTU2NzkzNw==&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1618312701156040-388
Expires: Tue, 13 Apr 2021 11:18:21 GMT

GET user-matching
ads.stickyadstv.com/ Frame 71D8 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=5d54b48c3e753dc5ffd0fe09e567937&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

364ms
126ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=5d54b48c3e753dc5ffd0fe09e567937&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:21 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:21 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=5d54b48c3e753dc5ffd0fe09e567937&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1618312701313013-136
Expires: Tue, 13 Apr 2021 11:18:21 GMT

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame CE71 2 KB
3 KB 96ms
32ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31076313&p=159753&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: c25e9541d182dc47f8bb6b76c8940a726ae986c0fdd646a5e0f52f9b7a17f1a5

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:21 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 03C1 0
746 B 45ms
42ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:21 GMT
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.80:80
AN-X-Request-Uuid: 99ba85e0-4ace-4b98-81d5-1ba93dae0575
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 73CB 36 KB
12 KB 19ms
18ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3264
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AAEB 36 KB
12 KB 19ms
18ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3264
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 444C 36 KB
12 KB 19ms
19ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3264
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET
H3-Q050 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B3A9 334 KB
115 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:21 GMT

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 567A 43 B
325 B 110ms
34ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=31076313&p=159753&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Tue, 13 Apr 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 987
x-powered-by: ASP.NET
date: Tue, 13 Apr 2021 11:18:21 GMT
content-length: 43

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CE71
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1WaeLciNQRiWojuA78nU8Q%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

68ms
21ms

Image
text/html

184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=101032
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Wed, 14 Apr 2021 15:22:13 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame CE71 95 B
386 B 40ms
28ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=D5669E2D-C88D-4118-96A2-3B80EFC9D4F1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 63f44b102a402b1a-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 096c8d3e1900002b1a54134000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame CE71
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D5669E2D-C88D-4118-96A2-3B80EFC9D4F1&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D5669E2D-C88D-4118-96A2-3B80EFC9D4F1&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

42ms
40ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D5669E2D-C88D-4118-96A2-3B80EFC9D4F1&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:19 GMT
frontend-id: 11
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:19 GMT
frontend-id: 10
location: /pubmatic/1/info2?sType=sync&sExtCookieId=D5669E2D-C88D-4118-96A2-3B80EFC9D4F1&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame CE71
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D5669E2D-C88D-4118-96A2-3B80EFC9D4F1&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D5669E2D-C88D-4118-96A2-3B80EFC9D4F1&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D5669E2D-C88D-4118-96A2-3B80EFC9D4F1&addseg=31

7 B
147 B

84ms
26ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D5669E2D-C88D-4118-96A2-3B80EFC9D4F1&addseg=31
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:21 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Tue, 13 Apr 2021 11:18:21 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D5669E2D-C88D-4118-96A2-3B80EFC9D4F1&addseg=31
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame CE71
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDU2NjlFMkQtQzg4RC00MTE4LTk2QTItM0I4MEVGQzlENEYx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
506 B

101ms
33ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:21 GMT
X-lat: lhrpug004:0:1399
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame CE71
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOEb1KzodjPFP1dy8JOosVY&google_cver=1

42 B
855 B

100ms
31ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOEb1KzodjPFP1dy8JOosVY&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:21 GMT
X-lat: lhrpug004:0:616
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOEb1KzodjPFP1dy8JOosVY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame CE71 43 B
609 B 39ms
29ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 12 Apr 2021 11:18:21 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame CE71
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=091079a3-59e3-4442-8ba6-60a4678ce875

42 B
882 B

33ms
31ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=091079a3-59e3-4442-8ba6-60a4678ce875
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:20 GMT
X-lat: amspug007:0:406
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=091079a3-59e3-4442-8ba6-60a4678ce875
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame CE71
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1240512143984231881

42 B
801 B

27ms
26ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1240512143984231881
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:19 GMT
X-lat: amspug013:0:421
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:21 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1240512143984231881
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 081A 574 KB
187 KB 8ms
6ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462891
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B3A9 44 KB
16 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:21 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame B3A9 107 B
123 B 19ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9702 36 KB
12 KB 21ms
20ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3264
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 27ms
27ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040804&jk=1908209281913195&bg=!tbaltvLNAAY56aLOOek7ACkAdvg8WhmTJwSUAMmGJWxBfrjCxv-EvdjfD9CIy1SZUDoh7B3q9PvnsAIAAAYdUgAAAKhoAQcKAVp2BXGCsVWitN_u8HPSyHSRQ5pC4NwDzfvmLZHZ7dOdJk4MwY6aMfpN7RCd6JdPaXo7NjPlesJ7N7_RiSHhs_rBKTB-9WSG4fNh7e69Fel8VjFiH74-3EirwhdR3fIRaKh5VMerfgFpbImEEuj4DOgEDEfYY9RZXJkn7LQjqfPRlHEM8ooeWX6X5AxhsdCTbUrhOjt4vROHdpKsdLxOUjgW1Lr1MnHydZICSurN21DbIpgeYV6iZXNaOHFxnAKz-dOHQlwIu00BonQ2uLS-cwkmoLiY3IsMTLkQbUD9l_pipY7Dp2_QIT4cugO4D8oVKbPSaW0ojreths1vRALzJ9di8Pfrw3jRRlX3B6zlhCUgNbXcxBYDvg4gGSOtEUUE5ga5GXCP0LHDKDzgGiXgZKrLeLU2lkXQWNuW3pYIXAJFHZy482p5s25IlOzzIZj0dVw4daDqkoB9qjT6mQHhav0ZMZ8U326aUS21AfdmbE6jeSKTqvvBkYuP74wKiiESeLb5YDZCUTyuxZ5fZ1LlSl9lvxyZUBAFwHYkk2z2euSjOYU6cvepPV_8gzFrGNsmiTgR1RR4NRVAfzwwLgrTT_ee2QxZv9oASXYRXiUNEaahCLVf8pw6Pm0twSEFSfsuJEaVPdGrECmPYdF_mz4Xo4T3dyGS31f2Px5DoEKWiCRseL9M0VcyftrWTC-2GiRpNFiBHgv1Si9cBSyqde01wAJ00EYuevlNsJd6OTW02k1ch82Z3rsFwfmLlWomAuv6dDjVMTk6f8YdFT5G1OogIiZFJKQd9uu1hPnuU5D80-g0wB5p3qob7aTZpnK4-B3d8iTXapibbrGzEHah_ucP5uGdfmrwcUkB8NoIQoKXO2yqlthnH0vNuUrCN1wN8qLi2AtPfCVlSwd41dbJhA3_o3FX9YDKCoaMJK1jQ4Tbgl2TmCV_9kEG3GHrT9IuKWaru6peemHivg2VOnZyAWm85iaGPy8mbB5kxG2-1n7TpImkijU9nfndv3L_0X7x1dsyFcKrHZbb1J1qQq3Y9sHMOa-8S8VEMbESeEbv8fns6WNnzZufjmKcOKu6O_A5GFXKOFKheoB_jU1xuVBxebQBwg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E3CC 156 B
236 B 192ms
190ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21686950643%2FNV2%2Fnovovideo_1.72&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2533308240089142&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2162749678&sdk_apis=2%2C8&sid=C94240C6-0385-4958-8BB2-49009CC5702A&eid=420706105%2C44725355%2C44729227&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312701932&cookie_enabled=1&scor=4015360179584495&ged=ve4_td2_tt1_pd2_la2000_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 875C 56 KB
5 KB 206ms
205ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2Fgmanetwork.com_2_video_preroll&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&env=vp&correlator=4448416465201850&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480&max_ad_duration=30000&unviewed_position_start=1&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=3113862653&sdk_apis=2%2C8&sid=A650D36F-397C-4211-AFDA-36284BD66969&eid=21064201%2C44729227&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312701949&cookie_enabled=1&scor=3227988293563338&ged=ve4_td2_tt1_pd2_la2000_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

49692bc46a7a85e6464ee6a4c279d57df60af78cbdafd95dff332ce28abb5f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5444
x-xss-protection: 0
google-lineitem-id: 5587227017,5586749190,5587221977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138336562634,138337100929,138337003609
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 02F6 156 B
192 B 333ms
333ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21686950643%2FNV%2Fnovovideo_1.72&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=712419109382792&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=384668948&sdk_apis=2%2C8&sid=12A17FAB-F4E9-4E2A-A504-C74A8AD624E7&eid=44712633%2C44729227&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312701953&cookie_enabled=1&scor=2915676357774715&ged=ve4_td2_tt1_pd2_la2000_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 081A 156 B
192 B 166ms
165ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21733955780%2Fgmanetwork.com_video_USD1.85&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4241951962139310&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2078603922&sdk_apis=2%2C8&sid=843FB34E-43BA-4497-BCDB-02C7837DD89B&eid=44729227%2C44737598&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312702023&cookie_enabled=1&scor=2657509183577727&ged=ve4_td1_tt0_pd1_la1000_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 875C 949 B
1 KB 84ms
32ms XHR
application/xml 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 318e8a3bc9571b8d314521b209c67cddca0350d0c8b92bd2b8745b33a27dc5f7

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:22 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
ETag: "461ced-23ca-5b1869b8fc7b9"
Vary: Origin, Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 591
Expires: Tue, 13 Apr 2021 11:18:22 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 342ms
117ms XHR
text/plain 52.206.198.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=26232&t=1618312699&cip=37.120.213.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1618312699031-938042847281-020198-002-004901&cha=0.7&cb=59803934945&d9=0000&AV_WIDTH=300&AV_HEIGHT=250
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.198.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-198-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 13 Apr 2021 11:18:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 03C1 0
747 B 93ms
32ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:22 GMT
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: 01a3e1dc-bf22-4864-a483-1f217a2dc6a7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 875C 0
331 B 290ms
100ms Other
image/gif 2607:f8b0:4004:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knfxlke4&c=4904382487372&slotId=2452191243686&qqid=CP_Z8s2M--8CFQH5dwoddjsHJg&gqid=_X11YNaOO46E3wP35YHwBQ&fb=ima-html5&sdkv=h.3.450.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&ghmsh_eids=21064201%2C44729227&vmfc=1&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:803::2003 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 875C 42 B
106 B 36ms
35ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=Buymq_X11YL_nO4Hy3wP29pywAvm4t_dFAAAAEAEgo9uJIjgAWMrbgayDBGD1lc6B4ASyARJ3d3cuZ21hbmV0d29yay5jb226AQs0MDB4MzAwX3htbMgBBdoB7QFodHRwczovL3d3dy5nbWFuZXR3b3JrLmNvbS9uZXdzL21vbmV5L2NvbXBhbmllcy83ODM1MDkvYWlyYXNpYS1yb2xscy1vdXQtcDEtZmFyZS1wcm9tby9zdG9yeS8_X2hzbWk9ODg5NzQ3NDQmX2hzZW5jPXAyQU5xdHotLUIxOGhDWThuanlManpWMFNmRGRZNHVuNEVvdHJONElFY0V0UXB5TXNZT29GUkJvcEU3TUZYUmpvZVVFSXVnaHJtcURiLTVYeWdlRkxnYnVWVGZaUTN5S0NvS1JWN1VwaUs2eFdfSWVuNTRIY2pPX1GpAlGAZviJfZE-wAIC4AIA6gIoLzUyNTU1Mzg3L2dtYW5ldHdvcmsuY29tXzJfdmlkZW9fcHJlcm9sbPgCgdIekAPIBpgDyAaoAwHQBJBO4AQB0gUGEImjmegUkAYBoAYkqAfs1RuoB_PRG6gHltgb2AcA4AcP0ggHCIBhEAEYHdgIAoAKBZgLAYAMAQ&sigh=pz5uFBftO7o&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.450.0&vci=[CREATIVE_PLAYBACK]

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 875C 0
64 B 53ms
53ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumP9EmdRiqDYaXDjpPCK8BQwXxIxrTL4pDbBTfh1d-Oj3i017x0UE7HTC6-ESw_rDvT19Aap3Fk3oNUKC6AXcWu-qeOFtIKAyQ6xDUFJu4vrURUbVjW1EOH0kz1BWZFREVQmQSpgJUCsBfED_fr1go4taOkGReLcQy-aCvO_zatPAn4I6VH6dTPAdmeczvpn3DSt6-Kj4tE7sW3gAOHY5STjaQARfVcnANJYy3-KZVjoHtadV73TQJI2EUWhRjiwGd2t-Nii43rnZpiQxRMOS0x3HXRHe7NdJEfhEFFj4jxiC5pji0Ruafr_E-8ar5xpxR0quGc29zbWsaA50&sig=Cg0ArKJSzOjbJPi6goalEAE&sdkv=h.3.450.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1ODcyMjcwMTcyDDEzODMzNjU2MjYzNEDVAQpQCAESEnZwYWlkLnB1Ym1hdGljLmNvbRoIUHViTWF0aWMgAyoLUE1fVlBBSURfQURAWFIdJQAA8EEoAToHdW5rbm93bkIHdW5rbm93blAAYAEYAQ..&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3186 50 KB
18 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f2e894b7e3b50ebc842bf653792c63d598ac4b6345c279aaef7616a63f19341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 18:18:28 GMT
server: sffe
age: 495
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:25:07 GMT

GET
H/1.1 200
OK PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 3186 150 KB
35 KB 43ms
43ms Script
text/javascript 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 07:24:19 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1408294-257f0-5b82218515d54"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35684

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 2F41 38 KB
14 KB 80ms
35ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.gmanetwork.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES; KADUSERCOOKIE=D5669E2D-C88D-4118-96A2-3B80EFC9D4F1; chkChromeAb67Sec=1; DPSync3=1619481600%3A201_227_226_221; SyncRTB3=1619568000%3A35%7C1619481600%3A54_56_220_21_13; KRTBCOOKIE_391=22924-1240512143984231881&KRTB&23263-1240512143984231881; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEOEb1KzodjPFP1dy8JOosVY&KRTB&22987-CAESEOEb1KzodjPFP1dy8JOosVY&KRTB&23025-CAESEOEb1KzodjPFP1dy8JOosVY; KRTBCOOKIE_377=6810-091079a3-59e3-4442-8ba6-60a4678ce875&KRTB&22918-091079a3-59e3-4442-8ba6-60a4678ce875&KRTB&23031-091079a3-59e3-4442-8ba6-60a4678ce875; PugT=1618312700
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

Last-Modified: Thu, 01 Apr 2021 09:51:48 GMT
ETag: "13006b6-98c9-5bee62e0efabf"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14061
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=63991
Expires: Wed, 14 Apr 2021 05:04:53 GMT
Date: Tue, 13 Apr 2021 11:18:22 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3186 38 KB
14 KB 81ms
35ms Script
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Apr 2021 09:51:48 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-98c9-5bee62e0efabf"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=63991
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 14061
Expires: Wed, 14 Apr 2021 05:04:53 GMT

GET
H/1.1 200
OK AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 3186 27 B
754 B 110ms
109ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=250&vw=300&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+7+6&gdpr=0&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE&cb=1618312702439&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.gmanetwork.com%252Fnews%252Fmoney%252Fcompanies%252F783509%252Fairasia-rolls-out-p1-fare-promo%252Fstory%252F%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.gmanetwork.com%252Fnews%252Fmoney%252Fcompanies%252F783509%252Fairasia-rolls-out-p1-fare-promo%252Fstory%252F%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-4-13%2013:18:22&ranreq=0.6376977516277256&timezone=2&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:23 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
X-Vdbg
Content-Type: application/xml; charset=utf-8

GET track
aktrack.pubmatic.com/ Frame 3186 0
0

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 875C 42 B
220 B 31ms
29ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=Buymq_X11YL_nO4Hy3wP29pywAvm4t_dFAAAAEAEgo9uJIjgAWMrbgayDBGD1lc6B4ASyARJ3d3cuZ21hbmV0d29yay5jb226AQs0MDB4MzAwX3htbMgBBdoB7QFodHRwczovL3d3dy5nbWFuZXR3b3JrLmNvbS9uZXdzL21vbmV5L2NvbXBhbmllcy83ODM1MDkvYWlyYXNpYS1yb2xscy1vdXQtcDEtZmFyZS1wcm9tby9zdG9yeS8_X2hzbWk9ODg5NzQ3NDQmX2hzZW5jPXAyQU5xdHotLUIxOGhDWThuanlManpWMFNmRGRZNHVuNEVvdHJONElFY0V0UXB5TXNZT29GUkJvcEU3TUZYUmpvZVVFSXVnaHJtcURiLTVYeWdlRkxnYnVWVGZaUTN5S0NvS1JWN1VwaUs2eFdfSWVuNTRIY2pPX1GpAlGAZviJfZE-wAIC4AIA6gIoLzUyNTU1Mzg3L2dtYW5ldHdvcmsuY29tXzJfdmlkZW9fcHJlcm9sbPgCgdIekAPIBpgDyAaoAwHQBJBO4AQB0gUGEImjmegUkAYBoAYkqAfs1RuoB_PRG6gHltgb2AcA4AcP0ggHCIBhEAEYHdgIAoAKBZgLAYAMAQ&sigh=pz5uFBftO7o&label=videoplayfailed901&acvw=&sdkv=h.3.450.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1ODcyMjcwMTcyDDEzODMzNjU2MjYzNEDVAQpVCAESEnZwYWlkLnB1Ym1hdGljLmNvbRoIUHViTWF0aWMgAyoLUE1fVlBBSURfQURAWFIiEAQlAADwQSgBOgd1bmtub3duQgd1bmtub3duSPkFUABgARgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track
aktrack.pubmatic.com/ Frame 875C 0
124 B 70ms
22ms Image
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=155949&s=795633&a=3435469&ts=1618312702&wa=0&e=96&ier=901
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:23 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

GET vast.xml
video-ads.rubiconproject.com/video/11734/360508/1944268/205/ Frame 875C 0
0

GET
DATA 200
OK truncated
/ Frame 875C 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 875C 42 B
217 B 33ms
32ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BVTgW_n11YLb5B4Hy3wP29pywAruGt_dFAAAAEAEgo9uJIjgAWIHJoqyDBGD1lc6B4ASyARJ3d3cuZ21hbmV0d29yay5jb226AQs0MDB4MzAwX3htbMgBBdoB7QFodHRwczovL3d3dy5nbWFuZXR3b3JrLmNvbS9uZXdzL21vbmV5L2NvbXBhbmllcy83ODM1MDkvYWlyYXNpYS1yb2xscy1vdXQtcDEtZmFyZS1wcm9tby9zdG9yeS8_X2hzbWk9ODg5NzQ3NDQmX2hzZW5jPXAyQU5xdHotLUIxOGhDWThuanlManpWMFNmRGRZNHVuNEVvdHJONElFY0V0UXB5TXNZT29GUkJvcEU3TUZYUmpvZVVFSXVnaHJtcURiLTVYeWdlRkxnYnVWVGZaUTN5S0NvS1JWN1VwaUs2eFdfSWVuNTRIY2pPX1GpAlGAZviJfZE-wAIC4AIA6gIoLzUyNTU1Mzg3L2dtYW5ldHdvcmsuY29tXzJfdmlkZW9fcHJlcm9sbPgCgdIekAPIBpgDyAaoAwHQBJBO4AQB0gUGEIaO_OcUkAYBoAYkqAfs1RuoB_PRG6gHltgb2AcA4AcP0ggHCIBhEAEYHdgIAoAKBZgLAYAMAQ&sigh=UE-pEwtUYZM&label=videoplayfailed900&acvw=[VIEWABILITY]&sdkv=h.3.450.0&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1ODY3NDkxOTBA1QFSGSUAAPBBOgd1bmtub3duQgd1bmtub3duUAAYAQ..

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame 875C
Redirect Chain

https://yieldbird-d.openx.net/v/1.0/av?auid=543857870&url=https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz...
https://yieldbird-d.openx.net/v/1.0/av?cc=1&auid=543857870&url=https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/%253F_hsmi%253D88974744%2526_hsenc%253Dp2...
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDQ3NTdkMTctM2M3Ni02NDJkLTUxMWYtZDFmZWU0YTNmNTY3

0
0

GET
H2

200

av Show response
yieldbird-d.openx.net/v/1.0/ Frame 875C
Redirect Chain

https://yieldbird-d.openx.net/v/1.0/av?auid=543857870&url=https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz...
https://yieldbird-d.openx.net/v/1.0/av?cc=1&auid=543857870&url=https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/%253F_hsmi%253D88974744%2526_hsenc%253Dp2...

48 B
332 B

35ms
34ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://yieldbird-d.openx.net/v/1.0/av?cc=1&auid=543857870&url=https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&cb=2009785674&vwd=&vht=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.2 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:23 GMT
content-encoding: gzip
server: OXGW/16.205.2
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 13 Apr 2021 11:18:23 GMT
via: 1.1 google
server: OXGW/16.205.2
location: https://yieldbird-d.openx.net/v/1.0/av?cc=1&auid=543857870&url=https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&cb=2009785674&vwd=&vht=
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 23ms
23ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&kq=1&lo=0&qs=1&ak=https%3A%2F%2Fimages.gmanews.tv%2Fwebpics%2F2020%2F01%2FAirAsia_2020_01_22_12_45_27.jpg&i=GMANMI_CONTENT1&ud=false&qm=-120&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5Eh%3B%3BG%24%2509QAk%7Ci%3E3%24.ekO2m%2F%26u~q%60RP%3CG.FT0J%5D%5B(v%7CQM%3CJ.Vo!Ge%23D3lBuoytIDNmGupI%5B%5B%26u5k72kF0beMQ2%26(rX%3BU4%22s%40_Qx!%40D4%2BFTJKZ%5ESCeSztOJ5p6CGuk%3Fy6lAet66%3CBl%3F%24b%3AameaUc%5EKu%3BUDXp%2B3W%60R2zp%2FTjqU%7B(8fYqbB%7B0%60%23ym7D%5DD7gwb%5DG8F%25uHb%5DQ%22_5.eaL57IM%3C%7D)XLKX2fc%2Cie8!iwGFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.yB%3AU!%2FpwvWUuaU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=4&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=4740&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&fy=268.8125&gp=298&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&f=0&o=3&t=1618312692171&de=103540330375&cu=1618312692653&m=11090&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=298&le=1&gm=1&io=1&ch=0&as=1&ag=10186&an=5244&gf=0&gg=0&ez=1&ck=1202&kw=1169&aj=1&pg=55&pf=55&ib=0&cc=1&bw=10186&bx=5244&undefined=1&ci=1202&jz=1168&dj=1&aa=0&ad=354&cn=354&gk=0&gl=0&cq=1&em=0&en=0&bu=10153&cd=5211&ah=10153&am=5211&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3AAirAsia%20rolls%20out%20P1%20fare%20promo%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=1899855398&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:23 GMT

GET
H3-Q050 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 875C 42 B
227 B 30ms
29ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bec_a_n11YLf5B4Hy3wP29pywAsa4t_dFAAAAEAEgo9uJIjgAWNnQnKyDBGD1lc6B4ASyARJ3d3cuZ21hbmV0d29yay5jb226AQs0MDB4MzAwX3htbMgBBdoB7QFodHRwczovL3d3dy5nbWFuZXR3b3JrLmNvbS9uZXdzL21vbmV5L2NvbXBhbmllcy83ODM1MDkvYWlyYXNpYS1yb2xscy1vdXQtcDEtZmFyZS1wcm9tby9zdG9yeS8_X2hzbWk9ODg5NzQ3NDQmX2hzZW5jPXAyQU5xdHotLUIxOGhDWThuanlManpWMFNmRGRZNHVuNEVvdHJONElFY0V0UXB5TXNZT29GUkJvcEU3TUZYUmpvZVVFSXVnaHJtcURiLTVYeWdlRkxnYnVWVGZaUTN5S0NvS1JWN1VwaUs2eFdfSWVuNTRIY2pPX1GpAlGAZviJfZE-wAIC4AIA6gIoLzUyNTU1Mzg3L2dtYW5ldHdvcmsuY29tXzJfdmlkZW9fcHJlcm9sbPgCgdIekAPIBpgDyAaoAwHQBJBO4AQB0gUGENn7mOgUkAYBoAYkqAfs1RuoB_PRG6gHltgb2AcA4AcP0ggHCIBhEAEYHdgIAoAKBZgLAYAMAQ&sigh=XC7GW0nGZ68&label=videoplayfailed303&acvw=[VIEWABILITY]&sdkv=h.3.450.0&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1ODcyMjE5NzdA1QFSGSUAAPBBOgd1bmtub3duQgd1bmtub3duUAAYAQ..

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vast2 Show response
tag.1rx.io/rmp/202011/0/ 168 B
487 B 56ms
54ms XHR
application/xml 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/202011/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&w=300&h=250&schain=1.0,1!vidcrunch.com,5eea0864e08b0760d33128ae,1,,Gmanetwork.com,Gmanetwork.com&us_privacy=1---&ip=37.120.213.100&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lon=8.44500&lat=47.39400&cbb=8312703390
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:23 GMT
Server: Tengine
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 168

GET
H2 200 advast Show response
ice.360yield.com/ 27 B
444 B 121ms
120ms XHR
application/xml 18.185.208.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/advast?p=22324347&w=16&h=9&player_width=300&player_height=250&referrer=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&schain=1.0,1!vidcrunch.com,5eea0864e08b0760d33128ae,1,,Gmanetwork.com,Gmanetwork.com&us_privacy=1---&cbb=8312703391
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.208.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:23 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
235 B 218ms
217ms XHR
text/plain 34.236.214.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=1d6b5ceec65a6188be877b2c23cd07c2_1723149115&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1618312699031-938042847281-020198-002-004901&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&AV_PUBLISHERID=5eea0864e08b0760d33128ae&AV_CHANNELID=5f212d174b419e3bf16f66ad&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gmanetwork.com&AV_DADPOS=3&AV_PLACEMENT=1&v=6.1.1.243&avtoken=698595&AV_WIDTH=300&AV_HEIGHT=250&AV_DNT=0&cb=8312703393&tgt=0&
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:23 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 01 Apr 2021 21:31:43 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 115ms
115ms Image
text/plain 52.206.198.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=26232&t=1618312699&cip=37.120.213.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1618312699031-938042847281-020198-002-004901&cha=0.7&cb=59803934945&d9=0000&AV_WIDTH=300&AV_HEIGHT=250&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=request&cb=1618312703394&asid=5ff589dc4b337c40965101c3%2C602d2c85082e28357f77e7e8%2C6000b9ec9e10b015a725e2ea%2C5eeb62382e9087423f2047ea%2C5e17488228a06163020cc073%2C5eeb61d689e42756c3479a25%2C5fd5d85915b86d7ecd0a28ea%2C5eeb769c64dc3851426b47d7%2C6005b0143b408362c32b4815%2C5f8eb19c8c493a3dc02fd4e7%2C5f9b07e039fc2e74ed5ef690%2C5f2fd7715c5fcc3dbb4252c1&ofpr=%2C%2C%2C1.4%2C%2C1.4%2C2%2C%2C%2C1.3%2C1.3%2C1.3&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.198.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-198-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:23 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/205427/0/ 0
275 B 52ms
52ms XHR
text/plain 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205427/0/mvo?z=1r&hbv=4.25,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:23 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/205428/0/ 0
275 B 98ms
47ms XHR
text/plain 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=4.25,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:23 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

GET
H2 200 hb Show response
ice.360yield.com/ 99 B
517 B 115ms
115ms XHR
application/json 18.185.208.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2232f1a6f38f2a2df%22%2C%22version%22%3A%227.2.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%225eea0864e08b0760d33128ae%22%2C%22rid%22%3A%221d6b5ceec65a6188be877b2c23cd07c2_1723149115%22%2C%22name%22%3A%22Gmanetwork.com%22%2C%22hp%22%3A1%2C%22domain%22%3A%22Gmanetwork.com%22%2C%22asi%22%3A%22vidcrunch.com%22%7D%5D%2C%22complete%22%3A1%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22259f6ec98ec718a%22%2C%22ad_types%22%3A%5B%22video%22%5D%2C%22bidfloor%22%3A2%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22416254%2C%22tid%22%3A%22e5b8c72e-b9df-4652-97ee-ce133f87892f%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.208.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1cb3f7a12a9d47fd69579591d24c047feb95580ea06d75c63a40cf61a774d58c

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:23 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 99
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 27ms
27ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
1 KB 178ms
116ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a2c5be0877b32fb7bff446fa1f21341e7f9f534bc4e517d665a7cd04954aec4c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:23 GMT
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.138:80
AN-X-Request-Uuid: ec869c62-7b85-454c-9ffe-76aa25d8bd8d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 36ms
36ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 track
track1.aniview.com/ 0
70 B 116ms
116ms Image
text/plain 52.206.198.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=26232&t=1618312699&cip=37.120.213.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1618312699031-938042847281-020198-002-004901&cha=0.7&cb=59803934945&d9=0000&AV_WIDTH=300&AV_HEIGHT=250&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=bid&cb=1618312703615&asid=5ff589dc4b337c40965101c3%2C602d2c85082e28357f77e7e8%2C6000b9ec9e10b015a725e2ea%2C6005b0143b408362c32b4815&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.198.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-198-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:23 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 57B3 334 KB
115 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:23 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1638 334 KB
115 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:23 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 35AB 334 KB
115 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:23 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5932 334 KB
115 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:23 GMT

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1458 574 KB
187 KB 9ms
9ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462893
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1638 44 KB
16 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:23 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1638 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9649 574 KB
187 KB 14ms
6ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462893
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5932 44 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:23 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5932 107 B
146 B 18ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2964 574 KB
187 KB 7ms
5ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462893
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 35AB 44 KB
16 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:23 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 35AB 107 B
123 B 22ms
22ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B386 574 KB
187 KB 11ms
10ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462893
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 57B3 44 KB
16 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:23 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 57B3 107 B
123 B 21ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 159B 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3267
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3F39 36 KB
12 KB 21ms
19ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3267
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0977 36 KB
12 KB 20ms
19ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3267
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 12E3 36 KB
12 KB 22ms
21ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3267
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 68ms
67ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=21&q=0&yco=0&yt=0&xco=0&xt=0&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=9&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=150&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312694483&de=103814470250&cu=1618312694483&m=9874&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3417&cd=498&ah=3417&am=498&rf=0&re=0&wb=1&cl=0&at=0&d=4914438385%3A2739195827%3A5471012876%3A138322335932&bo=343684595&bd=346123955&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=300x250&zMoatPS=GNO_Money_Article_Mrec_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Article_Mrec_1_1&iq=na&tt=na&tc=0&fs=189983&na=194184070&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:24 GMT

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1458 56 KB
5 KB 179ms
176ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2Fgmanetwork.com_2_video_preroll&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&env=vp&correlator=4003687115507331&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480&max_ad_duration=30000&unviewed_position_start=1&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=168905544&sdk_apis=2%2C8&sid=2E5CF2C6-E572-4B53-8DBA-95EFF9DA2BC8&eid=44726393%2C44729227%2C44739826&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312704375&cookie_enabled=1&scor=2730787485116429&ged=ve4_td0_tt0_pd0_la0_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

bd846ebfe2fb654a6c2d527f20e2ec6e316762fc226758e8806f83df3de9cef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5320
x-xss-protection: 0
google-lineitem-id: 5587221977,5587227017,5587215248
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138337003609,138336562634,138336605913
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 9649 156 B
154 B 218ms
217ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21733955780%2Fgmanetwork.com_video_USD1.85&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3732498627324985&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2246891602&sdk_apis=2%2C8&sid=4B0AB406-8A44-4DCE-8C90-95F8EA571625&eid=44729227%2C44730612%2C44739825&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312704383&cookie_enabled=1&scor=806262626645744&ged=ve4_td0_tt0_pd0_la0_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2964 156 B
143 B 186ms
186ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21686950643%2FNV%2Fnovovideo_1.72&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3349242062442548&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=578828608&sdk_apis=2%2C8&sid=7A0D8C56-E2CB-4FE6-99CE-B2843E2E34D4&eid=420706098%2C44729227%2C44739825&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312704562&cookie_enabled=1&scor=2263007010694679&ged=ve4_td0_tt0_pd0_la0_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame B386 156 B
143 B 211ms
206ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21686950643%2FNV2%2Fnovovideo_1.72&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4213652083550822&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=3998292490&sdk_apis=2%2C8&sid=A1E5B182-5D13-4B77-A094-3257AB9C51E0&eid=44729227%2C44737599&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312704568&cookie_enabled=1&scor=3829918944822767&ged=ve4_td0_tt0_pd0_la0_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 av Show response
yieldbird-d.openx.net/v/1.0/ Frame 1458 48 B
251 B 36ms
36ms XHR
text/xml 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://yieldbird-d.openx.net/v/1.0/av?auid=543857870&url=https://www.gmanetwork.com/news/money/companies/783509/airasia-rolls-out-p1-fare-promo/story/%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&cb=511370013&vwd=&vht=
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.2 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:24 GMT
content-encoding: gzip
server: OXGW/16.205.2
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1458 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-Q050 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 1458 42 B
66 B 29ms
28ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BTz5VAH51YOr_GJTz3wPX9pyYCca4t_dFAAAAEAEgo9uJIjgAWNnQnKyDBGD1lc6B4ASyARJ3d3cuZ21hbmV0d29yay5jb226AQs0MDB4MzAwX3htbMgBBdoB7QFodHRwczovL3d3dy5nbWFuZXR3b3JrLmNvbS9uZXdzL21vbmV5L2NvbXBhbmllcy83ODM1MDkvYWlyYXNpYS1yb2xscy1vdXQtcDEtZmFyZS1wcm9tby9zdG9yeS8_X2hzbWk9ODg5NzQ3NDQmX2hzZW5jPXAyQU5xdHotLUIxOGhDWThuanlManpWMFNmRGRZNHVuNEVvdHJONElFY0V0UXB5TXNZT29GUkJvcEU3TUZYUmpvZVVFSXVnaHJtcURiLTVYeWdlRkxnYnVWVGZaUTN5S0NvS1JWN1VwaUs2eFdfSWVuNTRIY2pPX1GpAvW2vqGZmJE-wAIC4AIA6gIoLzUyNTU1Mzg3L2dtYW5ldHdvcmsuY29tXzJfdmlkZW9fcHJlcm9sbPgCgdIekAPIBpgDyAaoAwHQBJBO4AQB0gUGENn7mOgUkAYBoAYkqAfs1RuoB_PRG6gHltgb2AcA4AcP0ggHCIBhEAEYHdgIAoAKBZgLAYAMAdAVAYAXAQ&sigh=DUMPXrIdk_M&label=videoplayfailed303&acvw=[VIEWABILITY]&sdkv=h.3.450.0&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1ODcyMjE5NzdAyQFSGSUAAPBBOgd1bmtub3duQgd1bmtub3duUAAYAQ..

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1458 949 B
1 KB 27ms
26ms XHR
application/xml 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 76b20609fd48de2655d2317fa8cf34f918a4407ed0ed165e29f090998214c23d

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:24 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
ETag: "461ced-23ca-5b1869b8fc7b9"
Vary: Origin, Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 591
Expires: Tue, 13 Apr 2021 11:18:24 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 31ms
28ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312694883&de=510407129504&cu=1618312694883&m=10093&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=1&ag=10051&an=5145&gi=1&gf=10051&gg=5145&ix=10051&ic=10051&ez=1&ck=1290&kw=762&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10051&bx=5145&ci=1290&jz=762&dj=1&aa=1&ad=9670&cn=4764&gn=1&gk=9670&gl=4764&ik=9670&co=1448&cp=1299&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9859&cd=4809&ah=9859&am=4809&rf=0&re=1&ft=4871&fv=4764&fw=909&wb=2&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566858&bo=343684595&bd=346123355&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=728x90&zMoatPS=GNO_Money_Article_Leaderboard_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Article_Leaderboard_1_1&iq=na&tt=na&tc=0&fs=189983&na=1480110192&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:25 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 113ms
113ms XHR
text/plain 52.206.198.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=26232&t=1618312699&cip=37.120.213.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1618312699031-938042847281-020198-002-004901&cha=0.7&cb=59803934945&d9=0000&AV_WIDTH=300&AV_HEIGHT=250
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.198.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-198-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 13 Apr 2021 11:18:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 1458 0
54 B 106ms
106ms Other
image/gif 2607:f8b0:4004:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knfxlm8c&c=4904382487372&slotId=2452191243686&qqid=COr_hs-M--8CFZT5dwodVzsHkw&gqid=AH51YIuoGNuKjuwP1Zy-0AI&fb=ima-html5&sdkv=h.3.450.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&ghmsh_eids=44726393%2C44729227%2C44739826&vmfc=1&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:803::2003 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 1458 42 B
89 B 28ms
28ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BRVhhAH51YNPNIJTz3wPX9pyYCfm4t_dFAAAAEAEgo9uJIjgAWMrbgayDBGD1lc6B4ASyARJ3d3cuZ21hbmV0d29yay5jb226AQs0MDB4MzAwX3htbMgBBdoB7QFodHRwczovL3d3dy5nbWFuZXR3b3JrLmNvbS9uZXdzL21vbmV5L2NvbXBhbmllcy83ODM1MDkvYWlyYXNpYS1yb2xscy1vdXQtcDEtZmFyZS1wcm9tby9zdG9yeS8_X2hzbWk9ODg5NzQ3NDQmX2hzZW5jPXAyQU5xdHotLUIxOGhDWThuanlManpWMFNmRGRZNHVuNEVvdHJONElFY0V0UXB5TXNZT29GUkJvcEU3TUZYUmpvZVVFSXVnaHJtcURiLTVYeWdlRkxnYnVWVGZaUTN5S0NvS1JWN1VwaUs2eFdfSWVuNTRIY2pPX1GpAvW2vqGZmJE-wAIC4AIA6gIoLzUyNTU1Mzg3L2dtYW5ldHdvcmsuY29tXzJfdmlkZW9fcHJlcm9sbPgCgdIekAPIBpgDyAaoAwHQBJBO4AQB0gUGEImjmegUkAYBoAYkqAfs1RuoB_PRG6gHltgb2AcA4AcP0ggHCIBhEAEYHdgIAoAKBZgLAYAMAdAVAYAXAQ&sigh=fNdS_xMJv-k&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.450.0&vci=[CREATIVE_PLAYBACK]

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1458 0
64 B 54ms
54ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGB8hUQmbGQnus3AaJuIlxTUgGos_wcI2OG3LQlakGTfzHbvjfme4NlzzCKv4tbtLPl-WzDEGl4XmfPW6WS8qOjU7kdZb3Nzqy3W5n5JERHU63SDL904_cA3kWrVxLCKVMpFpPILLehxySchrSGzHU3PIqPSUhUNo0M9t4KJbB3geWVJVMiASiKcDuRvsxksvZ410tl2_ThHyOCTIR4bNSqyvvXEFu3IS7GD3d8S682-v8f5vzZHRNZ33Vdns-mQJ6CnXEbRypI8tn_8HGkbc9PLqwSvBJduzPQu2Rsx_cu3Kfcw7UHyaZzaJoQK1mVBchj5iYKiP4&sig=Cg0ArKJSzG-r5-YYP-_fEAE&sdkv=h.3.450.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1ODcyMjcwMTcyDDEzODMzNjU2MjYzNEDJAQpRCAESEnZwYWlkLnB1Ym1hdGljLmNvbRoIUHViTWF0aWMgAyoLUE1fVlBBSURfQURApwNSHSUAAPBBKAE6B3Vua25vd25CB3Vua25vd25QAGABGAE.&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D511 50 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f2e894b7e3b50ebc842bf653792c63d598ac4b6345c279aaef7616a63f19341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 18:18:28 GMT
server: sffe
age: 498
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:25:07 GMT

GET
H/1.1 200
OK PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame D511 150 KB
35 KB 39ms
39ms Script
text/javascript 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 07:24:19 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1408294-257f0-5b82218515d54"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35684

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 9148 38 KB
14 KB 82ms
38ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.gmanetwork.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: PUBMDCID=3; pp=155949
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

Last-Modified: Thu, 01 Apr 2021 09:51:48 GMT
ETag: "13006b6-98c9-5bee62e0efabf"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14061
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=63988
Expires: Wed, 14 Apr 2021 05:04:53 GMT
Date: Tue, 13 Apr 2021 11:18:25 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame D511 38 KB
14 KB 88ms
38ms Script
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Apr 2021 09:51:48 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-98c9-5bee62e0efabf"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=63988
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 14061
Expires: Wed, 14 Apr 2021 05:04:53 GMT

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9148 8 KB
9 KB 100ms
31ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=76844804&p=155949&s=795633&a=3435469&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f9c0d2edd6b9f155d27006421ca61b87746dde42c4caad0cde8c6356567d2871

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:23 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST csi
csi.gstatic.com/ Frame 875C 0
0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 9148
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBvks584us_bUa16URk6Ecs&google_cver=1

42 B
855 B

141ms
32ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBvks584us_bUa16URk6Ecs&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:25 GMT
X-lat: lhrpug008:0:685
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBvks584us_bUa16URk6Ecs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 9148 43 B
609 B 28ms
27ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=76844804&p=155949&s=795633&a=3435469&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 12 Apr 2021 11:18:25 GMT

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame D490 43 B
326 B 43ms
43ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=76844804&p=155949&s=795633&a=3435469&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Tue, 13 Apr 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1023
x-powered-by: ASP.NET
date: Tue, 13 Apr 2021 11:18:25 GMT
content-length: 43

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 9148
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a1898f38-2ee5-4d3b-8701-cc2077a63b07

42 B
882 B

64ms
26ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a1898f38-2ee5-4d3b-8701-cc2077a63b07
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:23 GMT
X-lat: amspug013:0:398
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a1898f38-2ee5-4d3b-8701-cc2077a63b07
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 9148
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6102205540189106618

42 B
801 B

31ms
25ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6102205540189106618
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:24 GMT
X-lat: amspug007:0:566
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:25 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6102205540189106618
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame BF98
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=418119563271671826

42 B
768 B

143ms
34ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=418119563271671826
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=76844804&p=155949&s=795633&a=3435469&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Tue, 13 Apr 2021 11:18:25 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-418119563271671826; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-May-2021 11:18:25 GMT; path=/ PugT=1618312705; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-May-2021 11:18:25 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 12-Jul-2021 11:18:25 GMT; path=/
X-lat: lhrpug003:0:312
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=418119563271671826
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame 9B87
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDYlcwN0E2dndBQUNuSk5sNXNVZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
0

43ms
42ms

Document
image/gif

54.220.102.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.220.102.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-102-114.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bito=AACbW07A6vwAACnJNl5sUg; bitoIsSecure=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 13 Apr 2021 11:18:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Tue, 13 Apr 2021 11:18:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7D8E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950600142692022411

42 B
771 B

79ms
38ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950600142692022411
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=76844804&p=155949&s=795633&a=3435469&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Tue, 13 Apr 2021 11:18:23 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6950600142692022411; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-May-2021 11:18:23 GMT; path=/ PugT=1618312703; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-May-2021 11:18:23 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 12-Jul-2021 11:18:23 GMT; path=/
X-lat: amspug003:0:585
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Tue, 13 Apr 2021 11:18:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6950600142692022411; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950600142692022411

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 8968
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=hKZUTVIEts8HnR2milX4Womm

42 B
775 B

120ms
39ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=hKZUTVIEts8HnR2milX4Womm
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=76844804&p=155949&s=795633&a=3435469&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Tue, 13 Apr 2021 11:18:25 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_409=22966-hKZUTVIEts8HnR2milX4Womm; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-May-2021 11:18:25 GMT; path=/ PugT=1618312705; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-May-2021 11:18:25 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 12-Jul-2021 11:18:25 GMT; path=/
X-lat: lhrpug012:0:451
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: openresty
date: Tue, 13 Apr 2021 11:18:25 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=hKZUTVIEts8HnR2milX4Womm; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=hKZUTVIEts8HnR2milX4Womm
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 1DF8 43 B
408 B 179ms
48ms Document
image/gif 173.231.180.197
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=76844804&p=155949&s=795633&a=3435469&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Tue, 13 Apr 2021 11:18:25 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-1
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET i.match
a.tribalfusion.com/ Frame 82DD 0
0

GET
H/1.1

200
OK

Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 53AD
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=ni160itji1Xd&pid=557219

1 B
0

34ms
29ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=ni160itji1Xd&pid=557219
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=76844804&p=155949&s=795633&a=3435469&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: PUBMDCID=3; KRTBCOOKIE_1101=23040-6950600142692022411; KRTBCOOKIE_409=22966-hKZUTVIEts8HnR2milX4Womm; KRTBCOOKIE_336=5844-418119563271671826; KRTBCOOKIE_27=16735-uid:fa086075-7e01-4b00-a6d7-611b5392f9ad&KRTB&16736-uid:fa086075-7e01-4b00-a6d7-611b5392f9ad&KRTB&23019-uid:fa086075-7e01-4b00-a6d7-611b5392f9ad&KRTB&23114-uid:fa086075-7e01-4b00-a6d7-611b5392f9ad; KRTBCOOKIE_377=6810-a1898f38-2ee5-4d3b-8701-cc2077a63b07&KRTB&22918-a1898f38-2ee5-4d3b-8701-cc2077a63b07&KRTB&23031-a1898f38-2ee5-4d3b-8701-cc2077a63b07; KRTBCOOKIE_391=22924-6102205540189106618&KRTB&23263-6102205540189106618; KRTBCOOKIE_80=16514-CAESEBvks584us_bUa16URk6Ecs&KRTB&22987-CAESEBvks584us_bUa16URk6Ecs&KRTB&23025-CAESEBvks584us_bUa16URk6Ecs; KRTBCOOKIE_153=1923-BHJcAQUnWwUfIFMHUCZGVgRzUwYfJF5RUHHK7lSU&KRTB&19420-BHJcAQUnWwUfIFMHUCZGVgRzUwYfJF5RUHHK7lSU&KRTB&22979-BHJcAQUnWwUfIFMHUCZGVgRzUwYfJF5RUHHK7lSU; KRTBCOOKIE_22=14911-3113209233135258871; pp=155949; KRTBCOOKIE_57=22776-1852934620691920909; PugT=1618312705
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Tue, 13 Apr 2021 11:18:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 12-Jul-2021 11:18:24 GMT; path=/
X-lat: amspug004:0:378
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-7c488d4f5b-bdsjx
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
set-cookie: V=ni160itji1Xd;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Fri, 08-Apr-2022 11:18:25 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=6a1dcc63c277bc03; path=/; HttpOnly; Secure; SameSite=None
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=ni160itji1Xd&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame 8290 42 B
264 B 47ms
9ms Document
image/gif 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 13 Apr 2021 11:18:25 GMT
content-type: image/gif
content-length: 42
set-cookie: __cfduid=d2dc5e56def26a8ac0b8d77c1c617af8f1618312705; expires=Thu, 13-May-21 11:18:25 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-2tzg
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 096c8d4e3500004eeb84aa7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63f44b29ef364eeb-FRA

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame A11D
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=04df0219-f278-4529-8dd4-c5b7ac827712-tuct76f0381&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
58 B

35ms
29ms

Document
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=04df0219-f278-4529-8dd4-c5b7ac827712-tuct76f0381&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=76844804&p=155949&s=795633&a=3435469&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=04df0219-f278-4529-8dd4-c5b7ac827712-tuct76f0381&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=04df0219-f278-4529-8dd4-c5b7ac827712-tuct76f0381
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Tue, 13 Apr 2021 11:18:25 GMT
via: 1.1 varnish
x-served-by: cache-hhn11566-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1618312706.768447,VS0,VE8
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=04df0219-f278-4529-8dd4-c5b7ac827712-tuct76f0381;Version=1;Path=/;Domain=.taboola.com;Expires=Wed, 13-Apr-2022 11:18:25 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=04df0219-f278-4529-8dd4-c5b7ac827712-tuct76f0381&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Tue, 13 Apr 2021 11:18:25 GMT
via: 1.1 varnish
x-served-by: cache-hhn11566-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1618312706.616596,VS0,VE73
x-vcl-time-ms: 73
content-length: 0

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 3560 0
39 B 176ms
111ms Document
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=76844804&p=155949&s=795633&a=3435469&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Tue, 13 Apr 2021 11:18:25 GMT
server: b

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame F842
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

95 B
0

27ms
26ms

Document
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.tapad.com
:scheme: https
:path: /idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TapAd_TS=1618312705808; TapAd_DID=f7282106-9c49-11eb-b55f-7a1f6a42cc49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 13 Apr 2021 11:18:25 GMT
strict-transport-security: max-age=31536000
content-type: image/png
content-length: 95
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

Redirect headers

date: Tue, 13 Apr 2021 11:18:25 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1618312705808;Expires=Sat, 12 Jun 2021 11:18:25 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=f7282106-9c49-11eb-b55f-7a1f6a42cc49;Expires=Sat, 12 Jun 2021 11:18:25 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length: 0
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9148
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R4BQI0ybSQ2S3ogiJZNA1w%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R4BQI0ybSQ2S3ogiJZNA1w%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

70ms
22ms

Image
text/html

184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=138484
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Thu, 15 Apr 2021 01:46:29 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 9148 95 B
387 B 111ms
40ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=47805023-4C9B-490D-92DE-8822259340D7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 63f44b2a4e862b1a-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 096c8d4e7000002b1a08af8000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 9148
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=47805023-4C9B-490D-92DE-8822259340D7&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=47805023-4C9B-490D-92DE-8822259340D7&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

89ms
54ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=47805023-4C9B-490D-92DE-8822259340D7&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:24 GMT
frontend-id: 15
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:23 GMT
frontend-id: 15
location: /pubmatic/1/info2?sType=sync&sExtCookieId=47805023-4C9B-490D-92DE-8822259340D7&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 9148
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=47805023-4C9B-490D-92DE-8822259340D7&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=47805023-4C9B-490D-92DE-8822259340D7&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=47805023-4C9B-490D-92DE-8822259340D7&addseg=31

7 B
147 B

90ms
31ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=47805023-4C9B-490D-92DE-8822259340D7&addseg=31
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:25 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Tue, 13 Apr 2021 11:18:25 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=47805023-4C9B-490D-92DE-8822259340D7&addseg=31
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 9148
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDc4MDUwMjMtNEM5Qi00OTBELTkyREUtODgyMjI1OTM0MEQ3&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDc4MDUwMjMtNEM5Qi00OTBELTkyREUtODgyMjI1OTM0MEQ3&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

37ms
32ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:25 GMT
X-lat: lhrpug014:0:774
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 9148
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:fa086075-7e01-4b00-a6d7-611b5392f9ad&gdpr=0&gdpr_consent=

42 B
946 B

60ms
24ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:fa086075-7e01-4b00-a6d7-611b5392f9ad&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:25 GMT
X-lat: amspug020:0:423
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Tue, 13 Apr 2021 11:18:25 GMT
Server: MT3 3660 495c301 master zrh-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:fa086075-7e01-4b00-a6d7-611b5392f9ad&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 13 Apr 2021 11:18:24 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 9148
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1852934620691920909&gdpr=0&gdpr_consent=

42 B
769 B

41ms
32ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1852934620691920909&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:25 GMT
X-lat: lhrpug013:0:377
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:25 GMT
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.69:80
AN-X-Request-Uuid: 85784f87-5c7a-4c05-9895-e8a21e62606a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1852934620691920909&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

sync
x.bidswitch.net/ Frame 9148
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=6804e922-711b-476b-990a-2d9bef2096c9&ssp=pubmatic

0
0

GET
H2 200 47805023-4C9B-490D-92DE-8822259340D7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9148 43 B
586 B 101ms
39ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/47805023-4C9B-490D-92DE-8822259340D7?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:25 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 9148
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=47805023-4C9B-490D-92DE-8822259340D7&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=47805023-4C9B-490D-92DE-8822259340D7&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.1cG.SVE2uVrtCzdt0gQotwy_nJjn9U-~A&gdpr=0&gdpr_consent=

0
573 B

88ms
25ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.1cG.SVE2uVrtCzdt0gQotwy_nJjn9U-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:24 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 13 Apr 2021 11:18:25 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.1cG.SVE2uVrtCzdt0gQotwy_nJjn9U-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 9148
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BHJcAQUnWwUfIFMHUCZGVgRzUwYfJF5RUHHK7lSU

42 B
894 B

32ms
32ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BHJcAQUnWwUfIFMHUCZGVgRzUwYfJF5RUHHK7lSU
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:25 GMT
X-lat: lhrpug009:0:473
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:25 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BHJcAQUnWwUfIFMHUCZGVgRzUwYfJF5RUHHK7lSU
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 9148
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3113209233135258871&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

27ms
27ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3113209233135258871&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:24 GMT
X-lat: amspug012:0:523
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3113209233135258871&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 13 Apr 2021 11:18:24 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 9148
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHV_AQAAAZo6rQBg&gdpr=0&gdpr_consent=&_test=YHV_AQAAAZo6rQBg

0
0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 9148
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5bc66665-e5cf-4d25-beb8-e81999edbf5f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

26ms
24ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5bc66665-e5cf-4d25-beb8-e81999edbf5f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:24 GMT
X-lat: amspug019:0:496
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5bc66665-e5cf-4d25-beb8-e81999edbf5f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Tue, 13 Apr 2021 11:18:25 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET

pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9148
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=

0
0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 9148 0
103 B 24ms
23ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=47805023-4C9B-490D-92DE-8822259340D7&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:25 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET

getuid
secure.adnxs.com/ Frame 9148
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

0
0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 9148
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4a5ebf21-1ea6-4977-ba26-c2d2a8d54f9c

42 B
790 B

33ms
30ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4a5ebf21-1ea6-4977-ba26-c2d2a8d54f9c
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:24 GMT
X-lat: amspug004:0:425
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4a5ebf21-1ea6-4977-ba26-c2d2a8d54f9c
date: Tue, 13 Apr 2021 11:18:25 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 31ms
31ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312695197&de=155808745231&cu=1618312695197&m=10463&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=1&ag=10442&an=5081&gi=1&gf=10442&gg=5081&ix=10442&ic=10442&ez=1&ck=1275&kw=711&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10442&bx=5081&ci=1275&jz=711&dj=1&aa=1&ad=10087&cn=4726&gn=1&gk=10087&gl=4726&ik=10087&co=1863&cp=1284&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10002&cd=4871&ah=10002&am=4871&rf=0&re=0&wb=2&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566855&bo=343684595&bd=346125515&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=300x250&zMoatPS=GNO_Money_Mrec_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Mrec_1_1&iq=na&tt=na&tc=0&fs=189983&na=1623101273&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:25 GMT

GET
H/1.1 200
OK AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame D511 27 B
754 B 111ms
101ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=250&vw=300&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+7+6&gdpr=0&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE&cb=1618312705174&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.gmanetwork.com%252Fnews%252Fmoney%252Fcompanies%252F783509%252Fairasia-rolls-out-p1-fare-promo%252Fstory%252F%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.gmanetwork.com%252Fnews%252Fmoney%252Fcompanies%252F783509%252Fairasia-rolls-out-p1-fare-promo%252Fstory%252F%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-4-13%2013:18:25&ranreq=0.17854797747703555&timezone=2&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:25 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
X-Vdbg
Content-Type: application/xml; charset=utf-8

GET
H/1.1 200
OK track
aktrack.pubmatic.com/ Frame D511 0
124 B 89ms
24ms Image
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=155949&s=795633&a=3435469&ts=1618312706&wa=0&e=95&vc=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:25 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 27ms
22ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F4171578170316872703&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312695197&de=155808745231&cu=1618312695197&m=10729&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=1&ag=10707&an=10442&gi=1&gf=10707&gg=10442&ix=10707&ic=10707&ez=1&ck=1275&kw=711&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10707&bx=10442&ci=1275&jz=711&dj=1&aa=1&ad=10352&cn=10087&gn=1&gk=10352&gl=10087&ik=10352&co=1863&cp=1284&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10451&cd=10002&ah=10451&am=10002&rf=0&re=0&wb=2&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566855&bo=343684595&bd=346125515&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=300x250&zMoatPS=GNO_Money_Mrec_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Mrec_1_1&iq=na&tt=na&tc=0&fs=189983&na=80900416&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:25 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 1458 42 B
115 B 28ms
27ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BRVhhAH51YNPNIJTz3wPX9pyYCfm4t_dFAAAAEAEgo9uJIjgAWMrbgayDBGD1lc6B4ASyARJ3d3cuZ21hbmV0d29yay5jb226AQs0MDB4MzAwX3htbMgBBdoB7QFodHRwczovL3d3dy5nbWFuZXR3b3JrLmNvbS9uZXdzL21vbmV5L2NvbXBhbmllcy83ODM1MDkvYWlyYXNpYS1yb2xscy1vdXQtcDEtZmFyZS1wcm9tby9zdG9yeS8_X2hzbWk9ODg5NzQ3NDQmX2hzZW5jPXAyQU5xdHotLUIxOGhDWThuanlManpWMFNmRGRZNHVuNEVvdHJONElFY0V0UXB5TXNZT29GUkJvcEU3TUZYUmpvZVVFSXVnaHJtcURiLTVYeWdlRkxnYnVWVGZaUTN5S0NvS1JWN1VwaUs2eFdfSWVuNTRIY2pPX1GpAvW2vqGZmJE-wAIC4AIA6gIoLzUyNTU1Mzg3L2dtYW5ldHdvcmsuY29tXzJfdmlkZW9fcHJlcm9sbPgCgdIekAPIBpgDyAaoAwHQBJBO4AQB0gUGEImjmegUkAYBoAYkqAfs1RuoB_PRG6gHltgb2AcA4AcP0ggHCIBhEAEYHdgIAoAKBZgLAYAMAdAVAYAXAQ&sigh=fNdS_xMJv-k&label=videoplayfailed901&acvw=&sdkv=h.3.450.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1ODcyMjcwMTcyDDEzODMzNjU2MjYzNEDJAQpWCAESEnZwYWlkLnB1Ym1hdGljLmNvbRoIUHViTWF0aWMgAyoLUE1fVlBBSURfQURApwNSIhAEJQAA8EEoAToHdW5rbm93bkIHdW5rbm93bkjMBlAAYAEYAQ..

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track
aktrack.pubmatic.com/ Frame 1458 0
124 B 22ms
21ms Image
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=155949&s=795633&a=3435469&ts=1618312704&wa=0&e=96&ier=901
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:25 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

GET
H2 200 / Show response
adx3.adform.net/adx/ Frame 1458 65 B
744 B 712ms
257ms XHR
text/xml 185.84.60.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx3.adform.net/adx/?mid=952563&t=2

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:26 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3-Q050 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 1458 42 B
129 B 31ms
28ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BtDv-AH51YNTNIJTz3wPX9pyYCfC4t_dFAAAAEAEgo9uJIjgAWNmthKyDBGD1lc6B4ASyARJ3d3cuZ21hbmV0d29yay5jb226AQs0MDB4MzAwX3htbMgBBdoB7QFodHRwczovL3d3dy5nbWFuZXR3b3JrLmNvbS9uZXdzL21vbmV5L2NvbXBhbmllcy83ODM1MDkvYWlyYXNpYS1yb2xscy1vdXQtcDEtZmFyZS1wcm9tby9zdG9yeS8_X2hzbWk9ODg5NzQ3NDQmX2hzZW5jPXAyQU5xdHotLUIxOGhDWThuanlManpWMFNmRGRZNHVuNEVvdHJONElFY0V0UXB5TXNZT29GUkJvcEU3TUZYUmpvZVVFSXVnaHJtcURiLTVYeWdlRkxnYnVWVGZaUTN5S0NvS1JWN1VwaUs2eFdfSWVuNTRIY2pPX1GpAvW2vqGZmJE-wAIC4AIA6gIoLzUyNTU1Mzg3L2dtYW5ldHdvcmsuY29tXzJfdmlkZW9fcHJlcm9sbPgCgdIekAPIBpgDyAaoAwHQBJBO4AQB0gUGEJDHmOgUkAYBoAYkqAfs1RuoB_PRG6gHltgb2AcA4AcP0ggHCIBhEAEYHdgIAoAKBZgLAYAMAdAVAYAXAQ&sigh=JvHl1FVJSCE&label=videoplayfailed303&acvw=[VIEWABILITY]&sdkv=h.3.450.0&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1ODcyMTUyNDhAyQFSGSUAAPBBOgd1bmtub3duQgd1bmtub3duUAAYAQ..

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vast2 Show response
tag.1rx.io/rmp/202011/0/ 168 B
487 B 52ms
49ms XHR
application/xml 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/202011/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&w=300&h=250&schain=1.0,1!vidcrunch.com,5eea0864e08b0760d33128ae,1,,Gmanetwork.com,Gmanetwork.com&us_privacy=1---&ip=37.120.213.100&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lon=8.44500&lat=47.39400&cbb=8312706758
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:26 GMT
Server: Tengine
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 168

GET
H/1.1 200
OK 12268545 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 84ms
40ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/12268545?_fw_gdpr=0&_fw_gdpr_consent=&_fw_us_privacy=1---&schain=1.0,1!vidcrunch.com,5eea0864e08b0760d33128ae,1,,Gmanetwork.com,Gmanetwork.com&cbb=8312706758
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c68277ab847bf67223fc2a789cc228540926e41dc9248f14247f3f9215863931

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:26 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1328
x-sticky-vk: 1618312706703057-81
Expires: Tue, 13 Apr 2021 11:18:26 GMT

GET
H2 200 advast Show response
ice.360yield.com/ 27 B
444 B 127ms
125ms XHR
application/xml 18.185.208.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/advast?p=22324347&w=16&h=9&player_width=300&player_height=250&referrer=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&schain=1.0,1!vidcrunch.com,5eea0864e08b0760d33128ae,1,,Gmanetwork.com,Gmanetwork.com&us_privacy=1---&cbb=8312706759
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.208.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:26 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK 12268577 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 98ms
47ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/12268577?_fw_gdpr=0&_fw_gdpr_consent=&_fw_us_privacy=1---&schain=1.0,1!vidcrunch.com,5eea0864e08b0760d33128ae,1,,Gmanetwork.com,Gmanetwork.com&cbb=8312706760
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 315f54dd8c1a6f22eb5e39853aab27e9f22da12f50e56e7a0ab870087f7b904e

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:26 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1328
x-sticky-vk: 1618312706703066-81
Expires: Tue, 13 Apr 2021 11:18:26 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.206.198.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=26232&t=1618312699&cip=37.120.213.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1618312699031-938042847281-020198-002-004901&cha=0.7&cb=59803934945&d9=0000&AV_WIDTH=300&AV_HEIGHT=250&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=request&cb=1618312706762&asid=5ff589dc4b337c40965101c3%2C602d2c85082e28357f77e7e8%2C6000b9ec9e10b015a725e2ea%2C5eeb62382e9087423f2047ea%2C5e17488228a06163020cc073%2C5f3e3920763ad5309400b589%2C5eeb61d689e42756c3479a25%2C5fd5d85915b86d7ecd0a28ea%2C5eeb769c64dc3851426b47d7%2C5f8eb19c8c493a3dc02fd4e7%2C5f9b07e039fc2e74ed5ef690%2C5f3e3919aec02a723d5318c3%2C600e8e3f296ae010c47c2094%2C5f2fd7715c5fcc3dbb4252c1&ofpr=%2C%2C%2C1.4%2C%2C%2C1.4%2C2%2C%2C1.3%2C1.3%2C%2C1.3%2C1.3&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.198.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-198-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:26 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 31ms
29ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 hb Show response
ice.360yield.com/ 98 B
516 B 115ms
106ms XHR
application/json 18.185.208.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2248569c5e023accb%22%2C%22version%22%3A%227.2.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%225eea0864e08b0760d33128ae%22%2C%22rid%22%3A%221d6b5ceec65a6188be877b2c23cd07c2_1723149115%22%2C%22name%22%3A%22Gmanetwork.com%22%2C%22hp%22%3A1%2C%22domain%22%3A%22Gmanetwork.com%22%2C%22asi%22%3A%22vidcrunch.com%22%7D%5D%2C%22complete%22%3A1%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223769b994899e2b%22%2C%22ad_types%22%3A%5B%22video%22%5D%2C%22bidfloor%22%3A2%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22416254%2C%22tid%22%3A%224ce3db35-587f-4fe6-abfe-111bc1977983%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.208.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8e5bfc6760fd19035a4913bacbada3a4474ed9b448216a383c74404b60470536

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:26 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 98
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/205428/0/ 0
275 B 50ms
49ms XHR
text/plain 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=4.25,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:26 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 29ms
27ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:26 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/205427/0/ 0
275 B 49ms
49ms XHR
text/plain 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205427/0/mvo?z=1r&hbv=4.25,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:26 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
1 KB 142ms
62ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

16978ae4adfdf7c4d988e22aef36c25c4ccdf8eb397d713049c8c221cc29153b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:26 GMT
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.39:80
AN-X-Request-Uuid: bf065a7f-ec97-4bfa-b4f9-bbe742576cd3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
580 B 253ms
212ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12967601&componentId=prebid&componentSubId=mustang&timestamp=1618312706791&pKey=1042482844&schain=1.0%2C1!vidcrunch.com%2C5eea0864e08b0760d33128ae%2C1%2C%2CGmanetwork.com%2CGmanetwork.com&loc=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&playerSize=300x250
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:27 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1618312706655072-92
Expires: Tue, 13 Apr 2021 11:18:27 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 116ms
115ms Image
text/plain 52.206.198.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=26232&t=1618312699&cip=37.120.213.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1618312699031-938042847281-020198-002-004901&cha=0.7&cb=59803934945&d9=0000&AV_WIDTH=300&AV_HEIGHT=250&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=bid&cb=1618312707056&asid=5ff589dc4b337c40965101c3%2C602d2c85082e28357f77e7e8%2C6000b9ec9e10b015a725e2ea%2C5f3e3920763ad5309400b589%2C5f3e3919aec02a723d5318c3&ofpr=%2C%2C%2C%2C&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.198.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-198-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 28E0 328 KB
111 KB 27ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1618312707.dop124.fr8.shc,1618312707.dop124.fr8.t,1618312707.cds006.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113077

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 2439 328 KB
111 KB 26ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1618312707.dop245.fr8.shc,1618312707.dop245.fr8.t,1618312707.cds006.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113077

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3984 334 KB
115 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:27 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B160 334 KB
115 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:27 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C5EC 334 KB
115 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:27 GMT

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 28E0 25 KB
25 KB 23ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1618312707250
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:27 GMT
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1618312707.dop244.fr8.shc,1618312707.dop244.fr8.t,1618312707.cds212.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H/1.1

200
OK

user-registering
ads.stickyadstv.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=6c929b6761129c823ebeb866c87615&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g082_6950600151266668596
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NmM5MjliNjc2MTEyOWM4MjNlYmViODY2Yzg3NjE1&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBtzkeW4iaoDRI8JrEV63Lo&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a1898f38-2ee5-4d3b-8701-cc2077a63b07
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=1852934620691920909

43 B
712 B

44ms
44ms

Image
image/gif

184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=1852934620691920909
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:27 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1618312707908020-136
Expires: Tue, 13 Apr 2021 11:18:27 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:27 GMT
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.136:80
AN-X-Request-Uuid: 132605b1-0add-42c4-8015-58a765582bff
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=1852934620691920909
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 28E0 301 B
857 B 36ms
36ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=12268545&loc=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:27 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1618312707162086-136
Expires: Tue, 13 Apr 2021 11:18:27 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 28E0 67 B
721 B 112ms
112ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12268545&_fw_gdpr=0&cbb=8312706758&_fw_us_privacy=1---&_fw_gdpr_consent=&schain=1.0%2C1!vidcrunch.com%2C5eea0864e08b0760d33128ae%2C1%2C%2CGmanetwork.com%2CGmanetwork.com&vav=789653c9899096415337eab9133f76b6&vaviv=c0df58e6ba7df65f98993f8deb4230b7&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&playerSize=300x250&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:27 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1618312707241019-92
Expires: Tue, 13 Apr 2021 11:18:27 GMT

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 2439 25 KB
25 KB 7ms
6ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1618312707282
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:27 GMT
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1618312707.dop244.fr8.shc,1618312707.dop244.fr8.t,1618312707.cds212.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame 2439 0
0

GET
H/1.1

200
OK

user-registering
ads.stickyadstv.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=6c929b6761129c823ebeb866c87615&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g077_6950600151266752485
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NmM5MjliNjc2MTEyOWM4MjNlYmViODY2Yzg3NjE1&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBtzkeW4iaoDRI8JrEV63Lo&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a1898f38-2ee5-4d3b-8701-cc2077a63b07

43 B
731 B

34ms
34ms

Image
image/gif

184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a1898f38-2ee5-4d3b-8701-cc2077a63b07
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:27 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1618312707858078-79
Expires: Tue, 13 Apr 2021 11:18:27 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:27 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a1898f38-2ee5-4d3b-8701-cc2077a63b07
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 245

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 2439 301 B
857 B 43ms
39ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=12268577&loc=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:27 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1618312707305011-136
Expires: Tue, 13 Apr 2021 11:18:27 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 2439 67 B
721 B 180ms
161ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12268577&_fw_gdpr=0&cbb=8312706760&_fw_us_privacy=1---&_fw_gdpr_consent=&schain=1.0%2C1!vidcrunch.com%2C5eea0864e08b0760d33128ae%2C1%2C%2CGmanetwork.com%2CGmanetwork.com&vav=789653c9899096415337eab9133f76b6&vaviv=c0df58e6ba7df65f98993f8deb4230b7&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&playerSize=300x250&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:27 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1618312707299045-23
Expires: Tue, 13 Apr 2021 11:18:27 GMT

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9242 574 KB
187 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462897
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C5EC 44 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C5EC 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM5MjliNjc2MTEyOWM4MjNlYmViODY2Yzg3NjE1&gdpr=0&gdpr_consent=

170 B
224 B

33ms
32ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM5MjliNjc2MTEyOWM4MjNlYmViODY2Yzg3NjE1&gdpr=0&gdpr_consent=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:27 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM5MjliNjc2MTEyOWM4MjNlYmViODY2Yzg3NjE1&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1618312707300035-114
Expires: Tue, 13 Apr 2021 11:18:27 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=6c929b6761129c823ebeb866c87615&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

370ms
129ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=6c929b6761129c823ebeb866c87615&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:27 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:27 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=6c929b6761129c823ebeb866c87615&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1618312707131099-81
Expires: Tue, 13 Apr 2021 11:18:27 GMT

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame CCFD 574 KB
187 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462897
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B160 44 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:27 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame B160 107 B
146 B 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2382 574 KB
187 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462897
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 3984 44 KB
16 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:27 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3984 107 B
123 B 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET user-matching
ads.stickyadstv.com/ Frame 2439 0
0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM5MjliNjc2MTEyOWM4MjNlYmViODY2Yzg3NjE1&gdpr=0&gdpr_consent=

170 B
190 B

36ms
34ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM5MjliNjc2MTEyOWM4MjNlYmViODY2Yzg3NjE1&gdpr=0&gdpr_consent=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:27 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM5MjliNjc2MTEyOWM4MjNlYmViODY2Yzg3NjE1&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1618312707300083-114
Expires: Tue, 13 Apr 2021 11:18:27 GMT

GET user-matching
ads.stickyadstv.com/ Frame 2439 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=6c929b6761129c823ebeb866c87615&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

382ms
117ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=6c929b6761129c823ebeb866c87615&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:27 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:27 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=6c929b6761129c823ebeb866c87615&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1618312707300082-114
Expires: Tue, 13 Apr 2021 11:18:27 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5155 36 KB
12 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3270
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8E53 36 KB
12 KB 19ms
19ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3270
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FAF9 36 KB
12 KB 19ms
19ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3270
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 9242 156 B
147 B 153ms
153ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21733955780%2Fgmanetwork.com_video_USD1.85&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1323471486651632&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=578828608&sdk_apis=2%2C8&sid=4739674A-573C-4647-AE9F-943EB8FEB036&eid=44729226%2C75259402&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312707852&cookie_enabled=1&scor=4133816777240090&ged=ve4_td1_tt1_pd1_la1000_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame CCFD 156 B
166 B 206ms
205ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21686950643%2FNV%2Fnovovideo_1.72&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1909520999605096&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=168905544&sdk_apis=2%2C8&sid=80E602CF-EBCA-4CD1-8CB4-2FA97AD0A7FD&eid=21061817%2C44729226&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312707859&cookie_enabled=1&scor=23819462171179&ged=ve4_td1_tt0_pd1_la1000_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2382 156 B
143 B 213ms
212ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21686950643%2FNV2%2Fnovovideo_1.72&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2282500327154554&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=384668948&sdk_apis=2%2C8&sid=6F25A134-9084-45D4-ABD9-935C06AEDDF0&eid=44729227%2C44736270%2C44739825&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312707868&cookie_enabled=1&scor=2930787250351270&ged=ve4_td1_tt0_pd1_la1000_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 117ms
116ms XHR
text/plain 52.206.198.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=26232&t=1618312699&cip=37.120.213.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1618312699031-938042847281-020198-002-004901&cha=0.7&cb=59803934945&d9=0000&AV_WIDTH=300&AV_HEIGHT=250
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.198.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-198-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 13 Apr 2021 11:18:28 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK vast2 Show response
tag.1rx.io/rmp/202011/0/ 168 B
487 B 54ms
54ms XHR
application/xml 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/202011/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&w=300&h=250&schain=1.0,1!vidcrunch.com,5eea0864e08b0760d33128ae,1,,Gmanetwork.com,Gmanetwork.com&us_privacy=1---&ip=37.120.213.100&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lon=8.44500&lat=47.39400&cbb=8312708109
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:28 GMT
Server: Tengine
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 168

GET
H2 200 advast Show response
ice.360yield.com/ 27 B
445 B 99ms
99ms XHR
application/xml 18.185.208.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/advast?p=22324347&w=16&h=9&player_width=300&player_height=250&referrer=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&schain=1.0,1!vidcrunch.com,5eea0864e08b0760d33128ae,1,,Gmanetwork.com,Gmanetwork.com&us_privacy=1---&cbb=8312708110
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.208.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:28 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 track
track1.aniview.com/ 0
70 B 115ms
115ms Image
text/plain 52.206.198.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=26232&t=1618312699&cip=37.120.213.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1618312699031-938042847281-020198-002-004901&cha=0.7&cb=59803934945&d9=0000&AV_WIDTH=300&AV_HEIGHT=250&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=request&cb=1618312708112&asid=5ff589dc4b337c40965101c3%2C602d2c85082e28357f77e7e8%2C6000b9ec9e10b015a725e2ea%2C5eeb62382e9087423f2047ea%2C5e17488228a06163020cc073%2C5eeb61d689e42756c3479a25%2C5fd5d85915b86d7ecd0a28ea%2C5eeb769c64dc3851426b47d7%2C6005b0143b408362c32b4815%2C5f8eb19c8c493a3dc02fd4e7%2C5f9b07e039fc2e74ed5ef690%2C5f2fd7715c5fcc3dbb4252c1&ofpr=%2C%2C%2C1.4%2C%2C1.4%2C2%2C%2C%2C1.3%2C1.3%2C1.3&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.198.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-198-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:28 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/205427/0/ 0
275 B 45ms
44ms XHR
text/plain 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205427/0/mvo?z=1r&hbv=4.25,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:28 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 43ms
43ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:28 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 30ms
30ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:28 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 hb Show response
ice.360yield.com/ 99 B
517 B 94ms
93ms XHR
application/json 18.185.208.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22626584256e40557%22%2C%22version%22%3A%227.2.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%225eea0864e08b0760d33128ae%22%2C%22rid%22%3A%221d6b5ceec65a6188be877b2c23cd07c2_1723149115%22%2C%22name%22%3A%22Gmanetwork.com%22%2C%22hp%22%3A1%2C%22domain%22%3A%22Gmanetwork.com%22%2C%22asi%22%3A%22vidcrunch.com%22%7D%5D%2C%22complete%22%3A1%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2257f7d515bb69801%22%2C%22ad_types%22%3A%5B%22video%22%5D%2C%22bidfloor%22%3A2%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22416254%2C%22tid%22%3A%229a69a03f-859f-40aa-80df-a78db74fcd96%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.208.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: fd3fd10ff4c1c86e996dd285410125e894120ee2391b97bd5156deef315ea2f7

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:28 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 99
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/205428/0/ 0
275 B 50ms
50ms XHR
text/plain 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=4.25,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:28 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
1 KB 37ms
37ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

79f3a90133c4fcfa088b8726c656b3a329d104a1e80cefe516a6c1da5d7fe263

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:28 GMT
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.234:80
AN-X-Request-Uuid: af4ac586-f3f2-46d1-aebd-92e6615d3087
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 116ms
115ms Image
text/plain 52.206.198.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=26232&t=1618312699&cip=37.120.213.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1618312699031-938042847281-020198-002-004901&cha=0.7&cb=59803934945&d9=0000&AV_WIDTH=300&AV_HEIGHT=250&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=bid&cb=1618312708220&asid=5ff589dc4b337c40965101c3%2C602d2c85082e28357f77e7e8%2C6000b9ec9e10b015a725e2ea%2C6005b0143b408362c32b4815&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.198.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-198-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:28 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
22ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&kq=1&lo=0&qs=1&ak=-&i=GMANMI_CONTENT1&ud=false&qm=-120&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5Eh%3B%3BG%24%2509QAk%7Ci%3E3%24.ekO2m%2F%26u~q%60RP%3CG.FT0J%5D%5B(v%7CQM%3CJ.Vo!Ge%23D3lBuoytIDNmGupI%5B%5B%26u5k72kF0beMQ2%26(rX%3BU4%22s%40_Qx!%40D4%2BFTJKZ%5ESCeSztOJ5p6CGuk%3Fy6lAet66%3CBl%3F%24b%3AameaUc%5EKu%3BUDXp%2B3W%60R2zp%2FTjqU%7B(8fYqbB%7B0%60%23ym7D%5DD7gwb%5DG8F%25uHb%5DQ%22_5.eaL57IM%3C%7D)XLKX2fc%2Cie8!iwGFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.yB%3AU!%2FpwvWUuaU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=5&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=4740&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&fy=268.8125&gp=298&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&f=0&o=3&t=1618312692171&de=103540330375&cu=1618312692653&m=16100&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=298&le=1&gm=1&io=1&ch=0&as=1&ag=15196&an=10186&gf=0&gg=0&ez=1&ck=1202&kw=1169&aj=1&pg=55&pf=55&ib=0&cc=1&bw=15196&bx=10186&undefined=1&ci=1202&jz=1168&dj=1&aa=0&ad=354&cn=354&gk=0&gl=0&cq=1&em=0&en=0&bu=15163&cd=10153&ah=15163&am=10153&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3AAirAsia%20rolls%20out%20P1%20fare%20promo%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=2049344619&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:28 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D4DD 334 KB
115 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:28 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B6F2 334 KB
115 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:28 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BE52 334 KB
115 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:28 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D608 334 KB
115 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:28 GMT

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 46D3 574 KB
187 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462898
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame D4DD 44 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:28 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame D4DD 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2CCA 574 KB
187 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462898
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame D608 44 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:28 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame D608 107 B
146 B 21ms
19ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 18A3 574 KB
187 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462898
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame BE52 44 KB
16 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:28 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame BE52 107 B
123 B 17ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B954 574 KB
187 KB 9ms
8ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462898
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B6F2 44 KB
16 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:28 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame B6F2 107 B
123 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 24ms
23ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=4&hp=1&kq=1&lo=0&qs=1&ak=-&i=GMANMI_CONTENT1&ud=false&qm=-120&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5Eh%3B%3BG%24%2509QAk%7Ci%3E3%24.ekO2m%2F%26u~q%60RP%3CG.FT0J%5D%5B(v%7CQM%3CJ.Vo!Ge%23D3lBuoytIDNmGupI%5B%5B%26u5k72kF0beMQ2%26(rX%3BU4%22s%40_Qx!%40D4%2BFTJKZ%5ESCeSztOJ5p6CGuk%3Fy6lAet66%3CBl%3F%24b%3AameaUc%5EKu%3BUDXp%2B3W%60R2zp%2FTjqU%7B(8fYqbB%7B0%60%23ym7D%5DD7gwb%5DG8F%25uHb%5DQ%22_5.eaL57IM%3C%7D)XLKX2fc%2Cie8!iwGFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.yB%3AU!%2FpwvWUuaU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&qq=000000000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=6&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=4740&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&fy=268.8125&gp=298&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&f=0&o=3&t=1618312692171&de=103540330375&cu=1618312692653&m=16408&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=298&le=1&gm=1&io=1&ch=0&as=1&ag=15505&an=15196&gf=0&gg=0&ez=1&ck=1202&kw=1169&aj=1&pg=55&pf=55&ib=0&cc=1&bw=15505&bx=15196&undefined=1&ci=1202&jz=1168&dj=1&aa=0&ad=354&cn=354&gk=0&gl=0&cq=1&em=0&en=0&bu=15472&cd=15163&ah=15472&am=15163&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3AAirAsia%20rolls%20out%20P1%20fare%20promo%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=822547670&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:28 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 72C1 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3271
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E99D 36 KB
12 KB 30ms
27ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3271
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3A0F 36 KB
12 KB 24ms
24ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3271
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7F58 36 KB
12 KB 29ms
28ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3271
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

POST csi
csi.gstatic.com/ Frame 1458 0
0

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 46D3 156 B
267 B 176ms
172ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21686950643%2FNV2%2Fnovovideo_1.72&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3549799937747318&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=3998292490&sdk_apis=2%2C8&sid=EF1D5138-5366-4062-A95A-5A4933D23895&eid=21064201%2C44729226%2C44739554&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312709313&cookie_enabled=1&scor=1799431938078339&ged=ve4_td1_tt0_pd1_la1000_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2CCA 156 B
193 B 154ms
149ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21733955780%2Fgmanetwork.com_video_USD1.85&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2221097337206142&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2246891602&sdk_apis=2%2C8&sid=16F2609C-EDF4-4619-810A-404343F6F4B0&eid=21069902%2C44725356%2C44729226&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312709389&cookie_enabled=1&scor=3461226671908310&ged=ve4_td1_tt0_pd1_la1000_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 18A3 156 B
144 B 132ms
130ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21686950643%2FNV%2Fnovovideo_1.72&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2468657501244006&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=578828608&sdk_apis=2%2C7%2C8&sid=8DB2B953-03EA-4947-BA98-FF0C2BBD3548&eid=44729227%2C44736271&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312709407&cookie_enabled=1&scor=2683226094909928&ged=ve4_td1_tt0_pd1_la1000_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame B954 57 KB
6 KB 196ms
195ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2Fgmanetwork.com_2_video_preroll&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&env=vp&correlator=3033995505863584&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480&max_ad_duration=30000&unviewed_position_start=1&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=168905544&sdk_apis=2%2C8&sid=D02CBD5E-47B9-4C97-9E5A-62ADA032F6B8&eid=44729227%2C44736293&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312709433&cookie_enabled=1&scor=3575869986442842&ged=ve4_td1_tt0_pd1_la1000_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

35de2fb0f1538a1034ec0b5224f7335fdc75324e025d3ca3898eaa6450b82916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6075
x-xss-protection: 0
google-lineitem-id: 5586749190,5587227017,5587215248
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138337100929,138336562634,138336605913
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET vast.xml
video-ads.rubiconproject.com/video/11734/360508/1944268/205/ Frame B954 0
0

GET
DATA 200
OK truncated
/ Frame B954 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-Q050 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame B954 42 B
218 B 33ms
29ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B2i2PBX51YPmhHKuMjuwP3JGt4Ae7hrf3RQAAABABIKPbiSI4AFiByaKsgwRg9ZXOgeAEsgESd3d3LmdtYW5ldHdvcmsuY29tugELNDAweDMwMF94bWzIAQXaAe0BaHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb20vbmV3cy9tb25leS9jb21wYW5pZXMvNzgzNTA5L2FpcmFzaWEtcm9sbHMtb3V0LXAxLWZhcmUtcHJvbW8vc3RvcnkvP19oc21pPTg4OTc0NzQ0Jl9oc2VuYz1wMkFOcXR6LS1CMThoQ1k4bmp5TGp6VjBTZkRkWTR1bjRFb3RyTjRJRWNFdFFweU1zWU9vRlJCb3BFN01GWFJqb2VVRUl1Z2hybXFEYi01WHlnZUZMZ2J1VlRmWlEzeUtDb0tSVjdVcGlLNnhXX0llbjU0SGNqT19RqQL1tr6hmZiRPsACAuACAOoCKC81MjU1NTM4Ny9nbWFuZXR3b3JrLmNvbV8yX3ZpZGVvX3ByZXJvbGz4AvDRHpADyAaYA8gGqAMB0ASQTuAEAdIFBhCGjvznFJAGAaAGJKgH7NUbqAfz0RuoB5bYG9gHAOAHD9IICQiA4YBAEAEYHdgIAoAKBZgLAYAMAQ&sigh=ZCOHdmKqlG8&label=videoplayfailed900&acvw=[VIEWABILITY]&sdkv=h.3.450.0&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1ODY3NDkxOTBA0wFSGSUAAPBBOgd1bmtub3duQgd1bmtub3duUAAYAQ..

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame B954 949 B
1 KB 35ms
34ms XHR
application/xml 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: bed8cd9c13453f3edfce69245af17ba5d36cb3a980035f2618ecc1c729a60d9a

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:29 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
ETag: "461ced-23ca-5b1869b8fc7b9"
Vary: Origin, Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 591
Expires: Tue, 13 Apr 2021 11:18:29 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 24ms
22ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3101312293309010484&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312694883&de=510407129504&cu=1618312694883&m=15105&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=1&ag=15063&an=10051&gi=1&gf=15063&gg=10051&ix=15063&ic=15063&ez=1&ck=1290&kw=762&aj=1&pg=100&pf=100&ib=0&cc=1&bw=15063&bx=10051&ci=1290&jz=762&dj=1&aa=1&ad=14682&cn=9670&gn=1&gk=14682&gl=9670&ik=14682&co=1448&cp=1299&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14870&cd=9859&ah=14870&am=9859&rf=0&re=1&ft=4871&fv=4871&fw=909&wb=2&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566858&bo=343684595&bd=346123355&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=728x90&zMoatPS=GNO_Money_Article_Leaderboard_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Article_Leaderboard_1_1&iq=na&tt=na&tc=0&fs=189983&na=1632201315&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:30 GMT

POST
H3-Q050 204 csi
csi.gstatic.com/ Frame B954 0
44 B 101ms
100ms Other
image/gif 2607:f8b0:4004:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knfxlq3q&c=4904382487372&slotId=2452191243686&qqid=CLm4u9GM--8CFSuGgwcd3EgLfA&gqid=BX51YO3ZG4zt3wPOpYyoBw&fb=ima-html5&sdkv=h.3.450.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&ghmsh_eids=44729227%2C44736293&vmfc=1&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:803::2003 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame B954 42 B
89 B 52ms
51ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B9rM0BX51YKOPJauMjuwP3JGt4Af5uLf3RQAAABABIKPbiSI4AFjK24GsgwRg9ZXOgeAEsgESd3d3LmdtYW5ldHdvcmsuY29tugELNDAweDMwMF94bWzIAQXaAe0BaHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb20vbmV3cy9tb25leS9jb21wYW5pZXMvNzgzNTA5L2FpcmFzaWEtcm9sbHMtb3V0LXAxLWZhcmUtcHJvbW8vc3RvcnkvP19oc21pPTg4OTc0NzQ0Jl9oc2VuYz1wMkFOcXR6LS1CMThoQ1k4bmp5TGp6VjBTZkRkWTR1bjRFb3RyTjRJRWNFdFFweU1zWU9vRlJCb3BFN01GWFJqb2VVRUl1Z2hybXFEYi01WHlnZUZMZ2J1VlRmWlEzeUtDb0tSVjdVcGlLNnhXX0llbjU0SGNqT19RqQL1tr6hmZiRPsACAuACAOoCKC81MjU1NTM4Ny9nbWFuZXR3b3JrLmNvbV8yX3ZpZGVvX3ByZXJvbGz4AvDRHpADyAaYA8gGqAMB0ASQTuAEAdIFBhCJo5noFJAGAaAGJKgH7NUbqAfz0RuoB5bYG9gHAOAHD9IICQiA4YBAEAEYHdgIAoAKBZgLAYAMAQ&sigh=flz_1qufzRk&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.450.0&vci=[CREATIVE_PLAYBACK]

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B954 0
64 B 52ms
52ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_uFok9ulN5ztOL9ETl_cnRbi9FU3577NXIZTSc4s-GRFfHDVKIY73FhDKAxAt-8EuTWVSwdzmUkfTvedMoPoeJM_blLxafdfNAckQs-GPq9uJgfNy7mt6pLu9j69pinTSndAzJIY0OqltVYwZ1o4kLMuV8bl7KQcpMQCx9I22IurYpCpx4k_TMdLaGALls_BPZEw_TSRTLlN8iRKm0UyGQFP_r8WqbvqobMeqHn2637BFXCtP1juhNDD8iZpMcVuALA_coExlUF6pLvIJmu-TzdayAq52J47jq2dCN_Q5TkzMFRije5hczQYIlHFnjariWMceQM7-K9Q&sai=AMfl-YRdqmXSipIQ4X6afqKqh0MwqyGTmcwauzin2m3oMxi9vOLuE6SNKgjrxZ3YNu8SfWb0xnynQfIo9pq--6SZ9xMvlBrG43Tk5NtaiY1pAWBEQ7wp4QBxoYeFBnEWEz-6&sig=Cg0ArKJSzKe4FY-EE5eZEAE&sdkv=h.3.450.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1ODcyMjcwMTcyDDEzODMzNjU2MjYzNEDTAQpRCAESEnZwYWlkLnB1Ym1hdGljLmNvbRoIUHViTWF0aWMgAyoLUE1fVlBBSURfQURAiARSHSUAAPBBKAE6B3Vua25vd25CB3Vua25vd25QAGABGAE.&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5367 50 KB
18 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f2e894b7e3b50ebc842bf653792c63d598ac4b6345c279aaef7616a63f19341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 18:18:28 GMT
server: sffe
age: 503
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:25:07 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 23ms
22ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&wf=1&pxm=4&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-mKzeZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=H232%7Dq%2FLiK&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=8&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&id=1&ii=4&f=0&j=&t=1618312695197&de=155808745231&cu=1618312695197&m=15204&ar=e4967b0-clean&iw=e384779a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4740&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1049%3A1049%3A0%3A1094&as=1&ag=15183&an=10707&gi=1&gf=15183&gg=10707&ix=15183&ic=15183&ez=1&ck=1275&kw=711&aj=1&pg=100&pf=100&ib=0&cc=1&bw=15183&bx=10707&ci=1275&jz=711&dj=1&aa=1&ad=14828&cn=10352&gn=1&gk=14828&gl=10352&ik=14828&co=1863&cp=1284&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14984&cd=10451&ah=14984&am=10451&rf=0&re=0&wb=2&cl=0&at=0&d=88868795%3A424147475%3A5647733405%3A138343566855&bo=343684595&bd=346125515&gw=gmanmidfpdisplay183413089896&zMoatPT=Money_Article_Inside_Page&zMoatSZ=300x250&zMoatPS=GNO_Money_Mrec_1_1&zMoatSite=GMA_News_Online&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=GNO_Money_Mrec_1_1&iq=na&tt=na&tc=0&fs=189983&na=1409463756&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 11:18:30 GMT

GET
H/1.1 200
OK PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 5367 150 KB
35 KB 35ms
33ms Script
text/javascript 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 07:24:19 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1408294-257f0-5b82218515d54"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35684

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B22F 38 KB
14 KB 456ms
72ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.gmanetwork.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

Last-Modified: Thu, 01 Apr 2021 09:51:48 GMT
ETag: "13006b6-98c9-5bee62e0efabf"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14061
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=63883
Expires: Wed, 14 Apr 2021 05:03:14 GMT
Date: Tue, 13 Apr 2021 11:18:31 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5367 38 KB
14 KB 479ms
97ms Script
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Apr 2021 09:51:48 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-98c9-5bee62e0efabf"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=63883
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 14061
Expires: Wed, 14 Apr 2021 05:03:14 GMT

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B22F 8 KB
9 KB 97ms
32ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=11253061&p=155949&s=795633&a=3435469&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 7da6d0d1987f861edc21186f4557062f0540cc327df6772205c6970090394410

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:31 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 5367 27 B
754 B 37ms
36ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=250&vw=300&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+7+6&gdpr=0&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE&kltstamp=2021-4-13%2013%3A18%3A30&ranreq=0.6701357258906162&timezone=2&cb=1618312710914&SAVersion=2&inIframe=1&pageURL=&screenResolution=-1x-1&kdntuid=1&vwndh=0&vwndw=0&vwndurl=&vwndref=&vc=2&js=1&sec=1
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:43 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
X-Vdbg
Content-Type: application/xml; charset=utf-8

GET

Pug
image2.pubmatic.com/AdServer/ Frame B22F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOvd5hGwKhVqS_ha26xe6Rc&google_cver=1

0
0

GET
H2 200 pubmatic
um.simpli.fi/ Frame B22F 43 B
609 B 26ms
25ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=11253061&p=155949&s=795633&a=3435469&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 12 Apr 2021 11:18:31 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 3D6C 0
0 43ms
40ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=11253061&p=155949&s=795633&a=3435469&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Tue, 13 Apr 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1027
x-powered-by: ASP.NET
date: Tue, 13 Apr 2021 11:18:31 GMT
content-length: 43

GET

generic
match.adsrvr.org/track/cmb/ Frame B22F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=

0
0

GET

match
c1.adform.net/serving/cookie/ Frame B22F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...

0
0

GET img
sync.mathtag.com/sync/ Frame B22F 0
0

GET

pubmatic;c
d5p.de17a.com/getuid/ Frame 1991
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame B22F
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1852934620691920909&gdpr=0&gdpr_consent=

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame B22F
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KcancyiToHEyz6QnKsS9f33Do3Eyx6BwLsJtileC

0
0

GET pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame D13B 0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame DBE4
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950600168469231766

0
0

GET pubmaticmatch
match.adsby.bidtheatre.com/ Frame B22F 0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame E8DE
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=hKZUTVIEts8HnR2milX4Womm

0
0

GET bridge
cm.adgrx.com/ Frame 23E1 0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame B22F
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_33385dcd-4d52-433a-be7c-7e68b474e400

0
0

GET i.match
a.tribalfusion.com/ Frame 7C7B 0
0

GET rtset
bh.contextweb.com/bh/ Frame 0147 0
0

GET
H2 200 dpe
ad4m.at/ad/ Frame CF4B 42 B
0 30ms
28ms Document
image/gif 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 13 Apr 2021 11:18:31 GMT
content-type: image/gif
content-length: 42
set-cookie: __cfduid=dd6c95c07a6e2d215b96504d2f6bac6d31618312711; expires=Thu, 13-May-21 11:18:31 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7rdk
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 096c8d65c200004eeba73b7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63f44b4f999f4eeb-FRA

GET rtb-h
trc.taboola.com/sg/pubmatic-ssp-network/1/ Frame EDA1 0
0

GET 141
match.deepintent.com/usersync/ Frame E8D3 0
0

GET Pug
simage2.pubmatic.com/AdServer/ Frame 9334 0
0

GET

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B22F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dq6XmV9tQqSJ1c2EY3PeEw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

0
0

GET mw
mwzeom.zeotap.com/ Frame B22F 0
0

GET info
uipglob.semasio.net/pubmatic/1/ Frame B22F 0
0

GET p.gif
visitor.fiftyt.com/ Frame B22F 0
0

GET pixel
cm.g.doubleclick.net/ Frame B22F 0
0

GET sync
x.bidswitch.net/ Frame B22F 0
0

GET 0EAE9799-5F6D-42A4-89D5-CD846373DE13
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B22F 0
0

GET sync
ups.analytics.yahoo.com/ups/58292/ Frame B22F 0
0

GET cs
ad.turn.com/r/ Frame B22F 0
0

GET b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame B22F 0
0

GET pixelSync
pixel-sync.sitescout.com/dmp/ Frame B22F 0
0

GET current
pubmatic-match.dotomi.com/match/bounce/ Frame B22F 0
0

GET apn
ads.playground.xyz/usersync/ Frame B22F 0
0

GET track
aktrack.pubmatic.com/ Frame 5367 0
0

GET
H3-Q050 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame B954 42 B
89 B 38ms
29ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B9rM0BX51YKOPJauMjuwP3JGt4Af5uLf3RQAAABABIKPbiSI4AFjK24GsgwRg9ZXOgeAEsgESd3d3LmdtYW5ldHdvcmsuY29tugELNDAweDMwMF94bWzIAQXaAe0BaHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb20vbmV3cy9tb25leS9jb21wYW5pZXMvNzgzNTA5L2FpcmFzaWEtcm9sbHMtb3V0LXAxLWZhcmUtcHJvbW8vc3RvcnkvP19oc21pPTg4OTc0NzQ0Jl9oc2VuYz1wMkFOcXR6LS1CMThoQ1k4bmp5TGp6VjBTZkRkWTR1bjRFb3RyTjRJRWNFdFFweU1zWU9vRlJCb3BFN01GWFJqb2VVRUl1Z2hybXFEYi01WHlnZUZMZ2J1VlRmWlEzeUtDb0tSVjdVcGlLNnhXX0llbjU0SGNqT19RqQL1tr6hmZiRPsACAuACAOoCKC81MjU1NTM4Ny9nbWFuZXR3b3JrLmNvbV8yX3ZpZGVvX3ByZXJvbGz4AvDRHpADyAaYA8gGqAMB0ASQTuAEAdIFBhCJo5noFJAGAaAGJKgH7NUbqAfz0RuoB5bYG9gHAOAHD9IICQiA4YBAEAEYHdgIAoAKBZgLAYAMAQ&sigh=flz_1qufzRk&label=videoplayfailed901&acvw=&sdkv=h.3.450.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1ODcyMjcwMTcyDDEzODMzNjU2MjYzNEDTAQpWCAESEnZwYWlkLnB1Ym1hdGljLmNvbRoIUHViTWF0aWMgAyoLUE1fVlBBSURfQURAiARSIhAEJQAA8EEoAToHdW5rbm93bkIHdW5rbm93bkj4ClAAYAEYAQ..

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track
aktrack.pubmatic.com/ Frame B954 0
124 B 153ms
89ms Image
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=155949&s=795633&a=3435469&ts=1618312709&wa=0&e=96&ier=901
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 11:18:31 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

GET
H2 200 / Show response
adx3.adform.net/adx/ Frame B954 65 B
744 B 268ms
268ms XHR
text/xml 185.84.60.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx3.adform.net/adx/?mid=952563&t=2

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:31 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame B954 42 B
218 B 28ms
27ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bn1RRBX51YKSPJauMjuwP3JGt4AfwuLf3RQAAABABIKPbiSI4AFjZrYSsgwRg9ZXOgeAEsgESd3d3LmdtYW5ldHdvcmsuY29tugELNDAweDMwMF94bWzIAQXaAe0BaHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb20vbmV3cy9tb25leS9jb21wYW5pZXMvNzgzNTA5L2FpcmFzaWEtcm9sbHMtb3V0LXAxLWZhcmUtcHJvbW8vc3RvcnkvP19oc21pPTg4OTc0NzQ0Jl9oc2VuYz1wMkFOcXR6LS1CMThoQ1k4bmp5TGp6VjBTZkRkWTR1bjRFb3RyTjRJRWNFdFFweU1zWU9vRlJCb3BFN01GWFJqb2VVRUl1Z2hybXFEYi01WHlnZUZMZ2J1VlRmWlEzeUtDb0tSVjdVcGlLNnhXX0llbjU0SGNqT19RqQL1tr6hmZiRPsACAuACAOoCKC81MjU1NTM4Ny9nbWFuZXR3b3JrLmNvbV8yX3ZpZGVvX3ByZXJvbGz4AvDRHpADyAaYA8gGqAMB0ASQTuAEAdIFBhCQx5joFJAGAaAGJKgH7NUbqAfz0RuoB5bYG9gHAOAHD9IICQiA4YBAEAEYHdgIAoAKBZgLAYAMAQ&sigh=dhznvjV2nvs&label=videoplayfailed303&acvw=[VIEWABILITY]&sdkv=h.3.450.0&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1ODcyMTUyNDhA0wFSGSUAAPBBOgd1bmtub3duQgd1bmtub3duUAAYAQ..

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 11:18:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 115ms
115ms XHR
text/plain 52.206.198.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=26232&t=1618312699&cip=37.120.213.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1618312699031-938042847281-020198-002-004901&cha=0.7&cb=59803934945&d9=0000&AV_WIDTH=300&AV_HEIGHT=250
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.198.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-198-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 13 Apr 2021 11:18:32 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK vast2 Show response
tag.1rx.io/rmp/202011/0/ 168 B
487 B 51ms
50ms XHR
application/xml 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/202011/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&w=300&h=250&schain=1.0,1!vidcrunch.com,5eea0864e08b0760d33128ae,1,,Gmanetwork.com,Gmanetwork.com&us_privacy=1---&ip=37.120.213.100&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lon=8.44500&lat=47.39400&cbb=8312712082
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:32 GMT
Server: Tengine
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 168

GET
H2 200 advast Show response
ice.360yield.com/ 27 B
444 B 108ms
108ms XHR
application/xml 18.185.208.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/advast?p=22324347&w=16&h=9&player_width=300&player_height=250&referrer=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&schain=1.0,1!vidcrunch.com,5eea0864e08b0760d33128ae,1,,Gmanetwork.com,Gmanetwork.com&us_privacy=1---&cbb=8312712082
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.208.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:32 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
235 B 180ms
180ms XHR
text/plain 34.236.214.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=1d6b5ceec65a6188be877b2c23cd07c2_1723149115&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1618312699031-938042847281-020198-002-004901&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&AV_PUBLISHERID=5eea0864e08b0760d33128ae&AV_CHANNELID=5f212d174b419e3bf16f66ad&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gmanetwork.com&AV_DADPOS=3&AV_PLACEMENT=1&v=6.1.1.243&avtoken=698595&AV_WIDTH=300&AV_HEIGHT=250&AV_DNT=0&cb=8312712083&tgt=0&
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 01 Apr 2021 21:31:52 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 116ms
115ms Image
text/plain 52.206.198.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=26232&t=1618312699&cip=37.120.213.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1618312699031-938042847281-020198-002-004901&cha=0.7&cb=59803934945&d9=0000&AV_WIDTH=300&AV_HEIGHT=250&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=request&cb=1618312712084&asid=5ff589dc4b337c40965101c3%2C602d2c85082e28357f77e7e8%2C6000b9ec9e10b015a725e2ea%2C5eeb62382e9087423f2047ea%2C5e17488228a06163020cc073%2C5eeb61d689e42756c3479a25%2C5fd5d85915b86d7ecd0a28ea%2C5eeb769c64dc3851426b47d7%2C5f8eb19c8c493a3dc02fd4e7%2C5f9b07e039fc2e74ed5ef690%2C5f2fd7715c5fcc3dbb4252c1&ofpr=%2C%2C%2C1.4%2C%2C1.4%2C2%2C%2C1.3%2C1.3%2C1.3&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.198.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-198-221.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:32 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/205427/0/ 0
275 B 55ms
54ms XHR
text/plain 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205427/0/mvo?z=1r&hbv=4.25,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:32 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/205428/0/ 0
275 B 47ms
46ms XHR
text/plain 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=4.25,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:32 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

GET
H2 200 hb Show response
ice.360yield.com/ 99 B
518 B 97ms
96ms XHR
application/json 18.185.208.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22765ba4cc1ea04b2%22%2C%22version%22%3A%227.2.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%225eea0864e08b0760d33128ae%22%2C%22rid%22%3A%221d6b5ceec65a6188be877b2c23cd07c2_1723149115%22%2C%22name%22%3A%22Gmanetwork.com%22%2C%22hp%22%3A1%2C%22domain%22%3A%22Gmanetwork.com%22%2C%22asi%22%3A%22vidcrunch.com%22%7D%5D%2C%22complete%22%3A1%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2269495646e673644%22%2C%22ad_types%22%3A%5B%22video%22%5D%2C%22bidfloor%22%3A2%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22416254%2C%22tid%22%3A%22057208cc-0d26-46ee-96da-87a2050a9a3a%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.208.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a447de7bb3df35431dc5c666dd7261a150a81915cb05183019f310c71ec162fc

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:32 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 99
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
1 KB 49ms
49ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

15f7cd0fb89128055c4b43684e67208694b6bf606ad879c527d04655bbb9b787

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 11:18:32 GMT
X-Proxy-Origin: 37.120.213.100; 37.120.213.100; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.165:80
AN-X-Request-Uuid: d5ff440b-67da-4d87-9517-799fdce1b937
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gmanetwork.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 32ms
32ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 38ms
38ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Tue, 13 Apr 2021 11:18:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 track
track1.aniview.com/ 0
70 B 115ms
115ms Image
text/plain 52.206.198.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=26232&t=1618312699&cip=37.120.213.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1618312699031-938042847281-020198-002-004901&cha=0.7&cb=59803934945&d9=0000&AV_WIDTH=300&AV_HEIGHT=250&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=bid&cb=1618312712265&asid=5ff589dc4b337c40965101c3%2C602d2c85082e28357f77e7e8%2C6000b9ec9e10b015a725e2ea&ofpr=%2C%2C&fpo=%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.198.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-198-221.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:32 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1348 334 KB
115 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:32 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 4B35 334 KB
115 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:32 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3920 334 KB
115 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:32 GMT

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D00D 574 KB
187 KB 9ms
9ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462902
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1348 44 KB
16 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:32 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1348 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 85A3 574 KB
187 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462902
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 3920 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:32 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3920 107 B
146 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 805E 574 KB
187 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gmanetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462902
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 4B35 44 KB
16 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 11:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:18:32 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4B35 107 B
123 B 17ms
17ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 11:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 03E8 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3275
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6BEF 36 KB
12 KB 18ms
18ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3275
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 46AA 36 KB
12 KB 18ms
18ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 10:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3275
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:23:57 GMT

GET ads
pubads.g.doubleclick.net/gampad/ Frame D00D 0
0

GET ads
pubads.g.doubleclick.net/gampad/ Frame 85A3 0
0

GET ads
pubads.g.doubleclick.net/gampad/ Frame 805E 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 6852bd14.akstat.io
URL: https://6852bd14.akstat.io/

Domain: 6852bd14.akstat.io
URL: https://6852bd14.akstat.io/

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1240512143984231881

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: aktrack.pubmatic.com
URL: https://aktrack.pubmatic.com/track?operId=7&p=155949&s=795633&a=3435469&ts=1618312703&wa=0&e=95&vc=2

Domain: video-ads.rubiconproject.com
URL: http://video-ads.rubiconproject.com/video/11734/360508/1944268/205/vast.xml

Domain: video-ads.rubiconproject.com
URL: http://video-ads.rubiconproject.com/video/11734/360508/1944268/205/vast.xml

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDQ3NTdkMTctM2M3Ni02NDJkLTUxMWYtZDFmZWU0YTNmNTY3

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knfxlkrj&c=4904382487372&slotId=2452191243686&qqid=CP_Z8s2M--8CFQH5dwoddjsHJg&gqid=_X11YNaOO46E3wP35YHwBQ&fb=ima-html5&sdkv=h.3.450.0&mrd=4&aab=1&itv=1&uet=2&met.4=err.knfxllcs&aec=901&rec=loaded-1%7Cshow_ad-1%7Cerror-1

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=6804e922-711b-476b-990a-2d9bef2096c9&ssp=pubmatic

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHV_AQAAAZo6rQBg&gdpr=0&gdpr_consent=&_test=YHV_AQAAAZo6rQBg

Domain: pixel-sync.sitescout.com
URL: https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knfxlmwy&c=4904382487372&slotId=2452191243686&qqid=COr_hs-M--8CFZT5dwodVzsHkw&gqid=AH51YIuoGNuKjuwP1Zy-0AI&fb=ima-html5&sdkv=h.3.450.0&mrd=4&aab=1&itv=1&uet=2&met.4=err.knfxlnke&aec=901&rec=loaded-1%7Cshow_ad-1%7Cerror-1

Domain: video-ads.rubiconproject.com
URL: http://video-ads.rubiconproject.com/video/11734/360508/1944268/205/vast.xml

Domain: video-ads.rubiconproject.com
URL: http://video-ads.rubiconproject.com/video/11734/360508/1944268/205/vast.xml

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOvd5hGwKhVqS_ha26xe6Rc&google_cver=1

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Domain: sync.mathtag.com
URL: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D

Domain: d5p.de17a.com
URL: https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1852934620691920909&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KcancyiToHEyz6QnKsS9f33Do3Eyx6BwLsJtileC

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950600168469231766

Domain: match.adsby.bidtheatre.com
URL: https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=hKZUTVIEts8HnR2milX4Womm

Domain: cm.adgrx.com
URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_33385dcd-4d52-433a-be7c-7e68b474e400

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Domain: bh.contextweb.com
URL: https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%

Domain: trc.taboola.com
URL: https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Domain: mwzeom.zeotap.com
URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=0EAE9799-5F6D-42A4-89D5-CD846373DE13

Domain: uipglob.semasio.net
URL: https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0EAE9799-5F6D-42A4-89D5-CD846373DE13&sInitiator=external&gdpr=0&gdpr_consent=

Domain: visitor.fiftyt.com
URL: https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=0EAE9799-5F6D-42A4-89D5-CD846373DE13&gdpr=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEVBRTk3OTktNUY2RC00MkE0LTg5RDUtQ0Q4NDYzNzNERTEz&gdpr=0&gdpr_consent=

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/pubmatic/0EAE9799-5F6D-42A4-89D5-CD846373DE13?gdpr=0&gdpr_consent=

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0EAE9799-5F6D-42A4-89D5-CD846373DE13&redir=true&gdpr=0&gdpr_consent=

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D

Domain: pixel-sync.sitescout.com
URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

Domain: pubmatic-match.dotomi.com
URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0EAE9799-5F6D-42A4-89D5-CD846373DE13&gdpr=0&gdpr_consent=

Domain: ads.playground.xyz
URL: https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

Domain: aktrack.pubmatic.com
URL: https://aktrack.pubmatic.com/track?operId=7&p=155949&s=795633&a=3435469&ts=1618312712&wa=0&e=95&vc=2

Domain: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21686950643%2FNV2%2Fnovovideo_1.72&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2521598300482220&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=384668948&sdk_apis=2%2C8&sid=181B40A4-6999-42EB-89CE-862F616B3A5E&eid=420706097%2C44729226&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312712657&cookie_enabled=1&scor=4132935499230299&ged=ve4_td1_tt0_pd1_la1000_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Domain: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21733955780%2Fgmanetwork.com_video_USD1.85&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2634995656899247&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=3998292490&sdk_apis=2%2C8&sid=793753B9-98BD-49A8-B021-FA4A2C647700&eid=21069902%2C44729227%2C44739554&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312712672&cookie_enabled=1&scor=375670675526944&ged=ve4_td1_tt0_pd1_la1000_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Domain: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21686950643%2FNV%2Fnovovideo_1.72&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4144543708358551&vpmute=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2078603922&sdk_apis=2%2C8&sid=BDBD3FD7-828A-413D-A2DB-14D9CA0F8C6A&eid=210640812%2C44729227%2C44739554&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Fmoney%2Fcompanies%2F783509%2Fairasia-rolls-out-p1-fare-promo%2Fstory%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&dt=1618312712677&cookie_enabled=1&scor=583462490551321&ged=ve4_td1_tt0_pd1_la1000_er1261.710.1415.1010_vi0.0.1200.1600_vp0_eb16619

Verdicts & Comments Add Verdict or Comment

633 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.gmanetwork.com/	1970-01-19 17:41:57	Name: RT Value: "z=1&dm=gmanetwork.com&si=696b58b1-8f41-481b-9f50-5e4fc40702ee&ss=knfxlbx0&sl=1&tt=6df&bcn=%2F%2F6852bd14.akstat.io%2F&ld=6dp"

54 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.silobreaker.com/e2t/tc/VVyZLb27R9cNW8B1sKc3F-R2JVJvnzy4ql1vbMpKrl_2-HwrV1-WJV7CgVNxW4Yknm7645JnKN6qc4djm3tVhVd7rZc3YM12PW6f9hX411LYnSW5ZsfbV6LsRq0W5ZQkk78-Sv_FN7jtt1q6JNpkW6vljLF4Y7ycCN47k_1lQRsPsW3yknsh20nrttW5bJx-g4J1tBZVRQrFG3fcKw6W39vTVr1wQTFtW5lyhkG4_2BdtV4wZ6m5bv6mhW7dbnX6702h0kW3s5Rbn3nxcMsW5Dj-x31n2HCmW51CF-N4ghsYkW4xt1Dh1C_X_BW97nYJn96JQ2hVsfck61MMgMGW8D-KnD2WRPLqN8fL7NqTwp2RW2R03vk4KPds4W4llfyZ5XtL_D3ndT1(Line 13) Message: toS
console-api	info	URL: https://images.gmanetwork.com/res/dist/js/consolidated/hash/story.cec1622ae1cc309f4ef917cbc03f2a63.gz.js(Line 8) Message: Trinity Audio player injector script is loaded!
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61) Message: 13:18:20,842 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61) Message: 13:18:20,930 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside catch block, setting the value 1 received in the argument due to error:
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Finally, debug level set to 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside catch block, setting the value 2 received in the argument due to error:
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Finally, debug level set to 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:into initAd method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=250&vw=300&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+7+6&gdpr=0&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE&cb=1618312702439
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.gmanetwork.com%252Fnews%252Fmoney%252Fcompanies%252F783509%252Fairasia-rolls-out-p1-fare-promo%252Fstory%252F%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.gmanetwork.com%252Fnews%252Fmoney%252Fcompanies%252F783509%252Fairasia-rolls-out-p1-fare-promo%252Fstory%252F%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-4-13 13:18:22&ranreq=0.6376977516277256&timezone=2&depth=0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:PM AdRequest Time: 0.623secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Ad Error Time: 0.625secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Total Component Time since player call: 0.746secs.
console-api	error	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside catch block, setting the value 1 received in the argument due to error:
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Finally, debug level set to 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside catch block, setting the value 2 received in the argument due to error:
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Finally, debug level set to 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:into initAd method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=250&vw=300&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+7+6&gdpr=0&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE&cb=1618312705174
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.gmanetwork.com%252Fnews%252Fmoney%252Fcompanies%252F783509%252Fairasia-rolls-out-p1-fare-promo%252Fstory%252F%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.gmanetwork.com%252Fnews%252Fmoney%252Fcompanies%252F783509%252Fairasia-rolls-out-p1-fare-promo%252Fstory%252F%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--B18hCY8njyLjzV0SfDdY4un4EotrN4IEcEtQpyMsYOoFRBopE7MFXRjoeUEIughrmqDb-5XygeFLgbuVTfZQ3yKCoKRV7UpiK6xW_Ien54HcjO_Q&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-4-13 13:18:25&ranreq=0.17854797747703555&timezone=2&depth=0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:PM AdRequest Time: 0.664secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Ad Error Time: 0.666secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Total Component Time since player call: 0.746secs.
console-api	error	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61) Message: 13:18:27,248 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61) Message: 13:18:27,282 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside catch block, setting the value 1 received in the argument due to error:
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Finally, debug level set to 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside catch block, setting the value 2 received in the argument due to error:
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Finally, debug level set to 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:into initAd method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=250&vw=300&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+7+6&gdpr=0&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE&kltstamp=2021-4-13%2013%3A18%3A30&ranreq=0.6701357258906162&timezone=2&cb=1618312710914
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=&screenResolution=-1x-1&kdntuid=1&vwndh=0&vwndw=0&vwndurl=&vwndref=&vc=2&js=1&sec=1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:PM AdRequest Time: 0.709secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Ad Error Time: 0.711secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-info:Total Component Time since player call: 1.332secs.
console-api	error	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=155949&siteId=795633&adId=3435469&vadFmt=3&vapi=2&vminl=15&vmaxl=30&vh=480&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=1&vskipdelay=5&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=SUPPLYCHAIN_GOES_HERE&us_privacy=&kadpageurl=INSERT_ENCODED_PAGEURL_HERE(Line 180) Message: pm-error:Invalid/Empty VAST Response from PubMatic Ad Server

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1a275975d8b9f4d458a73f451237f012.safeframe.googlesyndication.com
1f2e7.v.fwmrm.net
60a6ae725fca.bitsngo.net
6852bd14.akstat.io
7ae0bdec8bda0504fa96cf10b0703f55.safeframe.googlesyndication.com
a.tribalfusion.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ad4m.at
adclick.g.doubleclick.net
ads.allaccess.com.ph
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.ch
adservice.google.com
adservice.google.de
adx3.adform.net
aktrack.pubmatic.com
aphrodite.gmanetwork.com
api.dmcdn.net
aud.pubmatic.com
bh.contextweb.com
c.go-mpulse.net
c.sharethis.mgr.consensu.org
c1.adform.net
cdn.digitru.st
cdn.jsdelivr.net
cdn.spotxcdn.com
cdn.stickyadstv.com
cdn.vidcrunch.com
cdnjs.cloudflare.com
certify.alexametrics.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
count-server.sharethis.com
csi.gstatic.com
csync.loopme.me
d2wy8f7a9ursnm.cloudfront.net
d31qbv1cthcecs.cloudfront.net
d5p.de17a.com
data2.gmanetwork.com
depart.trinitymedia.ai
dis.criteo.com
dsp.adfarm1.adition.com
euc-ice.360yield.com
ev4nkzci66zbgydvpx5q-p3c257-1c427e6e9-clientnsv4-s.akamaihd.net
fiaqj6absjkbikqce3ygyaaaabqhk7p3-p3c257-8529880d7-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
green.erne.co
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.gmanetwork.com
images.gmanews.tv
imasdk.googleapis.com
info.silobreaker.com
l.sharethis.com
log.outbrainimg.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
maxcdn.bootstrapcdn.com
mwzeom.zeotap.com
ob.cheqzone.com
obs.cheqzone.com
pagead2.googlesyndication.com
ph-gmtdmp.mookie1.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.quantserve.com
pixel.tapad.com
player.aniview.com
player.ivideosmart.com
player.vidcrunch.com
pr-bh.ybp.yahoo.com
prod-sb-appanalytics-us1.servicebus.windows.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.moatads.com
related.gmanews.tv
rtb.gumgum.com
s.amazon-adsystem.com
s.go-mpulse.net
s0.2mdn.net
s2s.aniview.com
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
static-tagr.gd1.mookie1.com
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.aniview.com
sync.mathtag.com
sync.search.spotxchange.com
tag.1rx.io
tcheck.outbrainimg.com
tpc.googlesyndication.com
track.adform.net
track1.aniview.com
trc.taboola.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
trinitymedia.ai
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
vd.trinitymedia.ai
vid.pubmatic.com
video-ads.rubiconproject.com
visitor.fiftyt.com
vpaid.pubmatic.com
widget-pixels.outbrain.com
widgets.outbrain.com
ws.sharethis.com
www.facebook.com
www.gmanetwork.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yieldbird-d.openx.net
z.moatads.com
zdwidget3-bs.sphereup.com
6852bd14.akstat.io
a.tribalfusion.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
aktrack.pubmatic.com
bh.contextweb.com
c1.adform.net
cm.adgrx.com
cm.g.doubleclick.net
csi.gstatic.com
d5p.de17a.com
image2.pubmatic.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mwzeom.zeotap.com
pixel-sync.sitescout.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
secure.adnxs.com
simage2.pubmatic.com
sync-tm.everesttech.net
sync.mathtag.com
trc.taboola.com
uipglob.semasio.net
ups.analytics.yahoo.com
video-ads.rubiconproject.com
visitor.fiftyt.com
x.bidswitch.net
104.111.240.100
104.40.187.26
116.202.114.114
13.226.155.109
13.226.155.113
13.226.155.2
13.226.156.114
13.32.25.41
13.32.25.53
142.250.185.194
142.250.185.66
154.57.158.51
159.253.128.188
159.65.197.210
169.197.150.7
173.231.180.197
178.250.2.151
18.138.18.69
18.156.0.31
18.185.208.29
18.193.136.3
18.202.255.125
18.208.241.4
184.30.20.185
184.30.20.198
184.30.20.207
184.30.20.91
184.30.21.112
184.30.21.162
184.30.21.80
184.30.25.193
185.29.132.69
185.33.220.145
185.59.220.198
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.249
185.64.190.75
185.64.190.78
185.64.190.80
185.84.60.30
185.94.180.124
185.94.180.126
198.148.27.139
199.232.137.44
199.60.103.254
2001:4de0:ac19::1:b:3a
2001:678:cb4:bbbb::11
205.185.216.42
213.155.156.165
213.19.147.210
216.58.212.162
2600:1f18:e8a:cd02:882c:d916:bae1:7722
2600:9000:2057:8600:c:3460:340:93a1
2600:9000:2182:1800:c:a9b7:ddc0:93a1
2600:9000:2182:ca00:3:c04e:c780:93a1
2606:2800:233:9de:380:d6:22cb:12e3
2606:4700:10::ac43:db6
2606:4700:20::681a:bd1
2606:4700::6810:125e
2606:4700::6812:acf
2607:f8b0:4004:803::2003
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:110:c305::8000
2a00:1450:4001:800::200a
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2006
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200e
2a00:1450:400c:c1b::9c
2a02:26f0:1700:38a::11a6
2a02:26f0:64::210:6ad3
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00::210:ba13
2a02:26f0:6c00::210:ba19
2a02:26f0:6c00::210:ba1a
2a02:26f0:6c00::210:bb90
2a02:26f0:7100:184::2c79
2a02:fa8:8806:12::1370
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:1b::621
3.122.26.231
3.125.240.184
34.236.214.42
35.174.194.37
35.201.96.126
35.227.202.26
35.227.248.159
35.244.159.8
37.157.6.247
40.79.44.59
52.1.101.77
52.206.198.221
52.21.204.168
54.220.102.114
54.239.17.112
54.246.18.165
69.16.175.42
70.42.32.95
72.247.178.19
77.243.60.138
85.114.159.118
87.248.202.99
87.98.128.108
99.86.3.122
99.86.3.44
008928f52dfd086cde5f078df6c2c2b053e53723321da037e5bf9768f0e9e74d
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01d30dd5b644d3dbc7297d010c1c1774efb0f66f2b517f6f7295aada7b086454
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54
02fae25b47e8beed3323485071bcaa96f1620c2d86f3b5c15c4774e4b29d6c19
044f9f6324932953d85aeca705c72c9503e8b38c81b2e4d6f946baa3fdfadd84
05c173701f520cc53fcf2fba4ea74aa600c4daf76ee7d7fc321c1f00c7097603
078131e5829f405ad65bdfc0132dfda0016770a8daf5f5655a81afb4862002ab
0a49b2804d2e4708b0d1205bfa84e37b52391130516e6427f29ed1237e14d151
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb2cc51ed094008a0c4720b3086c1c7ddea74192c32aad90439e23c00a64bcc
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
0c5afec22fbdee5535024910654b2fc33137c9a8b3a935c1233a229b32549663
0e2b1732f1424a97605faf689e96633e8c46a123abe308498b4ced585ec97cd4
0e332b922db69ae1554d1d67b6df95e42aa4aef82dceaae9540b613735fd817d
0eb19d3d76cb0adc4e8223eba5ce435d79bfb059bb7a518fd89cf3aa2f4876cb
101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85
10906b8c7ee290918a54bb5510854a38d276b9419e7f91d3781b7af6aeeaebfb
10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12185420516acfdda1713b70ae0b7d4377cfa88a42bb66bd0b928aaa414dcb28
12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b
139da75dd27ce3e72eb0511df6e68f3a42e8db2b96effb3750a27e2e3dd3167a
1426c56748e464a4c9a1dae580dc73acf291663684aa701711537d8709329014
15f7cd0fb89128055c4b43684e67208694b6bf606ad879c527d04655bbb9b787
1626bb546b447d9ef6b8772bae92b22e6613ef7b65b21444c7efe3437ef48677
16978ae4adfdf7c4d988e22aef36c25c4ccdf8eb397d713049c8c221cc29153b
176f3ca1ee7b655aa9f2c16e71c09dc548d315c9b77ff39d637eebb931d70d81
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a83f7708114effe858a7974dfd5b2a877a5bc347e9f1b1d7754a1dd64f842ee
1b61522e1cfb21ae9ce906d0122b2e1b75ff23a7832bdd73baf808fe102d674c
1cb3f7a12a9d47fd69579591d24c047feb95580ea06d75c63a40cf61a774d58c
1cf458acc26fd5be1cc1ad94b164e5a05f97af3ea6b2686c154fadd61a1219cf
1f4f3e93904320e9f0f61bbe5c74dd66b942d195f5f788b5c25ff1af6e293b86
1fa6557f80bb9cdb7edfb7b287852720a1c3a63675b579a8b3f8cef1220ca656
248f5615c21e61118cd9a819c28bd671fdb58a52d0bc5e9db52519dba572e549
24a54f9f01ce9a671184c9d6e7c8d0f8acaa473d0631911cae13b71e0dae0341
252336de63ab3d21c3490cbabc028da6c5d4810029cab09ed3b712c9fe1a0506
27c8dd8b9b8947535a0d67cc1f009f4d724711935637b3f4919c9a52c0a6aad8
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2b95cd7444a2e25139b2e3425b153b1326749a6e3514b70ae9a0ac0fe43740ea
2c905617c98925807a6fdf98d7ead4be0f281661de8de7e061af32bbc328eeab
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e65b9a5fe1dc0950379456ece59f58ab12b4ee321b108b1e1f3ab4f95f81d5f
2e9422dcae50c91ac6103d603a3621effc774cf7c3ba15916710963e742282a4
315f54dd8c1a6f22eb5e39853aab27e9f22da12f50e56e7a0ab870087f7b904e
318e8a3bc9571b8d314521b209c67cddca0350d0c8b92bd2b8745b33a27dc5f7
341b452ea238e1335d40629bba580839ada6fd9e227b89ba4f3a7a9b1413861b
34b165d9cdfcd24c7b73f0c195f1d87607224bddf3131eecc013c5c7bd6e178c
34d2701c293a921dbbaf7b206c1f4ffb541a7223c1ab3c5c6ff2b1fa011a85a0
359501180b779548ad4e1ca74f38b08474350c38bed64ad69b278837d179e792
35de2fb0f1538a1034ec0b5224f7335fdc75324e025d3ca3898eaa6450b82916
36251711e27e4c8db1c3ed84871c205f14cd46077010c013150104ec3ef0b841
3679ea1a21fa6bdde872040a6f816e0c555ff5330cff0a20999a4d866ecf2be8
380b47f6ea7d28de20e705c6c8442ae9e5df6be6c8fb729975dfae6228dbc0c8
3906a58ee192c51a6ddfd14b4599acd837a89625af1a39032509a2e2bf8ea4e3
3917548928197150addc288f30af88f2ab034ab333aea4b5d99ae97465563720
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3ad753512028ab9454846db78b92c123be24f761177422832bad76120e06a6cd
3ae67afbf00a0d957e44c6abbd9e3bd8aa32d1f629946f60ae5c7333de1d7c39
3bc2947b3cb9aab23eb5ef3b20b4b80aec5d43f4d4c4ef0717d9a09570fdd3ff
3bd5c300f9b36036a0be212fdb9a6184a192b5559d7d362760741e9c98cbd2d3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d85bf6dc7e193ba6aba1c7f19fa7cff8480f6a424f7511d30dd93c098fac77f
3d9b4c1e21f076d905f1b85a541dda587ee989d1516f1465c6c6ded005cb99a8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f78cb7ec4796fbf923d1c995bfa6aa339020b7778db02fe0d2089bf057ad1e1
41fc4eb8fa970439aa034d435d6fc2496c5ac42bff1782024fc37f284c175c1a
42396341ae3c3d0cc59c90dc48397115f409545f964e955b9deceabe50b9aecf
4265686660c12d10f6954d8dec60884933d680f10dd79a4ff7a76c016d62f39a
43a3180bf543501f3c010d886d652d3da0997798bd88b071de838fa876560c8d
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4767c73d3e505ff9816e8c37f94802189d0a26588436b7490fe9faa1332fbaa7
4840ce6e3fdcfd0fb5e58ba3d53d7eeedaf3fadc3fe186b54a96910161fdba5d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49692bc46a7a85e6464ee6a4c279d57df60af78cbdafd95dff332ce28abb5f43
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a5ed8ea4b725375239eefe403700b8739d15e6a910c6a1c529afee1d5f5d4b4
4a85de9065d5a1bdf2f24f8a39125aa86e684c33b86b511d0e43875fc1a12543
4c062e44ef26a7b57ee5e158af4af360561ed6f3d18d96e4c1faa9b69097add0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9117f00b958920d6a594588c82bb74e5cf045d786c548b15b91ae65d11cc0f
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
4f2e894b7e3b50ebc842bf653792c63d598ac4b6345c279aaef7616a63f19341
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
4f9325b0e50d54922f785cd9797a3d80de8eda2ddd780e823fbc629d0cb17a92
4fad05a1473de195f4e634fc8b9111126e6272002e22c03ae54cf8a8e127e345
518b76ad95502ba636b444205d27674749f915eb19173e249ce44ff64871a9cd
51906a46cedc27ed5e349475e3bf0eb36d464f0e642eaad0f3d430f5f89af2bf
525605ca690fa01bf2d02a28458f68fb5b1055d50d809be7001ace4062094e8f
52abfaf6e3c44d481f4e8e64b0250b1befde90deef920a1eac6614ca8d625b27
530e7f85a527a573329c03e2db7b3862913d14025efb3f4aa4b026f9160600ee
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57aa2d2e763475ce5294ae1d5d85482a27e2e7fb1036b22a4e9fb9929be7d774
57d87f4202b259833def537015880ebd3733bb40d19c95df1da49ba126c3b397
58756f16874b1b7b290df6254c5c18ff8c9137d84b3154acd5863bf62a7c9fb0
58e76bcd9db528d7fe8acd4b6c6762256a84ab7d4d48ff54b4a4d64050323284
5b3b78542673c46b4299265778cc870a3fe7d4bffc70cb1cac9c0e5199432c79
5c6eb8de07644cf5976f3d8e47d992b740c31e1000e19f606a0086aaafd28338
5ddadabbf40d5ed6cc3b3735f87451e0a5ec1782cec93f338005566ad060fbc6
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5
621c1887d62b0efc13debf4c23006b8b7d50b13880651e72b2602544592fcfc4
62e3fb20c0bb4fe9125914c1de7e05770a54a51b2921fcbc681137c511c28603
64a13fb927e2ef03f3a59a79d0588d7514c4fbfb85f9237abb59dc04e7a49707
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69ca8aa598e4db95faeaf69b05a66f6207d2ed8624c0d6da81b9b6af269bb842
6ceb80df4a2a09a64c6506bea46609e055f2043c2960b72a82e5e2388e016a86
6d16ed20b3cddde6e086198fe01669c0e1da6063547a4659094ad89de4d88e45
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
6f0e7735adfcdf2111bdd4128aeff3912c579c0dd0fb415553327c3da059ab4d
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696
6f8c41060967bd4ae52ee0bf057caecbe3946aa41a988b9084e6aa62005138cc
7040f351fa93cddd426c4978c3cd5938173a69efc3365986135fda7da0cb5c67
7107adfdec1a0a2945a2f36453f19ba007f0630c9ee763264911337ca0eb3ad7
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74b4f400810ee9fe4167affd284644ed26bd7a2614a5cae6be03d1706586328e
75da1408e5d7d9d8dbeeec3484f9fd3c5f5b5857d3b387aaaee7196cb57d5085
76b20609fd48de2655d2317fa8cf34f918a4407ed0ed165e29f090998214c23d
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
79f3a90133c4fcfa088b8726c656b3a329d104a1e80cefe516a6c1da5d7fe263
7a54e8dfab118a1930176d2a7915526ff19bd1e5dd3653709689974306739dad
7cdbfc4262e966041c8dd26a5ba6996cff3991b180fd01f3d24f726ef4f780a1
7d1f5be75b390837f3451726f4a297bae0c3cb453cab51a31f9cdfc04f76f084
7da6d0d1987f861edc21186f4557062f0540cc327df6772205c6970090394410
7e373d1ef257fbe7a72515f2d7edb46dde98ae1ef52c663428c81679f49c51db
7f1a21d182b937b569183172ed61bbc084ced8c79e0d1c0cea671f0221cf189b
8095e046d436d9957b442dad9827d0289469e91f12cd94f68ffc90198e3b4f31
80a67a582fed34d5f1c3a3cbd37d3fb1866c6f02cd05d9dac1cec59d97be1d07
81a935f45850ccb6970a821de458801d7ca72b56ac31b5f13607eacbefb794e5
823686237069918cffd8537c4a5a77c27cd84451bef4b07624f44d7e5456c226
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83efb7419e404e58a3dd5dfebc16f74eaebc4b4770a831aa396d08af724c432b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a0afc2f45cecec31d8ccd1498cd8bfe428b3d79018efb1bf4da2cb3050b847
87b3e2271b71b1fefe56400637a37ef3fd2a66b84aee860973fa60b839d8262e
881c83b3b2713d24d5b5d0c45043c5c67e6b1c21a9fc821cab1b5223f3c654e3
89919930da4c7d0f027496907625bb5d97db45b07ca75582ca850b72cad1a44b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e5bfc6760fd19035a4913bacbada3a4474ed9b448216a383c74404b60470536
92d6f3e59e312de1849cfbf4ec315a6ecc6fdda4df22b4c1428ed9e7369da4ee
937fdab3409538bd4f6164b79c2caf886f7bb6170fcc37d9bb2fa3c9c010940f
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9cf97a6958f2ba4a3942a9add3202f4f32dc43fd7f637038968550806b92de56
9d566d5a66973cf49495579c828f81361d994a2b2e42690b5824ef1fd7803227
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9fb974b84a129972abbd1e2e5cfdf685cab5f6f22d881adf3845bc73b43eb4ad
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e8c5e2a986cbb91a9be1d2db07a3a35843c26f251ad54dd03b8d3a4f2dc691
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a2c5be0877b32fb7bff446fa1f21341e7f9f534bc4e517d665a7cd04954aec4c
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a447de7bb3df35431dc5c666dd7261a150a81915cb05183019f310c71ec162fc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a950b3e68d50d11d3f65c32089882d1ce80a3438e36565fb99e20cfc555b9584
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa643aca8d5fa444b863a9ddb8ab5b4451637ee4cab23b668455e2ad4530b02a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abcf9d8ba66731a37874638be948a8d20efaacb0b464191148002dc4259cbde8
ac560c4bb9d8586f655aeaed02985888ba3b8ae620cda5fa1b64014cc6c741e5
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
ad09eb4f381f7bdd2df06a98dde61dd1a8d88c01170865914f972ceefcc45037
ad6f29ca8a46fd6ceea1d1ccbd28f0bcf41ae8193ca25369da72d1212bba73b4
adbd2d20a9543ad40a5a66a187209902d1013e67b569fbee9bac3f7d9dafc474
ae1947a2826e5e189f4a57f8d6a2e8cadf74cfc1bc4b529489b2bbfd802bfd14
af02508033816278e84d0801fbc23e437f8ae97d78c4c86ba61994c1e979bcc6
afbfe8e368a2051af8391ea4c832a3d1e6784c254621e2bedf3e20b241164fe7
b0d63351e51dde5a98a12a8a4cb8a8cb6c3433709670d9f5cbafcbfcca6caf4e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d19f2708e8295fc45db645565ceaaaaa2690a841e5049a01ad6efc8c5509e6
b2168642391c840f945b089356e3bbc6b0130c5d1dc161dafebd50d9a23bde1f
b22313fd719ae7c104f6bc4be142ffb0b9d2f5c604ab92163ec18a628927ce99
b4ab3afc167a24f795563b7a51fae8dfbe6efc232ccb2e2add52dacc59cec3e3
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bd0866deb5934004ec5b7a098ad3f00d6503b56e2f827d3da0127642435ce865
bd846ebfe2fb654a6c2d527f20e2ec6e316762fc226758e8806f83df3de9cef4
be179064ea488f96ac9242fdab63163a0bda999530f26dbc0dae0365d3bae384
be49abc7cfa20499a544dc96aa661758db5dfb8e97f8c7e6353c676f2829faab
bed8cd9c13453f3edfce69245af17ba5d36cb3a980035f2618ecc1c729a60d9a
bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2
c06ce0931158e05fc9fdc5d2523eb66db7b669a6ab822badbf633963ed2ed2e4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2260a0c10c2fa8903fab19e7b218e5727e4e2ab04b5a68fec7fa9a2a0753a77
c25e9541d182dc47f8bb6b76c8940a726ae986c0fdd646a5e0f52f9b7a17f1a5
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c52e316bc820dbe88113107b1f279a42a2bcf974329ebe5cc4aca675e4f8cf6d
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6459f5c8dc1dc1bd6581f0517d67b3d55c143cc419615d4ab772b2b3f24a2c4
c68277ab847bf67223fc2a789cc228540926e41dc9248f14247f3f9215863931
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
c75f65c26c8627f92d561c1574e598ce07ccfae2f3f19cb24b59437f95658259
c77f2497c42c0cf38e4ccf810e651391cbceecd15ae2b8f62e17ebf4524086ab
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cc6cae2704f6c478ba70ac31adf61202eb08db8391db37ad4958b7ec2137e729
cc81d606714209f254fdcc5545fd38428ef3e1bbf1f2518a54b740e915730625
ccee38a4d8b7f8fccf4de7fd7e293957dbc8866f65a0655aee9d3a08c4f744a0
cd83cd33926b9a10ac9cbaa0ee10a5a8044a1c1fedeaa843adb4e14f55dd662f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06ac9d723f8a20b2851b8c90aefda827ef956ed5db057a2a68840f82e691cee
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d11b07859fd9c556a2e9382897ff4d5bb2a811327a3f75e95b071f6804d3f52c
d362b60418a5963fe304088ba49ebdc91d1a9279c47ae8a044ddfbee6f52eccd
d3c25479d7c2977020822fb709b73ef277fe1bdf7d18ae1cd15af9f8c097e504
d59c24b766c8088486b920c1c36e1b3576cd415528dc01a486d3d97c776a2c8b
d819c4cdaca45bfe752b1e17f87b08a8410b4d0ebf7346df6755577b58836c58
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
dd50088ddee3d663d0a5fa745b9a24a139398fef46685aef75987a881ddf2523
ddae76a3a53d98e6150666e1b1f5b6ec9ce3a510e42e837754c6c9eac60eaf3f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561
df2f130ebaf879966d5e5e8e8623f57a217befe98549db88445fea1e2e1a5797
dfc12c29162b99e4a927aff9953377d25b518708e25325f8531cfe06e640617c
e045b6be24a6a2c486658ec57e45cf48da1658fa0c3d7089e26feee8d9d3cbf2
e17ae17f90ae983832f3709e67de0f7902fe1014568410534615235a158d7af0
e362a1e3d92a5cbd936c2ae0460c62af5f231a2edadd05034e13e6b0ee9b1f81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41043312451f9bc9bd77243c2a9a93bfdaefcfd753305bc33b59c882d2d9255
e54019ff3642cdcccd80395a23daee6b3e1e858fa7f5d325cd8d48ad5e0ae171
e6017bdf5d16d3357b1bf6848ef88af9389a7cb3b4e54f5a8a276676bb0efb65
e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96
e8b1c97f08cbb36be46f8ef6b2c5b3ad7db42486dfc85bbc24423f21ac704601
e8e54bc072a8bf015d5e4a075a0d1e1b6bfd09e23494ddd954cdd780e9c9daca
e967b443105b8c6befd08389ab5700a674d0fe3688fe230176bf7cc5788066ad
e9ef23fd1f9e6a6b36dfff1d7569c2f51699f57ffbe865154a67a2ccb9d315da
ea7090040ec52217a86123afd1f0b104d6b63537ae200cb0d1e136561345b678
ed51c137c8b3e47674448db8f2d537ef5a3f98e2fbc8a44d5e3cd65262e9da7d
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef0d249dc936347009f4fbffe05e5adb2f14566149dfd74d916adc4b6b9ab84c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f2bc1cfc0d06bfa0724ee1d6a512b42282016d2c078e9d8058c26f8fb85bfd45
f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f9b0195ab22815c68db0b05e89abfc88fcb0b46b8b9a28d70ca731f17e07053e
f9c0d2edd6b9f155d27006421ca61b87746dde42c4caad0cde8c6356567d2871
fb6bc519670fd86509a258100db040fef5c526ebbe4090d0b237702879e3590e
fc74afe4144289e584fc7079b556579721f4ab11c2a918ce17bb3da10e192a8c
fcd9b5232e83a460316b49b7ae2c1bd73222f00167bc9b70adda941919c6be1a
fd3fd10ff4c1c86e996dd285410125e894120ee2391b97bd5156deef315ea2f7
ffe92d430d48aca98f3401f9743e725b09f0ae823c9bd0acf48022ae236fea61

www.gmanetwork.com Open in urlscan Pro 99.86.3.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

647 Requests

91 %HTTPS

37 %IPv6

83 Domains

140 Subdomains

105 IPs

10 Countries

12049 kBTransfer

36737 kBSize

1 Cookies

12 Outgoing links

Page URL History

Redirected requests

647 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gmanetwork.com Open in urlscan Pro
99.86.3.122 Public Scan

Screenshot
Live screenshot

Full Image

647
Requests

91 %
HTTPS

37 %
IPv6

83
Domains

140
Subdomains

105
IPs

10
Countries

12049 kB
Transfer

36737 kB
Size

1
Cookies

647 HTTP transactions
14 data transactions