www.gmanetwork.com Open in urlscan Pro
2600:9000:223e:3800:d:a120:a940:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Submission: On February 14 via manual (February 14th 2024, 1:36:04 am UTC) from PH — Scanned from DE

Summary HTTP 211 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 66 IPs in 9 countries across 43 domains to perform 211 HTTP transactions. The main IP is 2600:9000:223e:3800:d:a120:a940:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.gmanetwork.com. The Cisco Umbrella rank of the primary domain is 262985.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 2nd 2023. Valid for: a year.

This is the only time www.gmanetwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2600:9000:223... 2600:9000:223e:3800:d:a120:a940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.131.52 151.101.131.52	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4	2600:9000:275... 2600:9000:275b:1800:c:3460:340:93a1	16509 (AMAZON-02) (AMAZON-02)
2	223.119.20.22 223.119.20.22	58453 (CMI-INT-H...) (CMI-INT-HK Level 30)
1	150.136.157.133 150.136.157.133	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	184.30.17.133 184.30.17.133	16625 (AKAMAI-AS) (AKAMAI-AS)
4	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
10	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	188.65.124.90 188.65.124.90	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
54	18.172.112.11 18.172.112.11	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3120::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
1	18.142.13.103 18.142.13.103	16509 (AMAZON-02) (AMAZON-02)
1	34.107.231.31 34.107.231.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	141.147.81.223 141.147.81.223	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
10	18.245.86.80 18.245.86.80	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	23.32.101.241 23.32.101.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1	188.65.124.58 188.65.124.58	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1	2600:9000:276... 2600:9000:2761:200:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.30 99.86.4.30	16509 (AMAZON-02) (AMAZON-02)
1	2.23.78.67 2.23.78.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:246e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:266... 2600:9000:266e:6400:1a:ba5c:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.216.166.217 54.216.166.217	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:e8a... 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:9a4::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:264... 2600:9000:2646:6800:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	13.32.99.88 13.32.99.88	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:b400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	52.204.36.237 52.204.36.237	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:200... 2a04:4e42:200::714	54113 (FASTLY) (FASTLY)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	13.250.151.100 13.250.151.100	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
6	2600:9000:272... 2600:9000:2724:c800:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.173.205.41 18.173.205.41	16509 (AMAZON-02) (AMAZON-02)
1	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	23.53.42.107 23.53.42.107	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	3.66.124.228 3.66.124.228	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.121.95 13.32.121.95	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	70.42.32.191 70.42.32.191	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	34.111.79.67 34.111.79.67	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	43.129.34.52 43.129.34.52	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
211	66

2 2600:9000:223e:3800:d:a120:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.gmanetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.131.52 (United States)

ASN54113 (FASTLY, US)

rtbcdn.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbpass.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:275b:1800:c:3460:340:93a1 (United States)

ASN16509 (AMAZON-02, US)

aphrodite.gmanetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 223.119.20.22 (Hong Kong)

ASN58453 (CMI-INT-HK Level 30, Tower 1, HK)

scripts.jixie.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.157.133 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

gma.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.30.17.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-133.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.90 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com

geo.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 18.172.112.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-11.fra60.r.cloudfront.net

images.gmanetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::9 (United States)

ASN13335 (CLOUDFLARENET, US)

rtbdemand.apiip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.142.13.103 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-13-103.ap-southeast-1.compute.amazonaws.com

prebid.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com

p.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.147.81.223 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.245.86.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-80.fra60.r.cloudfront.net

images.gmanews.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.32.101.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-101-241.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.58 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ebed1.dm.gg

pebed.dm-event.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2761:200:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.78.67 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-78-67.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266e:6400:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

rock.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.216.166.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-166-217.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

flint.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:9a4::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2646:6800:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.32.99.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-88.fra60.r.cloudfront.net

data2.gmanetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:b400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.36.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-36-237.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.250.151.100 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-151-100.ap-southeast-1.compute.amazonaws.com

ads.allaccess.com.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2724:c800:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.205.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-41.fra56.r.cloudfront.net

related.gmanews.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.53.42.107 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-107.deploy.static.akamaitechnologies.com

static-tagr.gd1.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.124.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-124-228.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-95.fra60.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.79.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.79.111.34.bc.googleusercontent.com

ph-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.129.34.52 (Jakarta, Indonesia)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

traid.jixie.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	gmanetwork.com www.gmanetwork.com — Cisco Umbrella Rank: 262985 aphrodite.gmanetwork.com — Cisco Umbrella Rank: 252940 images.gmanetwork.com — Cisco Umbrella Rank: 305436 data2.gmanetwork.com — Cisco Umbrella Rank: 439306	767 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	337 KB
11	gmanews.tv images.gmanews.tv — Cisco Umbrella Rank: 271909 related.gmanews.tv — Cisco Umbrella Rank: 446032	4 MB
10	youtube.com www.youtube.com — Cisco Umbrella Rank: 80	1 MB
9	sharethis.com ws.sharethis.com — Cisco Umbrella Rank: 14456 l.sharethis.com — Cisco Umbrella Rank: 5050 count-server.sharethis.com — Cisco Umbrella Rank: 11221	93 KB
8	moatads.com z.moatads.com — Cisco Umbrella Rank: 814 mb.moatads.com — Cisco Umbrella Rank: 1066 px.moatads.com — Cisco Umbrella Rank: 660	146 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 jnn-pa.googleapis.com — Cisco Umbrella Rank: 230	50 KB
7	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 stats.g.doubleclick.net — Cisco Umbrella Rank: 113 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 static.doubleclick.net — Cisco Umbrella Rank: 271	168 KB
7	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2032 widget-pixels.outbrain.com — Cisco Umbrella Rank: 4356 mv.outbrain.com — Cisco Umbrella Rank: 2559 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 7261	107 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2400 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 659	139 KB
6	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 11134 log.outbrainimg.com — Cisco Umbrella Rank: 3196 images.outbrainimg.com — Cisco Umbrella Rank: 2775	34 KB
4	allaccess.com.ph ads.allaccess.com.ph — Cisco Umbrella Rank: 454727
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 303 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 624	78 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	275 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2000 www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1739 mab.chartbeat.com — Cisco Umbrella Rank: 2777	26 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1729 a.ad.gt — Cisco Umbrella Rank: 1979	5 KB
3	defybrick.com rock.defybrick.com — Cisco Umbrella Rank: 10092 flint.defybrick.com — Cisco Umbrella Rank: 9159	20 KB
3	andbeyond.media rtbcdn.andbeyond.media — Cisco Umbrella Rank: 34344 prebid.andbeyond.media — Cisco Umbrella Rank: 47466 rtbpass.andbeyond.media — Cisco Umbrella Rank: 57996	175 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5654	515 B
2	mookie1.com static-tagr.gd1.mookie1.com — Cisco Umbrella Rank: 64329 ph-gmtdmp.mookie1.com — Cisco Umbrella Rank: 362642	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	89 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1423 pixel.quantserve.com — Cisco Umbrella Rank: 1207	10 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 961 id5-sync.com — Cisco Umbrella Rank: 442	26 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1113 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1084	12 KB
2	jixie.media scripts.jixie.media — Cisco Umbrella Rank: 31057	88 KB
1	jixie.io traid.jixie.io — Cisco Umbrella Rank: 29335
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 102	54 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1001	278 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1396	201 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1404	1 KB
1	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1581
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1918	10 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1180	17 KB
1	geoedge.be wrappers.geoedge.be — Cisco Umbrella Rank: 22327	4 KB
1	dm-event.net pebed.dm-event.net — Cisco Umbrella Rank: 9278	363 B
1	adlooxtracking.com p.adlooxtracking.com — Cisco Umbrella Rank: 24034	4 KB
1	apiip.net rtbdemand.apiip.net — Cisco Umbrella Rank: 25081	431 B
1	dailymotion.com geo.dailymotion.com — Cisco Umbrella Rank: 8187	15 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 353	2 KB
1	gscontxt.net gma.gscontxt.net — Cisco Umbrella Rank: 390072	159 B
0	spotxchange.com Failed sync.search.spotxchange.com Failed
211	43

	Domain	Requested by
54	images.gmanetwork.com	www.gmanetwork.com
10	images.gmanews.tv	www.gmanetwork.com
10	www.youtube.com	www.gmanetwork.com www.youtube.com images.gmanetwork.com
9	data2.gmanetwork.com	images.gmanetwork.com
9	fonts.gstatic.com	fonts.googleapis.com www.youtube.com www.gmanetwork.com
6	ws.sharethis.com	images.gmanetwork.com ws.sharethis.com
4	jnn-pa.googleapis.com	www.youtube.com
4	px.moatads.com	www.gmanetwork.com
4	ads.allaccess.com.ph	images.gmanetwork.com
4	www.googletagmanager.com	www.gmanetwork.com www.googletagmanager.com
4	aphrodite.gmanetwork.com	www.gmanetwork.com aphrodite.gmanetwork.com
4	fonts.googleapis.com	www.gmanetwork.com aphrodite.gmanetwork.com
3	images.outbrainimg.com	www.gmanetwork.com
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	rtbcdn.andbeyond.media c.amazon-adsystem.com
3	widgets.outbrain.com	www.gmanetwork.com
3	z.moatads.com	www.gmanetwork.com z.moatads.com images.gmanetwork.com
2	mcdp-nydc1.outbrain.com	widgets.outbrain.com
2	log.outbrainimg.com	widgets.outbrain.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	www.google.com	www.gmanetwork.com www.youtube.com
2	www.google.de	www.gmanetwork.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	l.sharethis.com	ws.sharethis.com www.gmanetwork.com
2	securepubads.g.doubleclick.net	www.gmanetwork.com securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com	connect.facebook.net
2	connect.facebook.net	images.gmanetwork.com connect.facebook.net
2	static.chartbeat.com	images.gmanetwork.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	flint.defybrick.com	rock.defybrick.com www.gmanetwork.com
2	scripts.jixie.media	www.gmanetwork.com scripts.jixie.media
2	www.gmanetwork.com	images.gmanetwork.com
1	traid.jixie.io	scripts.jixie.media
1	ph-gmtdmp.mookie1.com	www.gmanetwork.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	count-server.sharethis.com	ws.sharethis.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static-tagr.gd1.mookie1.com	images.gmanetwork.com
1	mv.outbrain.com	widgets.outbrain.com
1	related.gmanews.tv	images.gmanetwork.com
1	id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	a.ad.gt	cdn.hadronid.net
1	pixel.quantserve.com	www.gmanetwork.com
1	mab.chartbeat.com	static.chartbeat.com
1	ping.chartbeat.net	www.gmanetwork.com
1	region1.google-analytics.com	www.googletagmanager.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	images.gmanetwork.com
1	s.go-mpulse.net	images.gmanetwork.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	rock.defybrick.com	widgets.outbrain.com
1	cdn.id5-sync.com	www.gmanetwork.com
1	cdn.hadronid.net	www.gmanetwork.com
1	tags.crwdcntrl.net	www.gmanetwork.com
1	secure.cdn.fastclick.net	www.gmanetwork.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	wrappers.geoedge.be	rtbpass.andbeyond.media
1	pebed.dm-event.net	geo.dailymotion.com
1	widget-pixels.outbrain.com	www.gmanetwork.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	mb.moatads.com	z.moatads.com
1	rtbpass.andbeyond.media	rtbcdn.andbeyond.media
1	p.adlooxtracking.com	rtbcdn.andbeyond.media
1	prebid.andbeyond.media	rtbcdn.andbeyond.media
1	rtbdemand.apiip.net	rtbcdn.andbeyond.media
1	geo.dailymotion.com	www.gmanetwork.com
1	cdn.jsdelivr.net	www.gmanetwork.com
1	gma.gscontxt.net	www.gmanetwork.com
1	rtbcdn.andbeyond.media	www.gmanetwork.com
0	sync.search.spotxchange.com Failed	www.gmanetwork.com
211	74

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
chats.viber.com
www.outbrain.com
careers.gmanetwork.com

Subject Issuer	Validity	Valid
*.gmanetwork.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-02` - `2024-06-10`	a year	crt.sh
andbeyond.media Certainly Intermediate R1	`2024-02-08` - `2024-03-09`	a month	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.jixie.media Sectigo RSA Organization Validation Secure Server CA	`2023-09-15` - `2024-08-18`	a year	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2023-11-09` - `2024-12-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.dailymotion.com ZeroSSL ECC Domain Secure Site CA	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
apiip.net Cloudflare Inc ECC CA-3	`2024-01-11` - `2024-12-31`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.andbeyond.media Starfield Secure Certificate Authority - G2	`2023-02-14` - `2024-03-17`	a year	crt.sh
p.adlooxtracking.com GTS CA 1D4	`2024-01-10` - `2024-04-09`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
*.gmanews.tv Amazon RSA 2048 M01	`2023-04-27` - `2024-05-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-03` - `2025-01-03`	a year	crt.sh
*.dm-event.net ZeroSSL RSA Domain Secure Site CA	`2023-12-18` - `2024-03-17`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
hadronid.net GTS CA 1P5	`2024-01-31` - `2024-04-30`	3 months	crt.sh
rock.defybrick.com Amazon RSA 2048 M01	`2023-04-09` - `2024-05-08`	a year	crt.sh
*.defybrick.com ZeroSSL ECC Domain Secure Site CA	`2024-01-02` - `2024-04-01`	3 months	crt.sh
id.hadron.ad.gt E1	`2024-01-27` - `2024-04-26`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-23` - `2024-02-21`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
a.ad.gt E1	`2024-02-12` - `2024-05-12`	3 months	crt.sh
*.allaccess.com.ph Amazon RSA 2048 M01	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
ak-dvsan01.mookie1.com R3	`2024-01-08` - `2024-04-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.jixie.io Sectigo RSA Organization Validation Secure Server CA	`2023-05-14` - `2024-06-13`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Frame ID: 78F20270FDECD7CE008479BF0395E9B4
Requests: 185 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: E43E5AF58BFF943FF8DC2BA6640BCF49
Requests: 1 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/FG65A-Y848M-3TACG-B2LGY-Y72BW
Frame ID: 18599A08D17708FEBFE7FF7E718972B0
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/uuiFWAtXJC4?embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22344684475%2FGNO_Web_YTP_Instream%22%2C%22cust_params%22%3A%22kv1%3Dx%2526kv2%3Dy%22%2C%22pp%22%3A%22z%22%7D%7D%7D
Frame ID: ED598F27F64840E381F857915EC007F2
Requests: 20 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e55009a66343e3d%26domain%3Dwww.gmanetwork.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ffdf7adeb961e4db22%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720
Frame ID: 1CA5A6D2E1437F940EF5ED9EFA5C3244
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure/index.html
Frame ID: D42057B078CCAAD24DE7852B014FC4E7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

QC auto spa ordered closed anew due to numerous violations | GMA News Online

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

211
Requests

99 %
HTTPS

52 %
IPv6

43
Domains

74
Subdomains

66
IPs

9
Countries

7819 kB
Transfer

15348 kB
Size

20
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/gmanews

Search URL Search Domain Scan URL

URL: https://twitter.com/gmanews

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gmanews

Search URL Search Domain Scan URL

URL: https://www.youtube.com/gmanews

Search URL Search Domain Scan URL

URL: https://chats.viber.com/gmanews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gmanews/

Search URL Search Domain Scan URL

URL: https://twitter.com/gmanews/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gmanews/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/gmanews/

Search URL Search Domain Scan URL

URL: https://chats.viber.com/gmanews/

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: https://careers.gmanetwork.com/
Title: Careers

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 172

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

211 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ 289 KB
57 KB 1186ms
633ms Document
text/html 2600:9000:223e:3800:d:a120:a940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:3800:d:a120:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: eqmod_httpd v1.0 (author: mon sarmiento) /
Resource Hash: e611628273f9dc5ef47c6b9cd7904f7241eb8d8c12065d0ffc48b03229b96059

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With
access-control-allow-methods: POST, OPTIONS, GET, PUT
access-control-allow-origin: www.gmanetwork.com
access-control-max-age: 1
cache-control: max-age=120, public
content-encoding: gzip
content-length: 57209
content-type: text/html; charset=UTF-8
date: Wed, 14 Feb 2024 01:35:56 GMT
etag: "1707902903"
p3p: CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
server: eqmod_httpd v1.0 (author: mon sarmiento)
vary: Accept-Encoding
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-id: tIIOOtpnbYV6zkLawJE5vK1nGnnEoMYHUuyY9MYMNucSRg_UqrnFew==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-elapsed-time: 246 microseconds

GET
H2 200 prod-global-179580.js Show response
rtbcdn.andbeyond.media/ 207 KB
28 KB 36ms
7ms Script
text/javascript 151.101.131.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19d57cd45b650fe883da218168a6f1c95d27fad33ec4adbe547066b62ff40e87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: wMIXuiYnFiLqnBhEVEWFnghqbR3NSZdB
content-encoding: br
via: 1.1 varnish
date: Wed, 14 Feb 2024 01:35:57 GMT
x-amz-request-id: 0TFDQBC0DJXC2VKQ
age: 25
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 27967
x-amz-id-2: jhfmtH+VUAuC2maJnXFZyS5P8gKoWY6prRxEror6/gQIM/VisjlSL5el1Y7XfjRVM7ld/FWQRNI=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Tue, 13 Feb 2024 12:57:08 GMT
server: AmazonS3
x-timer: S1707874557.060479,VS0,VE1
etag: "04e1b4f214bd735fd0d8641fb5bf6a62"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 38ms
18ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=PT+Sans%7CLato:300,400,700%7CUbuntu:300,400%7CSource+Sans+Pro:400,600%7CUbuntu+Condensed%7COswald:400,300,700&display=swap

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a61b671c4f0058b9fe9e1b885ce530a086a9af2a2a008fa693f2a225a3798620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 01:35:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Feb 2024 01:35:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 51 KB
3 KB 36ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,500&display=swap

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9245fbcbac2eb5855dedaec1d1dce1e6685517965b2595c364dcb0a1dcb06f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 01:35:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Feb 2024 01:35:57 GMT

GET
H2 200 header_style.css
aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/ 27 KB
5 KB 49ms
6ms Stylesheet
text/css 2600:9000:275b:1800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:1800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 378d1668b3f15aeed82f6b1ccf730361134e41f8902dac2d97d66a93cedd9af9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 4f2a14569b371893f3851a804b6ae8dc.cloudfront.net (CloudFront)
date: Wed, 14 Feb 2024 01:34:36 GMT
last-modified: Tue, 25 Jul 2023 07:30:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 82
etag: W/"24b9c720576e0d681d6534f6ac0d817c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=120,public
x-amz-cf-id: 67xa7_D931CT6RnCr_BsMoH35LfmyaVXZz3Bjs5anWZhkHZIi09I3g==

GET
H2 200 jx-GM31180lY1Ap.min.js Show response
scripts.jixie.media/onescript/GM180iIHc4/ 196 KB
74 KB 2558ms
197ms Script
text/plain 223.119.20.22
CMI-INT-HK Level 30

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.jixie.media/onescript/GM180iIHc4/jx-GM31180lY1Ap.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 223.119.20.22 , Hong Kong, ASN58453 (CMI-INT-HK Level 30, Tower 1, HK),
Reverse DNS
Software: openresty /
Resource Hash: 57b48dbd18b3dbc898b73febff1dd1fe26d7e652dd3e932ba8a7478d47c8390b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 14 Feb 2024 01:35:59 GMT
x-amz-version-id: K5czFvIWRlJFsJ41Vuv5GJ.Kn7U5i5Qv
via: EA-SGP-EDGE1-CACHE8[3],EA-SGP-EDGE1-CACHE7[0,TCP_HIT,0],EA-SGP-GLOBAL1-CACHE10[7],EA-SGP-GLOBAL1-CACHE20[0,TCP_HIT,1]
x-ccdn-cachettl: 2592000
content-encoding: gzip
x-amz-request-id: Y7VDKVRT2JV4QCKN
age: 12614097
x-amz-server-side-encryption: AES256
x-amz-id-2: 0fJoXJsLPRgXPawYb/l0bdur5GZc0JOhzGioH8rWX99FY8pjD01xhGhAb4U1PQHTonPGIAFoEXQ=
last-modified: Thu, 21 Sep 2023 01:40:53 GMT
server: openresty
etag: W/"d31dfc80a1b5a6169b1032e2f4dac1a0"
x-amz-meta-x-amz-meta-updatedat: 2023-09-21T01:40:52Z
x-amz-meta-x-amz-meta-createdat: 2022-11-10T03:54:19Z
access-control-max-age: 86400
content-type: text/plain
access-control-allow-origin: *
x-ccdn-expires: 345991
x-hcs-proxy-type: 1

GET
H/1.1 200
OK channels.cgi Show response
gma.gscontxt.net/multizone/ 82 B
159 B 587ms
97ms Script
application/javascript 150.136.157.133
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://gma.gscontxt.net/multizone/channels.cgi?url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.136.157.133 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 90a858f656ab38529939ca7b252bd6b56629d4b70733f807afe73e5a37ee9732

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 82
Content-Type: application/javascript

GET
H2 200 polyfill.min.js Show response
cdn.jsdelivr.net/npm/promise-polyfill@8/dist/ 4 KB
2 KB 32ms
14ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e555151e63c492ea4f05ecedbcaf488acecfdf147d814e1920bcef9b028968ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26650
x-jsd-version: 8.3.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230076-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1132-XysC4a2Vt+mONL0o6U+bsaeRjIc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGV2kmQGAEtSjCJQ3nGWMO0tWrDzPhCjnXfc5VMT3%2F4KclAamxCpyYID3czq7%2BM1m%2BzYi821OZQtxWl9EwkXXr7Q2Lx5zAP8r%2FoB%2F1YaQvQiX5Y9nPl9s22k7cmqTNfdImBMRQBEWt5snO8k7rQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 855193cdbfcd5d49-FRA

GET
H2 200 moatheader.js Show response
z.moatads.com/gmanmigamheader860109928859/ 245 KB
86 KB 35ms
7ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/gmanmigamheader860109928859/moatheader.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8f3ffeabfe6d704340f8bab669a80638cd798aca07f4c86825ad4bf946465bb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 10:57:24 GMT
server: AmazonS3
x-amz-request-id: KBN00QGH384QBESY
etag: "402436d33a9308ffb94a4bb71a54486c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=8400
accept-ranges: bytes
content-length: 87250
x-amz-id-2: INhvKuuvizn9JIPYyQ8bRNVO33zpSxMQYkqb7nYugv8RecJV1sL0RlMNMJATstOPguJLqn95WqU=

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 235 KB
85 KB 31ms
8ms Script
application/x-javascript 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.outbrain.com/outbrain.js

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-67.deploy.static.akamaitechnologies.com

Software

Resource Hash

81e933580a3972c8e2675dea81274daba17c0de1d14ab3d14af31707408505e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 14 Feb 2024 01:35:57 GMT
edge-cache-tag: widget-cheetah
x-traceid: a1b95b130a932f78c29399b6fd2b0f94
content-length: 87059
last-modified: Tue, 13 Feb 2024 11:56:59 GMT
etag: "22-Ct1IX6l40b1pL51w8lQXR1JT+Vk"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14500
access-control-allow-credentials: false
timing-allow-origin: *, *
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 player_api Show response
www.youtube.com/ 993 B
2 KB 45ms
22ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a08b83be0a016087653926673ec3cb72c2403c76c2347d2d2b9a0f61bd8cdde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 14 Feb 2024 01:35:57 GMT

GET
H/1.1 200
OK xbdlq.js Show response
geo.dailymotion.com/libs/player/ 36 KB
15 KB 96ms
41ms Script
application/javascript 188.65.124.90
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.dailymotion.com/libs/player/xbdlq.js

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

fp.dc3.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

4b49718afb921870c9048afce0d2b11f0a4bf495229341171e95f3f315cdc3d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Date: Wed, 14 Feb 2024 01:35:57 GMT
Server: DMS/1.0.42
Strict-Transport-Security: max-age=31708800; includeSubDomains; preload
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary: X-DM-SSL, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store
Server-Timing: total;dur=17, dc;desc="dc3"
Timing-Allow-Origin: *
Link: <https://www.dailymotion.com>; rel="preconnect"; crossorigin="use-credentials", <https://static1.dmcdn.net>; rel="preconnect"; crossorigin="anonymous"
Content-Length: 13485

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 138 KB
53 KB 37ms
14ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-242242-2

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f712e229afbf5a77a0c52ac18990acb967632d4dc135d1c66f0f779cc89b2563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 53712
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Feb 2024 01:35:57 GMT

GET
H2 200 ent_header.gz.js Show response
images.gmanetwork.com/res/dist/js/ 49 KB
12 KB 89ms
35ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/ent_header.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ae6776bf90ca6f32dd483122e4a8a471c408d8ef5ac1fc15b36df84d97950d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Thu, 04 Jan 2024 06:37:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "83bbc7a1993ade5a3059e5ea571f6f50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 11471
x-amz-cf-id: HsF8fypatW5JCSVy9ha1DaHBZran3L6uf5VFvfxBm1wM_KrDDjS-Bg==

GET
H2 200 initial.gz.js Show response
images.gmanetwork.com/res/dist/js/ 661 B
744 B 400ms
346ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/initial.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bd5c300f9b36036a0be212fdb9a6184a192b5559d7d362760741e9c98cbd2d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:58 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
etag: "a0904724f9990fa3efa782debd05938b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 374
x-amz-cf-id: FHEuS1N3pL3jxoCiN8tyUlbj2Hbw30obbdwxnGM_SCLE12FQowAkHg==

GET
H2 200 ie-emulation-modes-warning.gz.js Show response
images.gmanetwork.com/res/dist/js/btstrap/ 613 B
784 B 92ms
38ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/btstrap/ie-emulation-modes-warning.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3c25479d7c2977020822fb709b73ef277fe1bdf7d18ae1cd15af9f8c097e504

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 2
etag: "d0b1287945ea7c5741f4d891f3f99a14"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 413
x-amz-cf-id: EWPz12a-s1bx-4n_U9MTPH4j-vyxW2t6JMe-DXd5M0wUsVk3pvB9qw==

GET
H2 200 global.gz.js Show response
images.gmanetwork.com/res/dist/js/ 12 KB
5 KB 92ms
38ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/global.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a917d7ca238e43edbb43e61a7a1b3fa945b7ccfe6d9d1f42172b205ca7ef1372

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Fri, 02 Feb 2024 02:56:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
etag: "7a0ded3fb179c29edd0934aa839f1fdc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 4356
x-amz-cf-id: 8u0yv1SoWe9zjPDkZAj9L0dfF3XtHNRlV69cwWpJyOMvJfxmIn_QaQ==

GET
H2 200 jquery-ui.gz.js Show response
images.gmanetwork.com/res/dist/js/ 221 KB
59 KB 78ms
24ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/jquery-ui.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 139da75dd27ce3e72eb0511df6e68f3a42e8db2b96effb3750a27e2e3dd3167a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "52e78d37681ee33eae74a7f4aaccf156"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 60002
x-amz-cf-id: mhFSW4FB1PF_E73rvxnrNxamIv-eF4c3GSDQybMOsrZvqjXzcJpC6A==

GET
H2 200 lazyload.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 3 KB
2 KB 100ms
46ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/lazyload.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afbfe8e368a2051af8391ea4c832a3d1e6784c254621e2bedf3e20b241164fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "6c8c58544dcd8ee4a36636932e1d7f03"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 1228
x-amz-cf-id: BUaYYRo-vKRWdRv9SpJyxVZnyGsCEkcaC-RL-mthFF4_-nOJ8H60Og==

GET
H2 200 jquery.dotdotdot.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 6 KB
3 KB 75ms
21ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jquery.dotdotdot.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d362b60418a5963fe304088ba49ebdc91d1a9279c47ae8a044ddfbee6f52eccd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:05:07 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 3717051
etag: "23187f90b135cadaa3dc2b263b1a2d95"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
content-length: 2344
x-amz-cf-id: 2yywqYQIp0lF4CT3hX3yp4Dmcx-Qbqq-dFZyI5ZjUYOxfFlLcwx5bg==

GET
H2 200 jquery.marquee.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 4 KB
2 KB 74ms
20ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jquery.marquee.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05c173701f520cc53fcf2fba4ea74aa600c4daf76ee7d7fc321c1f00c7097603

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 22:51:45 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 2515453
etag: "96777112f18ddab19b5d705e540d11a6"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
content-length: 1757
x-amz-cf-id: OgqX4_ROFIZyF-A4qunO0JaNruscHqoVD6ZjqLQz94dsGd5qIxzUeA==

GET
H2 200 jquery.mousewheel.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 2 KB
1 KB 73ms
19ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jquery.mousewheel.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad09eb4f381f7bdd2df06a98dde61dd1a8d88c01170865914f972ceefcc45037

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 22:51:44 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 2515453
etag: "2c4a7416462a2b223ad71ff9e8ff9152"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
content-length: 1010
x-amz-cf-id: oa1k-FfqCgBU2BQJ_aL-0Tx4tQtNWR6l9MtNAWeWzS5q1E6xYqqWDA==

GET
H2 200 jscrollpane.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 14 KB
5 KB 67ms
13ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jscrollpane.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7cdbfc4262e966041c8dd26a5ba6996cff3991b180fd01f3d24f726ef4f780a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 2
etag: "ab258fa862227390b52a62195d46972d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 4738
x-amz-cf-id: pa3OxPLdBl_oZl52nvbd-gyEuF2bYg-wWdTTpRpisZ56cdBtMJunMw==

GET
H2 200 jstorage.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 8 KB
3 KB 76ms
22ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jstorage.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e362a1e3d92a5cbd936c2ae0460c62af5f231a2edadd05034e13e6b0ee9b1f81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 2
etag: "f2569b9f842b897a97a73d07a81855aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 2787
x-amz-cf-id: FXg-ojbBkHHc934lx_s-ekOmL7Ma-Mh1dcXpMEwIuSZC03Tg7z_LZQ==

GET
H2 200 jquery.ck.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 1 KB
1 KB 66ms
12ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/jquery.ck.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e9422dcae50c91ac6103d603a3621effc774cf7c3ba15916710963e742282a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 17:09:54 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1412764
etag: "d9612e2b59b4a48d85826ff33f235c62"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
content-length: 671
x-amz-cf-id: _ODSOL4QHGYCGUrOZAjJX8nhMwXApB9SLx8HF3S2PUQi3mvpnpIHMQ==

GET
H2 200 common_screen_sizes.gz.js Show response
images.gmanetwork.com/res/dist/js/ 935 B
606 B 82ms
28ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/common_screen_sizes.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6cf5572d330c48ded59c2e625cf42b167ccc4119b3d7391440c2defa931a8b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 2
etag: "6a56b88f7a042508379b392e7b8ff85b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 235
x-amz-cf-id: haR2Q9rLmpcfrGknBnXDJR9iDNnBcMTWn99uX2_sVl7bhWIn2RbqUw==

GET
H2 200 lazyload_initial.gz.js Show response
images.gmanetwork.com/res/dist/js/ 605 B
692 B 88ms
35ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/lazyload_initial.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80a67a582fed34d5f1c3a3cbd37d3fb1866c6f02cd05d9dac1cec59d97be1d07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "72abdb8733d48a8755ca7d962ddaf437"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 320
x-amz-cf-id: 6YSh726-TkpXhlQMXOmF2GApmJdEXn-Kg5HMhZMHGK79kq2yiNwJjQ==

GET
H2 200 gnoadscript.gz.js Show response
images.gmanetwork.com/res/dist/js/ 15 KB
3 KB 92ms
38ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/gnoadscript.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93cb662c97bc64a3dd58d587090d711213b3d60b0d938b9cade474edc3406f27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 2
etag: "6c4c035928a156fd88415a1e965c2fd5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 2863
x-amz-cf-id: aXVanM52GKNzv8Jnt-K1ELg9d4v_lEDbh1vpBdV0XhlRXh3thEh5Dg==

GET
H2 200 adsTracking.gz.js Show response
images.gmanetwork.com/res/dist/js/ 2 KB
936 B 81ms
27ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/adsTracking.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bc2947b3cb9aab23eb5ef3b20b4b80aec5d43f4d4c4ef0717d9a09570fdd3ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:25 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 50
etag: "7a7d7c893f5d199cd7bcfa08051b1736"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 563
x-amz-cf-id: bVg9WyP6WPYpZw15auLIXP_Sh_VnBQRJks-IFs9QOdmuJVlIdP1m0Q==

GET
H2 200 breaking_banner.gz.js Show response
images.gmanetwork.com/res/dist/js/widgets/ 7 KB
3 KB 76ms
23ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/widgets/breaking_banner.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4070c1c35c3cb4f19867416e6d9b56926099239caf027ad165fda5fd61c4d7fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "1d1b45e55e08d97da5f44b2138c4222c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 2243
x-amz-cf-id: n70ZEVINK0MtUAj-418rASkybFwMx_m1djlvd21HyiNrOgYohXPEtw==

GET
H2 200 moment.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 31 KB
11 KB 75ms
22ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/moment.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42396341ae3c3d0cc59c90dc48397115f409545f964e955b9deceabe50b9aecf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 2
etag: "dcbcfd006417f935220aaf4fefc0dbf7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 10811
x-amz-cf-id: ikvjSkHJLEa950pBTLVV2aBDnnSjBlxWwWyJUZCJ06wX75TROw0wMQ==

GET
H2 200 interactjs-1.10.11.gz.js Show response
images.gmanetwork.com/res/dist/js/plugins/ 126 KB
33 KB 60ms
7ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/plugins/interactjs-1.10.11.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ef1e5267f753165f8dd582205b3d562f90ff47bccbd2a6c81b22b557643ac0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 09:27:33 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 3254904
etag: "432140178d28229013f8f61d099665b2"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
content-length: 33584
x-amz-cf-id: sFL_nk5egYsYVYjaFpNwSkSvCjk7rxAMoI7jjtlmkCuzi_Z7EZfFbw==

GET
H2 200 moat_yield_intelligence.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 917 B
766 B 76ms
23ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/moat_yield_intelligence.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fe3c3849b8d63009dc4c89ff20e418ca4cea135043dd36551a9b9b2af3e41b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
etag: "c0c9e76c3a0e0af61d19913f15ce0cf0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 401
x-amz-cf-id: t4_wMDSKGnn6j8aX1Mq2qDXHkWyKwzSCxbsaWaTRDSTANkMPcK9_Nw==

GET
H2 200 dfp.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 8 KB
2 KB 76ms
23ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/dfp.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 397faf2cb8ca7f4200060d7a87c3d45ceec6cf9f3bd6ae5ab68fb4c65d1fdb80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "0e178943de2265854c5e315990f73b54"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 2034
x-amz-cf-id: Fgnz_pXP3-kXSN5u6tdnVjvK8I4RbNz76jP5jSKT-O_Z1fxSdGIr_w==

GET
H2 200 custom_analytics.gz.js Show response
images.gmanetwork.com/res/dist/js/ 4 KB
2 KB 77ms
25ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/custom_analytics.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 100e66bc02a8883892c409bca3cdeefe41eb0f5ad264f0b68aec211767649d31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Fri, 02 Feb 2024 02:56:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 2
etag: "da6c17432e2071f141162902827a3c04"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 1489
x-amz-cf-id: ut-ghuthbN8BjAnud21cHxAT171366CYsMDBCY9gayCFqpwHDQSxkw==

GET
H2 200 listen_new_ad_exec.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 927 B
830 B 91ms
38ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/listen_new_ad_exec.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 881c83b3b2713d24d5b5d0c45043c5c67e6b1c21a9fc821cab1b5223f3c654e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "401ea36561b2a3204d7f6b7459426de7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 460
x-amz-cf-id: ydKfeWzgHHyfODIp7clVviEjfnf5T0tbFYYi2NV2wyihEGsIsoA_RA==

GET
H2 200 moat_content_tag.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 3 KB
2 KB 90ms
37ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/moat_content_tag.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fcd9b5232e83a460316b49b7ae2c1bd73222f00167bc9b70adda941919c6be1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "110a899835a5f3a5cb56a201f68b16d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 1321
x-amz-cf-id: 7TYejEaPfGzWdSpymKmIeppBSdcNjdd5dfajiAbxGvyTLyMpunNCuA==

GET
H2 200 akamai.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 913 B
920 B 88ms
35ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/akamai.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1626bb546b447d9ef6b8772bae92b22e6613ef7b65b21444c7efe3437ef48677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "c890f68f1938f723f387406113068988"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 549
x-amz-cf-id: 4DuRTOmHJxW_6A4V_foqLhp_uAca55siJLjQCGxxNI9bA6gmEIbKog==

GET
H2 200 allianz_message_listener.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 1 KB
842 B 80ms
27ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/allianz_message_listener.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9ca5cfa847f2db04af493f6efa8cd2450766c592cb2b392a62bc69fde2dddcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 2
etag: "fed3c1ad368d872e3709c45a691ad403"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 471
x-amz-cf-id: SAkvNYZfPtSDFgy6yqv4wH0at-xUwzRBCyd7nwPdfyJ8nlDaIzUyrA==

GET
H2 200 quantcast.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 384 B
650 B 98ms
46ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/quantcast.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 233073d24ab74b28a2f0c051016d0ef42f03d4b57fdf1883874af69e19111edb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:58 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
etag: "1555f4fd6d768cced06ce939697387df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 284
x-amz-cf-id: 0NI8ABQs4aS_knWaFejnDp6rKYXXvjMnadpSp2TKbvMMrGXOvTTOHw==

GET
H2 200 chartbeat.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 1 KB
965 B 77ms
24ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/chartbeat.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00566b16120cfa6ce64b5ec855dcec47eb3c98b52269ec0cdc8aed082178f37f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Thu, 30 Nov 2023 09:05:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "c104cafd7549901df0d2535845c40668"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 594
x-amz-cf-id: 2DQh8jTlmjCqz3l_KaKcLbq0ndo9w-troEkNuzU6aexWDEz3rRHVhA==

GET
H2 200 facebook_sdk.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 645 B
783 B 76ms
24ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/facebook_sdk.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c42d6ce4f1cd8d3f0361d8b67c24f9024c7efe81bfbac8a7e399bd11a405a388

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "de956fcf62578549584eb0ff61a3858a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 411
x-amz-cf-id: UHgXZBd8Pwr4F72eJVB66hCkfIgoPRDN_S795C3u7pwkvSlAzgZwfw==

GET
H2 200 google_em_scripts.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 605 B
736 B 76ms
24ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/google_em_scripts.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e48cc4cf8eb3beb05c3bb4134506241bee34991f71e09f1189a2657d4cf049da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "55c35682aeb4fd41d459025c8bb04318"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 366
x-amz-cf-id: eIzp4BFu1auobNbPJ6TrCbCjKukasfue0RPG0EV-s07UtkkCVc76AQ==

GET
H2 200 _ie_notification.gz.js Show response
images.gmanetwork.com/res/dist/js/partials/ 1 KB
890 B 97ms
44ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/partials/_ie_notification.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89919930da4c7d0f027496907625bb5d97db45b07ca75582ca850b72cad1a44b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "da1fd73c18e6169b221d7a3d0e48154c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 519
x-amz-cf-id: lhSb6tO7VF3AmjqJr0XGYev4zX4zB8rHjFPw5EXL7j1GqwImuggQWw==

GET
H2 200 interstitial_ads.gz.js Show response
images.gmanetwork.com/res/dist/js/ads/ 679 B
699 B 80ms
28ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/ads/interstitial_ads.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e5018d5569c0c42f79e1e328bb38970d99db37f953c4f808914df067c48646cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "2ac61a1b8607a4c1c9996447c62584b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 330
x-amz-cf-id: OYoOr3PCoz-ncviLPlF_zHn3fW56TUC0v9kBmf2m-tL_lq8RIubu_g==

GET
H2 200 intermittent_pushdown_ad.gz.js Show response
images.gmanetwork.com/res/dist/js/ads/ 4 KB
2 KB 400ms
348ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/ads/intermittent_pushdown_ad.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f9a2bff15018aec511e0c6a329f05a8d32c32f05a300430ea98713470c4a6be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:58 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
etag: "e94df5521314e830907cdf8c6394fa1f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 1262
x-amz-cf-id: g5C1MWemfenyghuVDGVxmz0LcpuKWbvolS7BCOFVYx8oCdNkR7w6Ag==

GET
H2 200 permanent-url.gz.js Show response
images.gmanetwork.com/res/dist/js/ 1 KB
755 B 77ms
25ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/permanent-url.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad6f29ca8a46fd6ceea1d1ccbd28f0bcf41ae8193ca25369da72d1212bba73b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
etag: "dfdda34ffaa4fcbe720569b97afd7253"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 390
x-amz-cf-id: Hf29-cR2ptohEgYvH0_l-CyLADCXU_ZLfP5K48El5HO9d9Q-5HCmJQ==

GET
H2 200 header.gz.js Show response
images.gmanetwork.com/res/dist/js/ 2 KB
1 KB 80ms
28ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/header.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f52d80c8408e1a090992f244fb3a773dc504dbe0db6c2389becc92e69f69d995

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "a69b26c1ee7e99253ef6f4285ffa6eaf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 709
x-amz-cf-id: ULTEH7EHdJ0Bmegn2Nz6JcIG2dNOZtYSFjKc81bzGlnLY_KjAZrWvQ==

GET
H2 200 embeds.gz.js Show response
images.gmanetwork.com/res/dist/js/widgets/ 950 B
822 B 87ms
35ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/widgets/embeds.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 341675f90e0fb7952f3627756c96675d9689146ec3a574661e7a2ae4ae61c6f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 2
etag: "4f2f3854cfa9162e96b4a611aff1aa72"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 453
x-amz-cf-id: _YJKtS89eOnDF6qyR8C0uFb5AYlH0ii49p_aaUWDpiN6a7qUbr3wtQ==

GET
H2 200 cross_sell.gz.js Show response
images.gmanetwork.com/res/dist/js/consolidated/ 106 KB
27 KB 92ms
40ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/consolidated/cross_sell.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d97570f8a7a641dccd170a523ad6706ea3094f645607a21856ed85de5bd4eda8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Thu, 04 Jan 2024 06:37:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "271e9010b219140fb5db27a33e1e64ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 27180
x-amz-cf-id: 5aZF5u7OeA_8aLaexTwmx_q5ueiUM3fEleXIVJOncJQGvKVronozIA==

GET
H2 200 fab.gz.js Show response
images.gmanetwork.com/res/dist/js/widgets/ 2 KB
1 KB 79ms
27ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/widgets/fab.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 03a284c7bd7156ca8c83ee1d6ae74ecd32594ee6fa27b4638f7ad17561ea3f4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "68b193199e431f796c4ffa0d69ed8b35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 999
x-amz-cf-id: NSkbkiUpDxrsy6r80qsBAGpWRDpkuxZfD3KWeHF4vhQQ2TDjdYR0zA==

GET
H2 200 base_video_player_class.gz.js Show response
images.gmanetwork.com/res/dist/_modern_/js/commons/ 1 KB
780 B 75ms
23ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/_modern_/js/commons/base_video_player_class.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8655ae9f9f536c5a94a5d219a58c34300619c1cd9f462a941d9b15993b32e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Tue, 24 Jan 2023 06:13:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "6faeb32127f0ba87ce2bfb1bbb20e8e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 410
x-amz-cf-id: rK2r7xGcdhjQF6aU1BvI0_Qt357GRcXPqQP1JghLJTI8SgWSqI5-zQ==

GET
H2 200 dailymotion_player_v2.gz.js Show response
images.gmanetwork.com/res/dist/_modern_/js/third_party/ 2 KB
1 KB 97ms
45ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/_modern_/js/third_party/dailymotion_player_v2.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a96945fcf42fbe26503b3fce1f71fa301d6baf00630438f310806fd456b88407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Tue, 24 Jan 2023 06:13:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "1bb37cd82ea1a3b9170ae7761f3a5b2d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 727
x-amz-cf-id: -8L0zv0A_7fvt8YjTm-BYc2IFIErl9C8MDbOokDmPMeXbsftRgwszA==

GET
H2 200 story.e5c288b0b513d0b96a9ca15d55fd1cf9.gz.js Show response
images.gmanetwork.com/res/dist/js/consolidated/hash/ 335 KB
82 KB 66ms
14ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/consolidated/hash/story.e5c288b0b513d0b96a9ca15d55fd1cf9.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e56848bb3089ad58fecfd6308b584bfb7126318b86363d82b6d594f9d8bc6e84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 02:01:11 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jan 2024 02:00:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 2590487
etag: "b10f71dab7cd69792aaf12890b991411"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
content-length: 83951
x-amz-cf-id: EpH1kFFiRCqDrLBcmY8KMo2ty84SXf-Ndt965FjupV4HYbqepTjPEw==

GET
H2 200 check Show response
rtbdemand.apiip.net/api/ 235 B
431 B 170ms
138ms Fetch
application/json 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5&fields=countryCode,regionCode,regionName,city,timeZone,countryName
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: aabffac0c7414cfe4a30f58de0fa2c8d962a4b4bafa66bbc39f4738a616ce50a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"eb-mNvmZO56iifcCXVxVYbOxerowM4"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 855193cde9d29c10-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 287 KB
72 KB 37ms
7ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ef56a843eaeea072e78aa174bcb41ea0b4eacc38bb472f37cf8cb5d22108578

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:01:28 GMT
content-encoding: gzip
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
last-modified: Tue, 13 Feb 2024 20:28:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2070
x-amz-server-side-encryption: AES256
etag: W/"39a6e4e395af0da8e1832e836548faa1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 1U4MD1aH4vIaNq0uAd7mxLrB3zV68hEomHU8vZIJ1jxtscSEnT6MnA==

GET
H/1.1 200
OK impstats.php Show response
prebid.andbeyond.media/ 95 B
319 B 663ms
165ms XHR
text/html 18.142.13.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.andbeyond.media/impstats.php?aff=179580&type=pv&country=PH&device=DESKTOP
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.142.13.103 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-142-13-103.ap-southeast-1.compute.amazonaws.com
Software: Apache/2.4.56 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: e097ee7ea405b7343d7e1d514ce99a8d32e7dbdb3ea8943491fc8347fb03ed2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 14 Feb 2024 01:35:57 GMT
Server: Apache/2.4.56 (Amazon Linux) OpenSSL/3.0.8
Connection: keep-alive
Content-Length: 95
Content-Type: text/html; charset=UTF-8

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 8 KB
4 KB 33ms
5ms Script
text/javascript 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

08e17785e0ad9e0247e2c5035d48d6d58bff8fcd77cee72380f9e01e2889a1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 00:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 3288
etag: W/"ea97bcfeebc6da8cba2cc8cbb01e5a8a"
last-modified: Thu, 11 Jan 2024 17:36:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3550

GET
H2 200 prebid7.54.5-gma.js Show response
rtbpass.andbeyond.media/ 471 KB
147 KB 16ms
8ms Script
text/javascript 151.101.131.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 911f8bf5fc6e99e7009d8ba1a822dc5ad70706ea54edad681d285215693e5958

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: br
via: 1.1 varnish
x-amz-request-id: JTD0BS9D2S26N7H2
age: 24
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 149904
x-amz-id-2: OfN9RSDfRmU8s5Bjwsvw0ev5S4cPr60Mgupyh9M2+RsgWp1Mj5BLj7qE8FtQpn5/NDcF1Z3UaN0=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Mon, 23 Oct 2023 04:44:42 GMT
server: AmazonS3
x-timer: S1707874557.230246,VS0,VE2
etag: "1fd5a2c1c9ba61f181eb0ae2f44b465b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 css
fonts.googleapis.com/ 2 KB
583 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400&display=swap

Requested by

Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee5a19f2adbcdf4a0a99f8d686b323063d73eda1d9e3351bcc67017e59b7dadd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aphrodite.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 01:35:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Feb 2024 01:35:57 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 252 B
431 B 150ms
49ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MWfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-53F%2B%2B9kbmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-9jTEEAlWe0wLgg%3D%3D&sc=1&os=1-Qg%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&pcode=gmanmigamheader860109928859&rx=107787789400&callback=MoatNadoAllJsonpRequest_42706872
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/gmanmigamheader860109928859/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 3fa6bfe5ed0900edb16e4b506bbf1b848241ff4b8cfac86a5c616b85f18597e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
server: istio-envoy
etag: "9ebfcadf3aad4943b57d739780029be7862f3c43"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 25
timing-allow-origin: *
content-length: 252

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame E43E 1 KB
2 KB 19ms
6ms Document
text/html 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/gmanmigamheader860109928859/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://www.gmanetwork.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=1603
content-length: 1374
content-type: text/html
date: Wed, 14 Feb 2024 01:35:57 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
unused62: 8096267
x-amz-id-2: bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id: A3423FE5772816F0

GET
H2 200 gma_white.png
aphrodite.gmanetwork.com/assets/revamp/img/ 1 KB
2 KB 8ms
7ms Image
image/png 2600:9000:275b:1800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/img/gma_white.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:1800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8095e046d436d9957b442dad9827d0289469e91f12cd94f68ffc90198e3b4f31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: Z1a4KR1IgQCUibmGiK2ThFq69ie8hdZd
date: Wed, 14 Feb 2024 01:33:34 GMT
via: 1.1 4f2a14569b371893f3851a804b6ae8dc.cloudfront.net (CloudFront)
last-modified: Thu, 01 Feb 2018 07:44:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 144
etag: "e8749bb5058882d51032084665c54c4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=180
content-length: 1428
x-amz-cf-id: owbIVKRHgT57gVXgWjGhvbCu1C5YB0WjM_-BSaGfzUi45dmI1Mvshw==
x-amz-meta-s3b-last-modified: 20180201T034941Z

GET
H2 200 my_stream.png
images.gmanetwork.com/res/img/ 1 KB
1 KB 6ms
6ms Image
image/png 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanetwork.com/res/img/my_stream.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f1a21d182b937b569183172ed61bbc084ced8c79e0d1c0cea671f0221cf189b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:05:27 GMT
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Nov 2019 09:48:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 3717030
etag: "e17b32d7834a1eec803779a1dd2258de"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
content-length: 1056
x-amz-cf-id: 5KdgCoxlA3mY94OrvjL-VgJcUwb6DdnDPTBwnvI-YbFq7zAVkk3Zhw==

GET
H2 200 gno_logo_svg1.svg
images.gmanetwork.com/res/img/ 11 KB
5 KB 6ms
6ms Image
image/svg+xml 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanetwork.com/res/img/gno_logo_svg1.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d11b07859fd9c556a2e9382897ff4d5bb2a811327a3f75e95b071f6804d3f52c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:49:51 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Tue, 05 May 2020 08:50:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 2076367
etag: W/"379589077b63dbd422c97a673ecec40f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000,public
x-amz-cf-id: oVeouZ-UO5Em6_iqMXsQkjxtJnJ9l03rRAST-DG3LhfA_CKTWi5-Jw==

GET
H2 200 jquery.gz.js Show response
images.gmanetwork.com/res/dist/js/ 94 KB
33 KB 10ms
9ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1509246ef3a1d43913a821c59843b7eeb285d92db3b50ef673156764cbf2f5ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "8383a5230d45934fc1ed7a4525893ac4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 33385
x-amz-cf-id: NW4M8jKGr5weIxyW7q9Zv3cWpLQcieu9SF02PHkY4fmeSPfOUAP5Jg==

GET
H2 200 unruly.gz.js Show response
images.gmanetwork.com/res/dist/js/third_party/ 52 B
442 B 10ms
9ms Script
application/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/dist/js/third_party/unruly.gz.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c905617c98925807a6fdf98d7ead4be0f281661de8de7e061af32bbc328eeab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 02:59:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "4934386624df4034dbe12372d0b826dd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120
content-length: 72
x-amz-cf-id: Qb67o4EuNLy2k86ILKsjxLQFcf2Zj9cc7RRB13bjfIDyJV51QrWXgQ==

GET
H2 200 btstrap_min_e10-viewport_js.gz Show response
images.gmanetwork.com/res22/js/btstrap/ 31 KB
9 KB 10ms
9ms Script
text/javascript 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res22/js/btstrap/btstrap_min_e10-viewport_js.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7040f351fa93cddd426c4978c3cd5938173a69efc3365986135fda7da0cb5c67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Apr 2016 11:40:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 1
etag: "2266bd8d5c0a99c405f3b63cdac76983"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=120
content-length: 8618
x-amz-cf-id: ZUwYW7iYQcyzWFiUBmN_kWTBkbh1aJRyQl7kPiFX2PxiYSao7w6SRg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 122 KB
47 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa9e35bddc9049e6107191bca365055e22c25c1cac8cab8f1217ebb6c8d74473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47751
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 00:57:42 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Feb 2024 01:35:57 GMT

GET
H2 200 side_adv.png
images.gmanews.tv/v3/img/ 677 B
1009 B 50ms
6ms Image
image/png 18.245.86.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/v3/img/side_adv.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d85bf6dc7e193ba6aba1c7f19fa7cff8480f6a424f7511d30dd93c098fac77f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:05:30 GMT
via: 1.1 75f70026bed8fa7e14f645c02f074728.cloudfront.net (CloudFront)
last-modified: Fri, 01 Apr 2016 01:22:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 6489028
etag: "d011246b48da6e449ffcef2d3d6a48f9"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
content-length: 677
x-amz-cf-id: s5DlJvJvplM0_Yq73sCFfsP7XZBbT5pEOJcP8LuypnsNLHQsfHOlnA==

GET
H2 200 ellipsis.svg
images.gmanetwork.com/res/img/ 6 KB
1 KB 6ms
6ms Image
image/svg+xml 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanetwork.com/res/img/ellipsis.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b22313fd719ae7c104f6bc4be142ffb0b9d2f5c604ab92163ec18a628927ce99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 19:33:15 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Nov 2019 09:48:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 2354563
etag: W/"6373ba91f5bae052a2ca12af09659d66"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000,public
x-amz-cf-id: GNUBAAmFNGsYSxjHnEO9CXnP_i_UwceZr9QzvvLozvKkNXIDXROLDA==

GET
H2 200 footer_new.jpg
images.gmanetwork.com/res/img/ 19 KB
19 KB 8ms
7ms Image
image/jpeg 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanetwork.com/res/img/footer_new.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8dfe376a7edf2182420cdebe2a59189c015d31444851f4d5c43c05366288fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 03:24:32 GMT
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jan 2018 06:21:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 79886
etag: "452aec533f25d9dbe2e9a75ed29dd0f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 19568
x-amz-cf-id: 7X3esBqCvnpw2BjqhiHvjndo-gzdgAb3jbubRly3oVGt4OLpUSPr4Q==

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 37ms
16ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=PT+Sans%7CLato:300,400,700%7CUbuntu:300,400%7CSource+Sans+Pro:400,600%7CUbuntu+Condensed%7COswald:400,300,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:56:19 GMT
x-content-type-options: nosniff
age: 59978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:56:19 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 29ms
9ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:47:53 GMT
x-content-type-options: nosniff
age: 60484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:47:53 GMT

GET
H2 200 MuseoSans-500.otf
images.gmanetwork.com/res/fonts/MuseoSans/ 62 KB
62 KB 358ms
344ms Font
application/vnd.oasis.opendocument.formula-template 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/fonts/MuseoSans/MuseoSans-500.otf
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6017bdf5d16d3357b1bf6848ef88af9389a7cb3b4e54f5a8a276676bb0efb65

Request headers

Referer: https://www.gmanetwork.com/
Origin: https://www.gmanetwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:58 GMT
via: 1.1 7af089de61bb0f71465732ed7f6f3386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
x-cache: RefreshHit from cloudfront
content-length: 63024
last-modified: Wed, 24 Mar 2021 06:49:23 GMT
server: AmazonS3
etag: "032337e82232f53e67317d5f6680d729"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/vnd.oasis.opendocument.formula-template
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: ETag
cache-control: max-age=120
access-control-allow-credentials: true
x-amz-cf-id: kA8yZsMn22BzeR2dEXM4SOeQcLgaNfX2jpH-NOnj_jA-UZibmflpgA==

GET
H2 200 MuseoSans-700.otf
images.gmanetwork.com/res/fonts/MuseoSans/ 63 KB
63 KB 365ms
352ms Font
application/vnd.oasis.opendocument.formula-template 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/fonts/MuseoSans/MuseoSans-700.otf
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f0e7735adfcdf2111bdd4128aeff3912c579c0dd0fb415553327c3da059ab4d

Request headers

Referer: https://www.gmanetwork.com/
Origin: https://www.gmanetwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:58 GMT
via: 1.1 7af089de61bb0f71465732ed7f6f3386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
x-cache: RefreshHit from cloudfront
content-length: 64088
last-modified: Wed, 24 Mar 2021 06:49:23 GMT
server: AmazonS3
etag: "1087c6a9da22ebf924be80a001a84d2f"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/vnd.oasis.opendocument.formula-template
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: ETag
cache-control: max-age=120
access-control-allow-credentials: true
x-amz-cf-id: mPIkDLaNju0XuLFitnlAzYflnHp_sMBAJn80vXRp1G_-tQt-QpyRPg==

GET
H2 200 Lora-Regular.ttf
images.gmanetwork.com/res/fonts/Lora/ 121 KB
62 KB 350ms
337ms Font
application/font-sfnt 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/fonts/Lora/Lora-Regular.ttf
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 359501180b779548ad4e1ca74f38b08474350c38bed64ad69b278837d179e792

Request headers

Referer: https://www.gmanetwork.com/
Origin: https://www.gmanetwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:58 GMT
content-encoding: gzip
via: 1.1 7af089de61bb0f71465732ed7f6f3386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
x-cache: RefreshHit from cloudfront
last-modified: Wed, 24 Mar 2021 06:49:23 GMT
server: AmazonS3
etag: W/"c684a3de5c014a61d5139d5b97da99fc"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/font-sfnt
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: ETag
cache-control: max-age=120
access-control-allow-credentials: true
x-amz-cf-id: UPCaaTV4ZH34kH_UI6iebK7e6SNRhJCemc_aADJl4NlhMXJ3jnlT0g==

GET
H2 200 Lora-Bold.ttf
images.gmanetwork.com/res/fonts/Lora/ 121 KB
63 KB 362ms
349ms Font
application/font-sfnt 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/fonts/Lora/Lora-Bold.ttf
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51906a46cedc27ed5e349475e3bf0eb36d464f0e642eaad0f3d430f5f89af2bf

Request headers

Referer: https://www.gmanetwork.com/
Origin: https://www.gmanetwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:58 GMT
content-encoding: gzip
via: 1.1 7af089de61bb0f71465732ed7f6f3386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
x-cache: RefreshHit from cloudfront
last-modified: Wed, 24 Mar 2021 13:03:05 GMT
server: AmazonS3
etag: W/"eec9b1b134bfc16624d240b70db7ed59"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/font-sfnt
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: ETag
cache-control: max-age=120
access-control-allow-credentials: true
x-amz-cf-id: DPKFf5M52Z2sXKmuI3v8rPi_Uo_Itj5xQwxPkTAEbWtIR-1QclBoGg==

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 07:59:08 GMT
x-content-type-options: nosniff
age: 63409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 07:59:08 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 27ms
13ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 22:07:30 GMT
x-content-type-options: nosniff
age: 98907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Feb 2025 22:07:30 GMT

GET
H/1.1 200
OK d3d3LmdtYW5ldHdvcmsuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
535 B 80ms
13ms XHR
application/json 23.32.101.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tcheck.outbrainimg.com/tcheck/check/d3d3LmdtYW5ldHdvcmsuY29t

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.32.101.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-32-101-241.deploy.static.akamaitechnologies.com

Software

Resource Hash

39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Wed, 14 Feb 2024 01:35:57 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=10443
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 2305f534dcd40b33ab9a6cfbf4e3b0eb
Content-Length: 15
Expires: Wed, 14 Feb 2024 04:30:00 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
371 B 31ms
7ms Image
image/gif 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 15 Mar 2024 01:35:57 GMT
date: Wed, 14 Feb 2024 01:35:57 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/2b39c590/www-widgetapi.vflset/ 216 KB
67 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2b39c590/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d44f36044267c46ca434b1361c433965bb1fed4ebbfa35f4169c946e067b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 18:48:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68438
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 06:43:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 12 Feb 2025 18:48:09 GMT

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ 15 B
363 B 53ms
14ms Fetch
application/json 188.65.124.58
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xbdlq.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.58 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed1.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain; charset=UTF-8

Response headers

Date: Wed, 14 Feb 2024 01:35:57 GMT
Server: edward-ed/2.2.1
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length: 15

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:58:38 GMT
x-content-type-options: nosniff
age: 59839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:58:38 GMT

GET
H2 200 fontello.woff
images.gmanews.tv/res/fonts/social/ 8 KB
8 KB 367ms
354ms Font
application/font-woff 18.245.86.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanews.tv/res/fonts/social/fontello.woff
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d59c24b766c8088486b920c1c36e1b3576cd415528dc01a486d3d97c776a2c8b

Request headers

Referer: https://www.gmanetwork.com/
Origin: https://www.gmanetwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:58 GMT
via: 1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-cache: RefreshHit from cloudfront
content-length: 7812
last-modified: Tue, 05 Nov 2019 09:48:08 GMT
server: AmazonS3
etag: "9f972961c468281bf7ee69deec7839e9"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/font-woff
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: ETag
cache-control: max-age=120,public
access-control-allow-credentials: true
x-amz-cf-id: 1TqjX6db-6uPRIE8PUCJKFPbrve_oX6H2-KjViclCTo-DD3fn1qvjw==

GET
H2 200 gma-header-logo.svg
aphrodite.gmanetwork.com/ 2 KB
1 KB 6ms
6ms Image
image/svg+xml 2600:9000:275b:1800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/gma-header-logo.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:1800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4265686660c12d10f6954d8dec60884933d680f10dd79a4ff7a76c016d62f39a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 4f2a14569b371893f3851a804b6ae8dc.cloudfront.net (CloudFront)
date: Tue, 13 Feb 2024 05:39:14 GMT
last-modified: Fri, 03 Apr 2020 07:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 71858
etag: W/"6070135b0880a0cca74ba0fc1221e24f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 3MyZLR20vV8uAgY9lxxWVCO0l5erjfKEKflJMjtfbyD7fMzyu6_NrA==
x-amz-meta-s3b-last-modified: 20200403T073750Z

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ 3 KB
4 KB 41ms
6ms XHR
text/html 2600:9000:2761:200:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid7.54.5-gma.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2761:200:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2

Request headers

Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

x-amz-version-id: SIv.6LiuODikErkt8hGkZr.zJWI3NFp8
date: Tue, 13 Feb 2024 12:29:32 GMT
via: 1.1 90af45dd727f0b43ee7edafc660daaee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
age: 47186
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3527
last-modified: Tue, 19 Dec 2023 13:15:23 GMT
server: AmazonS3
etag: "6a6d57dbabaa297544a761a67d32156f"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 4YLbXd7BnPqTijuBhxxd5XWk9QyChthKHM90kitxjroYnuq4a9hQfg==

GET
H2 200 cd6cddc5-4dca-4d77-9a65-8b894400e772 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
829 B 29ms
6ms Script
application/javascript 99.86.4.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-30.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: dc8e270a6c4089b306a6058d541e71d584db80c236f99875470008a97c8303c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:01:29 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 2068
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: gziYth12wfBnfXl1Ex9bg5dmygfgQSyoSGOI722kdDW-0Hst1KLiPw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 6ms
6ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.gmanetwork.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 20:30:02 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 18354
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.gmanetwork.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2196
x-amz-cf-id: l_oS3rU3TD0h7dO7ytSoIF3RkFX9EG8iMjHoljb8NMbq76gwlf4pBw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 19ms
6ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
date: Tue, 13 Feb 2024 06:31:31 GMT
x-amz-cf-pop: FRA56-P6
age: 68698
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: NILAisYYQ0C8OM92FXLjK31MDVVwQTrhmwi18wV329zKAn4G-Ee8Rw==

GET partner
sync.search.spotxchange.com/ 0
0

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 82ms
13ms Script
application/javascript 2.23.78.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-78-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Wed, 14 Feb 2024 01:50:57 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 30ms
6ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 12:30:07 GMT
content-encoding: gzip
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 47151
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: kHjqTOGRA_yPflJ8yZ7vxGHbNwc9AT0mHU8g3_aXoy07-LlsTW8kAg==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 47ms
20ms Script
application/javascript 2606:4700:10::ac43:246e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&ref=&_it=amazon&partner_id=632
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01C975WVAA3JDKHJ
age: 4947
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 855193cf7f5c68f8-FRA
x-amz-id-2: hxb2Br8vf2uBBniSeqakgjztWKIPtATtD6bN1gV+n3Vg6mNMl2rDRQL+gF8pDyHWIII6UuGjSsI=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 88 KB
26 KB 39ms
16ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cd07edee68cd765a7cdde6fefbd032242acc261496048c610c9d2b401ef105b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 09:41:43 GMT
server: cloudflare
x-amz-request-id: 46SV57NN53HN994J
age: 1151
etag: W/"5f1afea320c5039c2b1fe5fdbc5608a7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 855193cf78442c2e-FRA
x-amz-id-2: BswzCxccT+zxeMqTEhYSE5qvqZqxxpZgn7ZiAJ+m2veK13JEar4H5cFI+xoFZnf4T9d4zR7TGcA=

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ 48 KB
18 KB 38ms
6ms Script
text/javascript 2600:9000:266e:6400:1a:ba5c:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:6400:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 20:40:51 GMT
content-encoding: gzip
via: 1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-P8
age: 17706
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 18460
x-amz-cf-id: fSxgEsUw8sQs9Bz0-A0d1ACfewBaU53oVFhWgUKwzhFZKkKue4QhUQ==
expires: Wed, 14 Feb 2024 08:40:51 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
337 B 103ms
32ms XHR
application/json 54.216.166.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.166.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-166-217.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 21bb61aeed70e48495c9536a63bbd0c49fe5a80e9c932b4b0e093964ab2872bf

Request headers

Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 01:35:57 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache
x-server: 10.45.19.36
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 show_pla Show response
flint.defybrick.com/ 3 KB
2 KB 311ms
107ms Script
text/javascript 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=24157092185878950076516261610028740221456278179415921157820224507121&nc=0&tsf=0&tsfmi=&pv=0&cb=1707874557394&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=3918716379&at=&bid=e30%3D&di=W1siZWYiLDQ4OF0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsMlwiLFwidlwiOlwiaW50ZWwgaW5jLlwi%0D%0ALFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wg%0D%0AZXMgMy4wMCAob3BlbmdsIGVzIGdsc2wgZXMgMy4wIGNocm9taXVtKVwiLFwiZ3ZlclwiOlwid2Vi%0D%0AZ2wgMi4wIChvcGVuZ2wgZXMgMy4wIGNocm9taXVtKVwiLFwiZ3ZlblwiOlwid2Via2l0XCIsXCJi%0D%0AZW5cIjozLFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6NDkxNzk4%0D%0AMDA1LFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7%0D%0AXG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAg%0D%0AICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAg%0D%0AICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAg%0D%0AICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6%0D%0AIGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0p%0D%0AXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1d%0D%0AIl0sWy0xLCItIl0sWy0yLCI0LGVBSFdYMS9mM3F6Q3Zia3V5bVF3Z2xJYUYzcEVzUkVFVHBvVmRG%0D%0AVkJRUXBSY1JCRlNLSUlnaVJJcjBLaEpScXBTQXRDQWtRSHBJenliYlhwbVpyLzUvZDk2YnpjdVNB%0D%0AUEovR3QiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJwYWVv%0D%0Aam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJdLFst%0D%0ANSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTEx%0D%0ALCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJ0d2l0dGVyOnRpdGxlXCIsXCJ0d2l0dGVyOmRlc2NyaXB0%0D%0AaW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcImRlc2NyaXB0aW9uXCIsXCJr%0D%0AZXl3b3Jkc1wiLFwibmV3c19rZXl3b3Jkc1wiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFst%0D%0AMTQsIntcIm9cIjowfSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAs%0D%0AMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEy%0D%0AMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIi0iXSxb%0D%0ALTIxLCJheFYzVEtiZCJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10i%0D%0AXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjE2MTAwMDAwLFwidWpoc1wiOjEyNzAwMDAwLFwi%0D%0AamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJl%0D%0Abi1VUyxlbiJdLFstMjksIntcInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAsMiwwLDIsMCwwLDIsMiwy%0D%0ALDIsMF19Il0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCItIl0sWy0zMywi%0D%0ALSJdLFstMzQsIi0iXSxbLTM1LCJbMTcwNzg3NDU1NzM4OSwtMV0iXSxbLTM2LCJbXCI0LzNcIixc%0D%0AIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsMCwwLDU0MCwwLDAs%0D%0AMTMsNzg3LDQ1LDAsMTQyMy40LDE0MjMuNCwxNTUxLDE1NTIiXSxbLTM5LCJbXCIyMDAzMDEwN1wi%0D%0ALDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZh%0D%0AbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00%0D%0AMywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiLSJd%0D%0ALFstNDYsIjAiXSxbLTQ3LCJFdXJvcGUvQmVybGluLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgs%0D%0AIjAsMCJdLFstNDksIi0iXSxbImJuY2giLDIzXV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A1600%2C%22h%22%3A2854%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=j8TH6a1BIc&sdd=%7B%7D&pto=1557
Requested by: Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 6bc09034d5ce3fb7cd7746c76fd9520b9eeb13676ec670c8f23fad566a8f152b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Wed, 14 Feb 2024 01:35:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1869
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 99 B
291 B 108ms
108ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=www.gmanetwork.com&url=https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&ref=&_it=amazon&partner_id=632
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c75b05bf2836d54cfdba76825b65d80ea4ee62cb0caae0425471f018c929d935

Request headers

Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 855193d0ace55d57-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 145ms
109ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=www.gmanetwork.com&url=https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.gmanetwork.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 855193cffcb25d57-FRA
content-length: 0
content-type: application/json
date: Wed, 14 Feb 2024 01:35:57 GMT
debug: OPTIONS block
expires: Thu, 13 Feb 2025 01:35:57 GMT
server: cloudflare

GET
H2 200 moatcontent.js Show response
z.moatads.com/gmanmicontent461752070830/ 178 KB
57 KB 12ms
12ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/gmanmicontent461752070830/moatcontent.js
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/moat_content_tag.gz.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5b3b78542673c46b4299265778cc870a3fe7d4bffc70cb1cac9c0e5199432c79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 16:48:35 GMT
server: AmazonS3
x-amz-request-id: C4A73E3E967220BF
etag: "5d09d15e235e777027a70f856982a114"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=13681
accept-ranges: bytes
content-length: 58484
x-amz-id-2: ySWQIzwIYGwDiVfMluS5Yjbnbq4LEHGp0Rsf8Z0g2kUMTfTAF1Z3Vo7fjWlUMGG+zzveN0mJ65A=

GET
H2 404 FG65A-Y848M-3TACG-B2LGY-Y72BW
s.go-mpulse.net/boomerang/ Frame 1859 0
0 162ms
126ms Script
application/javascript 2a02:26f0:480:9a4::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/FG65A-Y848M-3TACG-B2LGY-Y72BW
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/akamai.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:9a4::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
cache-control: public, max-age=900
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
timing-allow-origin: *
content-length: 45
content-type: application/javascript; charset=utf-8

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 31ms
7ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/quantcast.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 21 Feb 2024 01:35:57 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 58ms
7ms Script
application/x-javascript 2600:9000:2646:6800:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/chartbeat.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:6800:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 07:29:27 GMT
content-encoding: gzip
via: 1.1 eb99f1f32a184a8c9c9c920381a7576a.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:03:21 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 65190
etag: W/"65838ed9-9630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: XW0nMaAuhNUSwTApewleGYplZzMyXQy54A0d_V3nQiQAs1RJkVOmuA==
expires: Wed, 14 Feb 2024 07:29:27 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 59ms
8ms Script
application/x-javascript 2600:9000:2646:6800:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/chartbeat.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:6800:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 19:19:26 GMT
content-encoding: gzip
via: 1.1 eb99f1f32a184a8c9c9c920381a7576a.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 22591
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: VxzjhqocuUT3U3kmFrdNAfwxo_Ep1fIZ2e4FKwNObneDgiMHS1XrCQ==
expires: Wed, 14 Feb 2024 19:19:26 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 44ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/third_party/facebook_sdk.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

28e4eaa93b4b3100338bb88ad47625861b697ff3efd56b53308adca1b959f2a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 01:35:57 GMT
content-md5: ifq97nR4RhZDbiBGY1w2Gg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: 9j7glHSf482QC7JC9Os0c7rqb4NlHr5/fO2icqOxPPC6viXPWdqwgVM5u++YvdZWJB/Ts96wteeZi71Sc0eKiA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 537f4edf1b140b571e623aa92f1872b1
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "6042a2cdc5483cec127540d4ea44afe4"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 14 Feb 2024 01:55:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
86 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TQZBRMKGV4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242242-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0607bdd40f39ff5324d570b7efecd3c5e8fa7ec68089d69cebdbdbd4b05884f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Feb 2024 01:35:57 GMT

GET
H2 200 51.gz Show response
data2.gmanetwork.com/gno/embeds/ 110 B
619 B 446ms
8ms XHR
text/plain 13.32.99.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data2.gmanetwork.com/gno/embeds/51.gz?id=51&container=body
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-88.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12e1180d7432fed998d28ca94b4a5a1754f846569df8972474ba7fbe3765b233

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:34:43 GMT
content-encoding: gzip
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 75
x-cache: Hit from cloudfront
content-length: 119
last-modified: Thu, 17 Sep 2020 09:23:17 GMT
server: AmazonS3
etag: "4c7f0390cf4dbd23883e3c64e3982006"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: text/plain
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: mmN1jgr5UAreZiSCh-OLuiPkl3LQb_UqHkteIyTE0jkIkWFVA6ShaA==

GET
H2 200 home.gz Show response
data2.gmanetwork.com/gno/widgets/at_a_glance_lists/ 17 KB
5 KB 790ms
358ms XHR
application/json 13.32.99.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data2.gmanetwork.com/gno/widgets/at_a_glance_lists/home.gz
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-88.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 326cae8f14ce339b30087e3ac008763f51161bf1e05c0633db4adf9072f4f007

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
content-encoding: gzip
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront
content-length: 4517
last-modified: Tue, 13 Feb 2024 22:48:23 GMT
server: AmazonS3
etag: "680a6682dce72d3b757fcf397aff7b2b"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: okMPnkV0nes0WRFdqCaQXingkobMXmHvOn-uYiVKzBFxzlI3XMxeRA==

GET
H2 200 latest_content Show response
data2.gmanetwork.com/gno/widgets/fab/ 2 B
486 B 773ms
342ms XHR
application/json 13.32.99.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data2.gmanetwork.com/gno/widgets/fab/latest_content
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-88.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
last-modified: Thu, 26 May 2022 02:25:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "99914b932bd37a50b983c5e7c90ae93b"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: application/json
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
access-control-expose-headers: ETag
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-length: 2
x-amz-cf-id: a-rUjHCtTkF-ekgENMHoZ8la-BVNXUzYyXzlnKZlHPzGuHXqrNlhlQ==

GET
H2 200 latest_content Show response
data2.gmanetwork.com/gno/widgets/fab/ 2 B
478 B 772ms
341ms XHR
application/json 13.32.99.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data2.gmanetwork.com/gno/widgets/fab/latest_content
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-88.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
last-modified: Thu, 26 May 2022 02:25:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "99914b932bd37a50b983c5e7c90ae93b"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
access-control-expose-headers: ETag
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-length: 2
x-amz-cf-id: 2lMD00ySVY3mwxO0MIBlVkpf5a5vm5BUhU5obPkphcMAc5prtgQeeA==

GET
H2 200 authors.gz Show response
data2.gmanetwork.com/gno/authors/ 24 KB
4 KB 788ms
358ms XHR
text/plain 13.32.99.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data2.gmanetwork.com/gno/authors/authors.gz
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-88.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7fa368388356d84efb4effa04ce68e5536552bb789de01f2679eb889cefa96e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
content-encoding: gzip
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront
content-length: 3483
last-modified: Wed, 20 Dec 2023 08:46:42 GMT
server: AmazonS3
etag: "354f95d219f649e2ff4d9613c8bd5bf0"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: text/plain
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: WBvtsODFMXSwkiW1NxOEytCdkIgvbuwBaJSqgJXKuthdw2QInI4DPg==

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 btb-logo-200px.svg
images.gmanetwork.com/res/img/ 10 KB
4 KB 7ms
6ms Image
image/svg+xml 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanetwork.com/res/img/btb-logo-200px.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2260a0c10c2fa8903fab19e7b218e5727e4e2ab04b5a68fec7fa9a2a0753a77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:56:05 GMT
content-encoding: gzip
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 04:01:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
age: 6043193
etag: W/"c79fa6a925bb4a37a11558abba1f8a5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: 4e6u5usd78aLtVkW_Dxqb22a-i2_4sVCI2iGl8ApgSlfuDGEzh70sw==

GET
H2 200 rules-p-ernMzxMzj4rTH.js Show response
rules.quantcount.com/ 1 KB
1 KB 38ms
6ms Script
application/javascript 2600:9000:223c:b400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-ernMzxMzj4rTH.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:b400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 570eb26b1f69dc91b116affae587952ea205228975cec892890a16dab882124f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 00:49:48 GMT
content-encoding: gzip
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2838
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 14:57:02 GMT
server: AmazonS3
etag: W/"2586e780d12e3579958caf730b2c56b5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: 0WX1xLVuow1Jg_HvChX0jWyZs-Gi-12fn7m80uKq8CKERK5hHC9xfg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 34ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TQZBRMKGV4&gtm=45je42c0v885846337za200&_p=1707874557464&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=343212400.1707874558&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1707874557&sct=1&seg=0&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&dt=QC%20auto%20spa%20ordered%20closed%20anew%20due%20to%20numerous%20violations%20%7C%20GMA%20News%20Online&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1679
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TQZBRMKGV4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 01:35:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 298 KB
85 KB 16ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=276b232ce39e2a5c21230cea0d4136b1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

974472bf8dd78aa470f5e3753323ef0dca321314dbfa514a05520d03369497d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.gmanetwork.com/
Origin: https://www.gmanetwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 01:35:57 GMT
content-md5: G9H6vP0uWXAeaDmi5ct+KQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87205
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: scJEPebD94qtQO7t3abJYVgpf4JX5OI7slUg7vy1eor1+WuesCqrWsJMevrYhpE2JrZbdLkzn4BM3tyJXTRIXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 87ca7e764ac2b0017b8cbe8639064572
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "4d601537896faccf978364fc33d31f4c"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 13 Feb 2025 00:15:44 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 284ms
93ms Image
image/gif 52.204.36.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=gmanetwork.com&p=%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&u=BDtkK2Dk81_8dVS8K&d=gmanetwork.com&g=67134&g0=News%2CGNO&g1=GMA%20Integrated%20News&n=1&f=00001&c=0&x=0&m=0&y=2854&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&b=1692&t=DBQ37dCe5Jd-DpWjJICFrmwgBhOxQB&V=143&i=QC%20auto%20spa%20ordered%20closed%20anew%20due%20to%20numerous%20violations%20%7C%20GMA%20News%20Online&tz=-60&sn=1&sv=CP_edUBW7AD3B-Bk1vR3mDND5Fw5n&sr=external&sd=1&im=067b9fff&_
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.36.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-36-237.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 14 Feb 2024 01:35:57 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 259 B
553 B 130ms
108ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=gmanetwork.com&domain=gmanetwork.com&path=%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf521501b3729f03ec5b6aaa321e2c08b3e4a1abff11d76a2f953d98b8a484ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 194
x-served-by: cache-fra-eddf8230052-FRA
x-timer: S1707874558.557644,VS0,VE102
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Mon, 12 Feb 2024 01:35:57 GMT

GET
H2 200 pixel;r=701510791;labels=title.QC%20auto%20spa%20ordered%20closed%20anew%20due%20to%20numerous%20violations%2Ckeywords.Kapuso%20Action%20Man%2Ckeywords.QC%20BPLD%2Ckeywords.Kuroma%20autospa%2Ckeywo...
pixel.quantserve.com/ 35 B
782 B 9ms
9ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=701510791;labels=title.QC%20auto%20spa%20ordered%20closed%20anew%20due%20to%20numerous%20violations%2Ckeywords.Kapuso%20Action%20Man%2Ckeywords.QC%20BPLD%2Ckeywords.Kuroma%20autospa%2Ckeywords.business%20closure;rf=0;a=p-ernMzxMzj4rTH;url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1198694020-1707874557501;pbc=13e53ba1-567a-4c12-bb0b-ac9a27bfa7d8;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=gmanetwork.com;dst=1;et=1707874557542;tzo=-60;ogl=site_name.GMA%20News%20Online%2Ctitle.QC%20auto%20spa%20ordered%20closed%20anew%20due%20to%20numerous%20violations%2Ctype.article%2Curl.https%3A%2F%2Fwww%252Egmanetwork%252Ecom%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-clos%2Cimage.https%3A%2F%2Fimages%252Egmanews%252Etv%2Fwebpics%2F2024%2F02%2FKuroma_Autospa_Kapuso_Action_Man_2-13-%2Cimage%3Asecure_url.https%3A%2F%2Fimages%252Egmanews%252Etv%2Fwebpics%2F2024%2F02%2FKuroma_Autospa_Kapuso_Action_Man_2-13-%2Cimage%3Awidth.640%2Cimage%3Aheight.480%2Cdescription.Authorities%20in%20Quezon%20City%20discovered%20that%20an%20auto%20spa%20that%20was%20supposed%20to%20have%2Cpubdate.2024-02-13T21%3A37%3A36%2B08%3A00;ses=9ff8c244-8d2e-4088-8325-6d3c86a207aa;mdl=

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 01:35:57 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["keywords.business closure"],"pcode":["p-ernMzxMzj4rTH"]},{"label":["title.QC auto spa ordered closed anew due to numerous violations"],"pcode":["p-ernMzxMzj4rTH"]},{"label":["keywords.Kapuso Action Man"],"pcode":["p-ernMzxMzj4rTH"]},{"label":["keywords.QC BPLD"],"pcode":["p-ernMzxMzj4rTH"]},{"label":["keywords.Kuroma autospa"],"pcode":["p-ernMzxMzj4rTH"]}],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 58ms
39ms Fetch
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=255951164473730&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=276b232ce39e2a5c21230cea0d4136b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=();report-to="permissions_policy"
strict-transport-security: max-age=15552000; preload
date: Wed, 14 Feb 2024 01:35:57 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: no-cache
x-fb-debug: GqZNFzXObfK6HNXm1TK5Rb6MJFOTrj1xeGfrUiBnMAarGAwgEK1jRDLPK/rjRzCutoyyQD6EGeE8Nvl/2RgLfA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gmanetwork.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fontello.woff2
aphrodite.gmanetwork.com/assets/revamp/fonts/icons/ 14 KB
15 KB 369ms
356ms Font
binary/octet-stream 2600:9000:275b:1800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/fonts/icons/fontello.woff2
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:1800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10906b8c7ee290918a54bb5510854a38d276b9419e7f91d3781b7af6aeeaebfb

Request headers

Referer: https://aphrodite.gmanetwork.com/assets/revamp/css/build/widgets/header_style.css
Origin: https://www.gmanetwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 14 Feb 2024 01:35:58 GMT
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-cache: RefreshHit from cloudfront
content-length: 14692
last-modified: Thu, 10 Oct 2019 12:34:10 GMT
server: AmazonS3
etag: "f7d914c20b6df8faac5c74ee903a3f9b"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=120,public
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: iF0BtToabkwVWw9WgXWvEMi_HcIAii3V_yAymlaajHDD5LXXl3Ht4Q==

GET
H2 200 632 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 52ms
20ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/632?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&ref=&_it=amazon&partner_id=632
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e2ba17c2e51614822092e16c99667274e4d2a4f51112214b748b500846def09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Feb 2024 01:32:06 GMT
server: cloudflare
age: 231
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 855193d19c15bb8f-FRA

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ 43 B
79 B 93ms
93ms Image
image/gif 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00126ae9cf32ee428f9a9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d65337fd78afe6d4e3474ce9498fbd38e820db619150d7012aa67c03f81e42027ecc5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82e1908f77f69a996137aefdefb64ec57a917f0dd07c74cccd17cc22a2984db7299779ac0baa78aefe14c78f77ee0eefc285161b9876794b313e04c4007d1595ed0d9879e81b2c527df21d6deedc85ec54d5814aa5f0ddb92c41c738abe74f005e6c917c573a926424b049661eb578896ad2aead16a971ba7c19ccc7780191c2de84b011f7b467dcbab75a148c4c5cb25a89128f19739cbcffff36f9ea6ea4f6d7999a45143cda7041758afb9b36ea325dbb941bea56aed61e371c44e8b5683fd7e924e3ab7f2cd256a6b7d52745e1b0afea4d971965daa1b0b1e7cbaeb0a9c855e55a1e48efee5339caefbbfc2a7edb8545d20e913d3a4536f9f51274e8620022f7efc7ab3645b9ef9cb089769d7258ab72dd1a50c9b7c133c230a7f0f9fc2e2c73f785c86054496d1c5a6b6ca521983b6bd798ad2707dd8ce0f3a69fb8dc45721b7278543821be33f9b11c7d512f8ba32e68795d3984762e8fc26628276a685acb6179c6c361e1989694350b2a24392ed14ca9a99d449cc878730092b5abf3dab06a249af80699637434c5d282e6deb48faf42149ab3dd2adf429cb8a1c9e7e77b3033f79ddae844829b134abca498450230a0efe7e799ebd9428d95d3ed7&cb=1707874557710&cri=j8TH6a1BIc
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Wed, 14 Feb 2024 01:35:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 5_2024_02_13_18_28_34.jpg
images.gmanews.tv/webpics/2024/02/ 1 MB
1 MB 7ms
7ms Image
image/jpeg 18.245.86.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2024/02/5_2024_02_13_18_28_34.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9344cf4083e3032799058a9016a9a3f41daf95a06055bed2692e9b9efefcf300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 10:35:26 GMT
via: 1.1 75f70026bed8fa7e14f645c02f074728.cloudfront.net (CloudFront)
last-modified: Tue, 13 Feb 2024 10:28:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 54032
etag: "f507d295e858417261796308b5752c2f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 1233677
x-amz-cf-id: zCmdhd8DK9rtZudE6NZHlCv_ih9x4AlIgSOecwaooCfvcQlNR5vuiA==

GET
H2 200 PBA_Images15-3_2024_02_13_16_39_29.JPG
images.gmanews.tv/webpics/2024/02/ 136 KB
136 KB 8ms
7ms Image
image/jpeg 18.245.86.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2024/02/PBA_Images15-3_2024_02_13_16_39_29.JPG
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f683fd4459f81fda0c27f00aeb62a56a221aa55d6b6426790ca6dad07ed72f1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:43:26 GMT
via: 1.1 75f70026bed8fa7e14f645c02f074728.cloudfront.net (CloudFront)
last-modified: Tue, 13 Feb 2024 08:39:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 60753
etag: "7f487d470d7645530b0d669f066534e9"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 139187
x-amz-cf-id: 2xLVySOGd8ey_nchZ-35wYGx8AH5sSCn3l2ZCzvwid1ZGk47AX_3vA==

GET
H2 200 416375036_1550117915778387_960339911699347296_n_2024_02_13_16_23_47.jpg
images.gmanews.tv/webpics/2024/02/ 336 KB
336 KB 13ms
12ms Image
image/jpeg 18.245.86.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2024/02/416375036_1550117915778387_960339911699347296_n_2024_02_13_16_23_47.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2d1fb3617ed05a4d24f26cea266a3eac192224d3db88258c8d9db0fa87ebe51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:28:41 GMT
via: 1.1 75f70026bed8fa7e14f645c02f074728.cloudfront.net (CloudFront)
last-modified: Tue, 13 Feb 2024 08:23:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 61638
etag: "ecf304990176d554bf97a3aa88ecfdd1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 343817
x-amz-cf-id: 95LsladiRy7LdWGMqzzZxVMzq9ApoH2CuhJZhQECAG3OQRcblXe72Q==

GET
H2 200 Screenshot_2024-01-02_at_14_2024_01_02_14_12_54.png
images.gmanews.tv/webpics/2024/01/ 2 MB
2 MB 23ms
21ms Image
image/png 18.245.86.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2024/01/Screenshot_2024-01-02_at_14_2024_01_02_14_12_54.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62ce5c324ece8d1c33e91ab13c689539213ed66102bc0ee553a6a1ed34b795c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 11:08:08 GMT
via: 1.1 75f70026bed8fa7e14f645c02f074728.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jan 2024 06:12:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 52071
etag: "49c947c567658753dc912d68019f5dbf"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
content-length: 1654346
x-amz-cf-id: 1VQTl3qw_qgHQ5S6iPdYrqKis5_dAgJviHdwNJX73NqgVkNpjfjT9A==

GET
H2 200 flowers_2024_02_13_20_34_47.jpg
images.gmanews.tv/webpics/2024/02/ 130 KB
130 KB 22ms
21ms Image
image/jpeg 18.245.86.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2024/02/flowers_2024_02_13_20_34_47.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3634d44a700f5be8f0e184cafabac02942df1bddf1bdef3f4a37f2c3a5948cde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 12:46:33 GMT
via: 1.1 75f70026bed8fa7e14f645c02f074728.cloudfront.net (CloudFront)
last-modified: Tue, 13 Feb 2024 12:34:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 46166
etag: "3ebbfc9ad6ab89a2da4bce6d2ddc838f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 132762
x-amz-cf-id: cA2mbc2l0M4yoQWA1kVzB-8h7qplL5Vkmh9c2S1v0qPckTh6jWO5BQ==

GET
H2 200 UP_Fair_2024_02_13_16_50_18.jpg
images.gmanews.tv/webpics/2024/02/ 258 KB
258 KB 23ms
22ms Image
image/jpeg 18.245.86.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2024/02/UP_Fair_2024_02_13_16_50_18.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2df069745e03486e27d0660d95fbae2c838740b2690b79faa657d727c4a53e44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:53:47 GMT
via: 1.1 75f70026bed8fa7e14f645c02f074728.cloudfront.net (CloudFront)
last-modified: Tue, 13 Feb 2024 08:50:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 60132
etag: "ee6dfb94589ada15fbd9d8d80d0b3e7b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 263686
x-amz-cf-id: m8V1gyTJlApenCsS2BaMTfG8V2YteORCMeuaPZ5Ue6Y9uURrSIxU2w==

GET
H2 200 deliveraw.nmi Show response
ads.allaccess.com.ph/ 0
0 1332ms
165ms Script
text/plain 13.250.151.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.allaccess.com.ph/deliveraw.nmi?zoneid=8115&sid=0012&_=1707874557264
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.250.151.100 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-151-100.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 deliveraw.nmi Show response
ads.allaccess.com.ph/ 0
0 1332ms
165ms Script
text/plain 13.250.151.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.allaccess.com.ph/deliveraw.nmi?zoneid=8215&sid=0012&_=1707874557265
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.250.151.100 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-151-100.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 deliveraw.nmi Show response
ads.allaccess.com.ph/ 0
0 1330ms
164ms Script
text/plain 13.250.151.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.allaccess.com.ph/deliveraw.nmi?zoneid=8315&sid=0012&_=1707874557266
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.250.151.100 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-151-100.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 897387.gz Show response
data2.gmanetwork.com/783/gno/story/ 8 KB
3 KB 343ms
343ms XHR
application/json 13.32.99.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data2.gmanetwork.com/783/gno/story/897387.gz
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-88.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d384dcb4eedad8538f182ff73bebb5d1fb5a4105fcaad5ac622f5f85d89761a5

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
content-encoding: gzip
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront
content-length: 2654
last-modified: Tue, 13 Feb 2024 13:37:37 GMT
server: AmazonS3
etag: "7606cd6dc5ad8d4e9ba17bd43bebbe30"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: T8xFBf7c02YCHa49Hr87UpsK8b1YKraJmkeG2kx9Bb-YbKFhpuABuw==

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
278 B 30ms
7ms Fetch
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

43cd08ca4c6325d406527e7baafdd8d68d5d5f43a42b14f423e7a98b6bcbce91

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Wed, 14 Feb 2024 01:35:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v3 Show response
id5-sync.com/gm/ 319 B
603 B 29ms
7ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

ad270eb8d5f38a0c64802dc60a36afbef57a080ea8d8be816864321a5ff524f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Wed, 14 Feb 2024 01:35:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 native_article_config.gz Show response
data2.gmanetwork.com/gno/widgets/native_article_visibility/ 822 B
698 B 352ms
352ms XHR
application/json 13.32.99.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data2.gmanetwork.com/gno/widgets/native_article_visibility/native_article_config.gz
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-88.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40c99e506b5e163e2c1eebcd2a11d11390518b90da379ac2e37a8db857a252c3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
content-encoding: gzip
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront
content-length: 197
last-modified: Tue, 13 Feb 2024 09:21:34 GMT
server: AmazonS3
etag: "3b9d1d22c32ebbf13624579419c95176"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: uPKrTCP4o0TOHrzSaflSY8Ux3niPtZI9WLQ9bSlm5pazfb0IUOK3uQ==

GET
H2 200 trending_most_shared.gz Show response
data2.gmanetwork.com/gno/widgets/most_shared/ 22 KB
5 KB 7ms
7ms XHR
text/plain 13.32.99.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data2.gmanetwork.com/gno/widgets/most_shared/trending_most_shared.gz
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-88.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d849ef38f6ff94d4e18327c88120b7b56b686b9f579aa3cefaef18e63172ef7f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:21 GMT
content-encoding: gzip
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 38
x-cache: Hit from cloudfront
content-length: 4586
last-modified: Wed, 14 Feb 2024 01:30:11 GMT
server: AmazonS3
etag: "8ab9839bc8fc7a42d55c8b142cbc35d9"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: text/plain
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: vtUXfKm63S3SSC0bhzkbow7IWL-THqRxUvkyUPbQQ9UGVdKVli4K5Q==

GET
H2 200 Lora-Medium.ttf
images.gmanetwork.com/res/fonts/Lora/ 121 KB
64 KB 365ms
365ms Font
application/font-sfnt 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanetwork.com/res/fonts/Lora/Lora-Medium.ttf
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35fccc04b246dd0a782a707b2437ee552e605d3e573d344d80e082f1aea5a4e6

Request headers

Referer: https://www.gmanetwork.com/
Origin: https://www.gmanetwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
content-encoding: gzip
via: 1.1 7af089de61bb0f71465732ed7f6f3386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
x-cache: RefreshHit from cloudfront
last-modified: Wed, 24 Mar 2021 13:03:05 GMT
server: AmazonS3
etag: W/"c3e2f11036e070e9ea5a4cc2c1169165"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/font-sfnt
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: ETag
cache-control: max-age=120
access-control-allow-credentials: true
x-amz-cf-id: sF1EnDMV_d_IIlNNX-XebKS0UJGJa-Exe-zRAbgXXUV-ChDqhqg9sw==

GET
H2 200 897194.gz Show response
data2.gmanetwork.com/491/gno/story/ 20 KB
5 KB 7ms
7ms XHR
application/json 13.32.99.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data2.gmanetwork.com/491/gno/story/897194.gz
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-88.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9370b3b056aa7f3c40b7d2576d3b625b5ec2a34a8d92f95344e0914faf4ed6e4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:34:44 GMT
content-encoding: gzip
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 76
x-cache: Hit from cloudfront
content-length: 4341
last-modified: Mon, 12 Feb 2024 03:57:16 GMT
server: AmazonS3
etag: "17ee92c6a667bd722b07179dded59b63"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: CrHDFI-qSvMLNAaChaUXo3-5Rxc7r_43WqxrzUQdHzzFlV8XAIZemw==

GET
H2 200 / Show response
www.gmanetwork.com/news/api/nextstory/ 475 B
947 B 479ms
478ms XHR
application/json 2600:9000:223e:3800:d:a120:a940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gmanetwork.com/news/api/nextstory/?id=897387&site=topstories&special=1
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:3800:d:a120:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: eqmod_httpd v1.0 (author: mon sarmiento) /
Resource Hash: f01d905a028b1230962156933281c7b4ee0413f5582907654617f6a86256ff00

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
content-encoding: gzip
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
p3p: CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
content-length: 274
server: eqmod_httpd v1.0 (author: mon sarmiento)
etag: "1707902938"
access-control-max-age: 1
access-control-allow-methods: POST, OPTIONS, GET, PUT
content-type: application/json; charset=UTF-8
access-control-allow-origin: www.gmanetwork.com
cache-control: max-age=120, public
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Authorization, X-Requested-With
x-amz-cf-id: AbFUE4bDNL9kLZlTaq5xLvlTkDeg2lXZJUST85yg-TsZXxuBhmv90A==
x-elapsed-time: 143 microseconds

GET
H2 200 buttons.js Show response
ws.sharethis.com/button/ 106 KB
27 KB 42ms
7ms Script
application/javascript 2600:9000:2724:c800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/buttons.js?_=1707874557267

Requested by

Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

c06ec88641687c7f653a3e6b3a601130400dc1698afe67c531d693406cd99440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 08:09:48 GMT
content-encoding: gzip
via: 1.1 e787a68a5271d06ea7b7e56fa6886dc8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P12
age: 235571
x-cache: Hit from cloudfront
content-length: 27181
server: nginx/1.20.1
etag: W/"658496ad-1a60a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=259200
x-robots-tag: noindex, nofollow
x-amz-cf-id: xsOasL2Uolt7f1IclokEEUFf7taPrnEDoh68q69gvMUJYDt3UxjAjA==
expires: Wed, 14 Feb 2024 08:09:48 GMT

GET
H/1.1 200
OK 897387.json Show response
related.gmanews.tv/12/articleTag/783/ 755 B
1 KB 621ms
340ms XHR
application/json 18.173.205.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://related.gmanews.tv/12/articleTag/783/897387.json
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-41.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0edfe36d4a7284b6bbcf8d49a46722ebb628f924e216c6e222df2f5338ffe958

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 01:36:00 GMT
Via: 1.1 b44afb2a44376871c20edb8c123ed47c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P12
x-amz-server-side-encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 755
Last-Modified: Tue, 13 Feb 2024 13:37:48 GMT
Server: AmazonS3
ETag: "e7d903fe58fb17cc33e9f982b5e9440c"
Access-Control-Max-Age: 1200
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=1200
Vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges: bytes
X-Amz-Cf-Id: Ws3OncxH2CKHP1xMO-6j-jAy84GQbeRMoH65NljvT1oVoMmw1XPuug==

GET uuiFWAtXJC4
www.youtube.com/embed/ Frame ED59 0
0

GET
H3 200 uuiFWAtXJC4 Show response
www.youtube.com/embed/ Frame ED59 94 KB
41 KB 88ms
88ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/uuiFWAtXJC4?embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22344684475%2FGNO_Web_YTP_Instream%22%2C%22cust_params%22%3A%22kv1%3Dx%2526kv2%3Dy%22%2C%22pp%22%3A%22z%22%7D%7D%7D

Requested by

Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52354e3b1014f57a4e277653b1abd3778e4d9af25ea64b719a9e3e0862532832

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 01:35:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 36 KB
11 KB 307ms
246ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&idx=0&rand=81892&widgetJSId=AR_11&va=true&et=true&format=html&clss=oN%2FXIpuYBd%2Fsg%2BLXewG4MPgtD7l7NkAaCoe%2BSGqaZJ0wpnJYUfcAZICkEp%2FRj1CXn11sMQfsY4%2FGtFgc&px=268&py=3008&vpd=1808&cw=749&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010662&sig=axV3TKbd&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

74df2691f90ad196648a2f973a71619bffe0a983b0018b7b2924136ec5fa1fec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-served-by: cache-lga21963-LGA, cache-fra-eddf8230090-FRA
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Wed, 14 Feb 2024 01:35:59 GMT
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1707874559.095384,VS0,VE240
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid: 3d18c2620969f32a218ada527bae0eeb
accept-ranges: bytes
content-length: 10580
x-cache-hits: 0, 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242242-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 01:30:40 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 319
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 14 Feb 2024 03:30:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
89 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J329KM2X1X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242242-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8374573f968baeec298fa6b42befab2c5fe6438f229f6203d344665147ea0d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91528
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Feb 2024 01:35:59 GMT

GET
H/1.1 200
OK tagr_lib_learn_ph_v3.js Show response
static-tagr.gd1.mookie1.com/s1/ 4 KB
1 KB 512ms
153ms Script
application/javascript 23.53.42.107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tagr.gd1.mookie1.com/s1/tagr_lib_learn_ph_v3.js?tagid=V2_153300&id=GMA
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/custom_analytics.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.107 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-107.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5ddadabbf40d5ed6cc3b3735f87451e0a5ec1782cec93f338005566ad060fbc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 01:35:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2016 05:35:34 GMT
Server: nginx
ETag: "579999a6-1153"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1217

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 59ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=34&ud=false&qa=1600&qb=1200&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qi=1600&qj=1200&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qm=-60&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZQSx%5ETm~ixJP%3C8%2Bce6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BQ%5EbjmPh%3E2%2BnN%23V%2Cx%258YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&i=GMANMI_CONTENT1&hp=1&pl=1&zMoatIS=1&kq=1&dnt=0&bq=0&f=0&o=3&t=1707874557460&de=954928915231&m=0&ar=e687a89-clean&q=0&cb=0&cu=1707874557492&ll=2&ln=0&em=0&en=0&d=www.gmanetwork.com%2Fnews%3AQC%20auto%20spa%20ordered%20closed%20anew%20due%20to%20numerous%20violations%3A__page__%3A-&qs=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&vc=2&gw=gmanmicontent461752070830&fd=1&ac=1&it=500&fs=99042&na=142418999&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 14 Feb 2024 01:35:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 14 Feb 2024 01:35:59 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
30 KB 65ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bf3efccc6fd015b3338616b19d24e8f1d48d7bd140fecec4165f538c388e250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30045
x-xss-protection: 0
server: cafe
etag: 35 / 19767 / m202402070101 / config-hash: 4286378015811137153
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 01:35:59 GMT

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 30ms
4ms Script
application/javascript 2600:9000:2724:c800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/async-buttons.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js?_=1707874557267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

c92c3814d5c8ef8bd016d9cb4dec18ff0dfca4a3f2b4968207888383095e0197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 07:10:24 GMT
content-encoding: gzip
via: 1.1 e787a68a5271d06ea7b7e56fa6886dc8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P12
age: 66335
x-cache: Hit from cloudfront
content-length: 18814
server: nginx/1.20.1
etag: W/"658496e7-16245"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=259200
x-robots-tag: noindex, nofollow
x-amz-cf-id: _c-1FjIBcqpFaEdFx0Dts4jJN9XxUuqaPw1-u3PdFdBJgcArXQgkrg==
expires: Fri, 16 Feb 2024 07:10:24 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
405 B 37ms
7ms XHR
text/plain 3.66.124.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1707874559064.71954&hostname=www.gmanetwork.com&location=%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&title=QC%20auto%20spa%20ordered%20closed%20anew%20due%20to%20numerous%20violations%20%7C%20GMA%20News%20Online&sop=false&description=Authorities%20in%20Quezon%20City%20discovered%20that%20an%20auto%20spa%20that%20was%20supposed%20to%20have%20been%20closed%20for%20nearly%20five%20months%20has%20continued%20to%20remain%20in%20operation.&ua=&ua_mobile=false&ua_full_version_list=&uuid=89114fcc-ce25-4091-9a43-d24223c79322

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js?_=1707874557267

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.124.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-124-228.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 01:35:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 15ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2085929308&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&dp=%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&ul=en-us&de=UTF-8&dt=QC%20auto%20spa%20ordered%20closed%20anew%20due%20to%20numerous%20violations%20%7C%20GMA%20News%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACgCI~&jid=756378047&gjid=680715507&cid=343212400.1707874558&tid=UA-242242-2&_gid=16754713.1707874559&_r=1&gtm=457e42c0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&cd6=article&cd7=SHERYLIN%20UNTALAN&cd8=Metro&cd9=News&cd10=&cd11=February%2013%2C%202024&cd12=Kapuso%20Action%20Man%2C%20QC%20BPLD%2C%20Kuroma%20autospa%2C%20business%20closure&z=883780942

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 01:35:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 16ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-J329KM2X1X&gtm=45je42c0v885053567za200&_p=1707874557464&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=343212400.1707874558&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dt=QC%20auto%20spa%20ordered%20closed%20anew%20due%20to%20numerous%20violations%20%7C%20GMA%20News%20Online&dp=%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&sid=1707874559&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.portal_section=News&ep.content_type=Article&ep.author=SHERYLIN%20UNTALAN&ep.subsection=Metro&ep.audience_interest=News&ep.content_source=&ep.publish_date=February%2013%2C%202024&ep.keywords=Kapuso%20Action%20Man%2C%20QC%20BPLD%2C%20Kuroma%20autospa%2C%20business%20closure&ep.content_id=897387&ep.section=News&ep.show_name=&tfd=3281
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J329KM2X1X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 01:35:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 59ms
19ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J329KM2X1X&cid=343212400.1707874558&gtm=45je42c0v885053567za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J329KM2X1X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 01:35:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 37ms
16ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J329KM2X1X&cid=343212400.1707874558&gtm=45je42c0v885053567za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=928249458

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 01:35:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-242242-2&cid=343212400.1707874558&jid=756378047&gjid=680715507&_gid=16754713.1707874559&_u=YADAAUAAAAAAACgCI~&z=2008824548

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Feb 2024 01:35:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/2b39c590/ Frame ED59 366 KB
47 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2b39c590/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uuiFWAtXJC4?embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22344684475%2FGNO_Web_YTP_Instream%22%2C%22cust_params%22%3A%22kv1%3Dx%2526kv2%3Dy%22%2C%22pp%22%3A%22z%22%7D%7D%7D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uuiFWAtXJC4?embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22344684475%2FGNO_Web_YTP_Instream%22%2C%22cust_params%22%3A%22kv1%3Dx%2526kv2%3Dy%22%2C%22pp%22%3A%22z%22%7D%7D%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:07:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1729
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48183
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 06:43:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Feb 2025 01:07:10 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/2b39c590/player_ias.vflset/de_DE/ Frame ED59 53 KB
17 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2b39c590/player_ias.vflset/de_DE/embed.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4490b0161dc45ad4187723d13daea81ae717eed4e782b3510b464f70ee6cdfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uuiFWAtXJC4?embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22344684475%2FGNO_Web_YTP_Instream%22%2C%22cust_params%22%3A%22kv1%3Dx%2526kv2%3Dy%22%2C%22pp%22%3A%22z%22%7D%7D%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16880
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 06:43:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 12 Feb 2025 08:58:28 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/2b39c590/www-embed-player.vflset/ Frame ED59 319 KB
95 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2b39c590/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1dded9e10bba321c6be6b715f8b29d9d64ea4f51499e8ef7adfb435370fac45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uuiFWAtXJC4?embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22344684475%2FGNO_Web_YTP_Instream%22%2C%22cust_params%22%3A%22kv1%3Dx%2526kv2%3Dy%22%2C%22pp%22%3A%22z%22%7D%7D%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 00:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5437
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97132
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 06:43:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Feb 2025 00:05:22 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/2b39c590/player_ias.vflset/de_DE/ Frame ED59 2 MB
777 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2b39c590/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fee5c29034a6e97369976bd9cab7eaecdbd7fc9f90fc828216e3122fb6046ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uuiFWAtXJC4?embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22344684475%2FGNO_Web_YTP_Instream%22%2C%22cust_params%22%3A%22kv1%3Dx%2526kv2%3Dy%22%2C%22pp%22%3A%22z%22%7D%7D%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60019
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795384
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 06:43:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 12 Feb 2025 08:55:40 GMT

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
380 B 8ms
8ms Image
text/plain 3.66.124.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.124.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-124-228.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 01:35:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 11ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&qs=1&ak=https%3A%2F%2Fwww.gmanetwork.com%2F%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2Fdata%3Aimage%2Fpng%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8%2BPB%2FAAffA0nNPuCLAAAAAElFTkSuQmCC&i=GMANMI_CONTENT1&ud=false&qm=-60&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZQSx%5ETm~ixJP%3C8%2Bce6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BQ%5EbjmPh%3E2%2BnN%23V%2Cx%258YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=0&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=5564&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&f=0&o=3&t=1707874557460&de=954928915231&cu=1707874557492&m=1561&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&pg=0&pf=0&cc=0&bw=0&bx=0&em=0&en=0&bu=1&cd=0&ah=1&am=0&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3AQC%20auto%20spa%20ordered%20closed%20anew%20due%20to%20numerous%20violations%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=1838101822&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 14 Feb 2024 01:35:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 14 Feb 2024 01:35:59 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ED59 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:50:21 GMT
x-content-type-options: nosniff
age: 60338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:50:21 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ED59 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 59205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 09:09:14 GMT

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 9ms
6ms Stylesheet
text/css 2600:9000:2724:c800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/css/buttons-secure.css

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:18:40 GMT
content-encoding: gzip
via: 1.1 e787a68a5271d06ea7b7e56fa6886dc8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 21 Dec 2023 19:49:59 GMT
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P12
age: 69440
etag: W/"658496e7-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: oUb8ULN91WSwNXrc6VNNENg9Dloid_1jzh_PhpC6FdIFxzsSc7G7ww==

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 218 B
572 B 192ms
161ms Script
text/javascript 13.32.121.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&cb=stButtons.processCB&wd=true

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-95.fra60.r.cloudfront.net

Software

Resource Hash

e22a29df78a7433ed96aa114ffc4a97e119aaa311021df6ce59ba44e5132a98e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
etag: b18fb71fea8a32ff002a09402aaa9b46
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: public, max-age=900
content-length: 218
apigw-requestid: TGjX7h31oAMEPIg=
x-amz-cf-id: dVpZaCGxp3_6jUQEZOGH7UG2-FvCxW__4q1mZC5bEYWBu8lQXQ831w==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/ 436 KB
137 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

244f9013ff972cac8f03cdac206e08c733ba70140153ed7607ee424b58272341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 10:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54482
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139960
x-xss-protection: 0
server: cafe
etag: 11977059823252198946
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 12 Feb 2025 10:27:57 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 37ms
17ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-242242-2&cid=343212400.1707874558&jid=756378047&_u=YADAAUAAAAAAACgCI~&z=2059378762

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 01:35:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-242242-2&cid=343212400.1707874558&jid=756378047&_u=YADAAUAAAAAAACgCI~&z=2059378762

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 01:35:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 106213651 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 68ms
46ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/106213651?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69e87976fd792d3bed19614080ad3ebefbe2d35c8a1a1dffe108614177aa2e20

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6b7XScSNDaZqhoJNOF2Jng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-6b7XScSNDaZqhoJNOF2Jng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjWsOoxSXF4KMhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66awqQKy5fjprIBBvOTOddQ8QxzyfzpoCxItZZ7CuBuIpgTNY5wCxU_oM1gAg_pw5g_U3EPvUz2CNAmIhHo7_GzesYxN48XpBMyMAf0JNpw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame ED59
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

14ms
13ms

XHR
application/json

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26e4439d54ef8b1b9852de41988ea70ac47d0d0ee10043512671543e8a464801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 14 Feb 2024 01:35:59 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame ED59 29 B
495 B 34ms
7ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2b39c590/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:27:15 GMT
x-content-type-options: nosniff
age: 524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Feb 2024 01:42:15 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 39ms
17ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 14 Feb 2024 01:35:59 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame ED59 86 KB
40 KB 21ms
20ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2b39c590/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4250239f39cca90bbe8e07f700a9e704baa0da7700e4ba6e50524eeda87fb21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40665
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/2b39c590/player_ias.vflset/de_DE/ Frame ED59 118 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2b39c590/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2b39c590/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7e10196933610f407da9987f5672adaadb5855df7e514b41c65bfeebe1c165a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uuiFWAtXJC4?embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22344684475%2FGNO_Web_YTP_Instream%22%2C%22cust_params%22%3A%22kv1%3Dx%2526kv2%3Dy%22%2C%22pp%22%3A%22z%22%7D%7D%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 20:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33988
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 06:43:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 12 Feb 2025 20:08:34 GMT

GET
H2 200 nML6sO0rp_owOkRMsF5s0qJry7DmnW_dXxSd8CRnFU8.js Show response
www.google.com/js/th/ Frame ED59 50 KB
20 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/nML6sO0rp_owOkRMsF5s0qJry7DmnW_dXxSd8CRnFU8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2b39c590/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cc2fab0ed2ba7fa303a444cb05e6cd2a26bcbb0e69d6fdd5f149df02467154f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:14:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 01:14:26 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/uuiFWAtXJC4/ Frame ED59 53 KB
54 KB 43ms
15ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/uuiFWAtXJC4/sddefault.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

103307f363f601130417241f63bdf634174fb0af278a8600d08b69fc71083965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54750
x-xss-protection: 0
server: sffe
etag: "1707826943"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Feb 2024 01:40:59 GMT

GET
DATA 200
OK truncated
/ Frame ED59 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AGSKWxUsX9_Qc9a0bjX_FJvpeOWpi20-jDwGbJRF6BdtLZrSA_nKORcHX5jwIlmxt32bqagv971ykKeKnUa6ZJ6G8sk9pr9kpjAbdgWlRnk0zUH4Tj7SuqEu6Sm5aVM49DZEpBTU9KXPRA== Show response
fundingchoicesmessages.google.com/f/ 370 KB
58 KB 70ms
70ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUsX9_Qc9a0bjX_FJvpeOWpi20-jDwGbJRF6BdtLZrSA_nKORcHX5jwIlmxt32bqagv971ykKeKnUa6ZJ6G8sk9pr9kpjAbdgWlRnk0zUH4Tj7SuqEu6Sm5aVM49DZEpBTU9KXPRA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3ODc0NTU5LDMyNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZ21hbmV0d29yay5jb20vbmV3cy90b3BzdG9yaWVzL21ldHJvLzg5NzM4Ny9xYy1hdXRvLXNwYS1vcmRlcmVkLWNsb3NlZC1hbmV3LWR1ZS10by1udW1lcm91cy12aW9sYXRpb25zL3N0b3J5LyIsbnVsbCxbWzgsIk0wWmdkYW1PTk5zIl0sWzksImRlIl0sWzIwLCJbbnVsbCxudWxsLFs5NTMyMTQ0N10sbnVsbCwxNV0iXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMxdLTz2qXDoSDjoP5G-9Wfg5kG_5A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d926136ea4b1182279c7fde8f2568b6f479650177fbe37d1b3071baa9dd5f39

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-TuRGK61oBKRtRwtzlqk6ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-TuRGK61oBKRtRwtzlqk6ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNwz8LAXEYB_C7J4-QkImbJUxGM4vBwESSSUl5C5i8A_X7DbYbFacUyUtQMkkpFndHusWfBfH91MdnqCmfpuQSmqIHl7TJHmiH29iZ9thRTOrjqWySjemERRlUPzZ50XlcyPO8UATj6ESv9MJFIe-6lQW7K4LrXcFtDIwFxzA5EVzC2VrwCmuW4AbqLHmEg5LkIWabkot4b0l-Y6EnuYphv-c3NcbukDx-5-ofhIFPRQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame ED59 4 KB
2 KB 77ms
57ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2b39c590/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 01:35:59 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame ED59 0
10 B 10ms
10ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?UXf50A
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/uuiFWAtXJC4?embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22344684475%2FGNO_Web_YTP_Instream%22%2C%22cust_params%22%3A%22kv1%3Dx%2526kv2%3Dy%22%2C%22pp%22%3A%22z%22%7D%7D%7D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uuiFWAtXJC4?embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22344684475%2FGNO_Web_YTP_Instream%22%2C%22cust_params%22%3A%22kv1%3Dx%2526kv2%3Dy%22%2C%22pp%22%3A%22z%22%7D%7D%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
13ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 14 Feb 2024 01:35:59 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame ED59 90 B
134 B 18ms
18ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2b39c590/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc515ea8431838faf553a86eee2dde390b4f513335075f34a00c362a6ad3155d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
444 B 402ms
94ms XHR
application/json 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1707874559418&sessionId=78f93c07-32ea-da46-cb51-7bc5d0d8c9e4&url=www.gmanetwork.com&cheqSource=1&cheqEvent=0&exitReason=4&message=oN%2FXIpuYBd%2Fsg%2BLXewG4MPgtD7l7NkAaCoe%2BSGqaZJ0wpnJYUfcAZICkEp%2FRj1CXn11sMQfsY4%2FGtFgc&pvId=2ccdc4ddfe213a138605993a4e17f02f

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Feb 2024 01:35:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: e2daf487896b2e0d4e7465344aa7fee6
Content-Length: 4
Expires: 0

GET
H2 200 bubble_arrow_below.png
ws.sharethis.com/secure/images/ 969 B
1 KB 6ms
6ms Image
image/png 2600:9000:2724:c800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/secure/images/bubble_arrow_below.png

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 01:13:23 GMT
via: 1.1 e787a68a5271d06ea7b7e56fa6886dc8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P12
age: 4234956
etag: "658496e7-3c9"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 969
x-amz-cf-id: 8iSlnQ64PdPq6cGM2nx1kV-ENiXjGc7YdvHmbBBm-LMmIKrrBtSboQ==
expires: Thu, 26 Dec 2024 01:13:23 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 7ms
7ms Image
image/svg+xml 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 15 Mar 2024 01:35:59 GMT
date: Wed, 14 Feb 2024 01:35:59 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
429 B 379ms
95ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-nydc1.outbrain.com/l?token=4d17d360fd57fcfe4ae36784ff946ccb_3816_1707874559161&tm=2179&eT=0&widgetWidth=749&widgetHeight=36&widgetX=269&widgetY=2991&wRV=2010662&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=1&rtt=386&oo=true&lo=1256&obreq=1237&mvreq=3193&mvres=3579&cet=4g&to=1707874555838&umv=1&ll=0&chs=1&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 01:35:59 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 4dbab07b172cebe6fd928a7b3684a573
Content-Length: 6

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
444 B 396ms
95ms XHR
application/json 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1707874559425&sessionId=78f93c07-32ea-da46-cb51-7bc5d0d8c9e4&url=www.gmanetwork.com&cheqSource=1&cheqEvent=0&exitReason=4&message=oN%2FXIpuYBd%2Fsg%2BLXewG4MPgtD7l7NkAaCoe%2BSGqaZJ0wpnJYUfcAZICkEp%2FRj1CXn11sMQfsY4%2FGtFgc&pvId=2ccdc4ddfe213a138605993a4e17f02f

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Feb 2024 01:35:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 573b5bb5e8530b624bff7a28874531a9
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
429 B 375ms
95ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-nydc1.outbrain.com/l?token=199aac28d406ea3f080f04c11bb75450_3816_1707874559276&tm=2184&eT=0&widgetWidth=743&widgetHeight=257&widgetX=272&widgetY=3039&wRV=2010662&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=1256&obreq=1237&mvreq=3193&mvres=3586&re=3588&cet=4g&cs=1&to=1707874555838&umv=1&ll=0&chs=1&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 01:35:59 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 956eccb9e2c0ab1e7453be2d5ef630be
Content-Length: 6

GET
H2 200 ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
8 KB 7ms
7ms Image
image/svg+xml 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 15 Mar 2024 01:35:59 GMT
date: Wed, 14 Feb 2024 01:35:59 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "b79638966e0374c455e78107aee59bf4:1701762092.299136"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7647
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 eyJpdSI6ImE2ZjJmMDI4NmFlYzY0ZjA4ZmIxOTBiZGRkNTcwYWVlZWQ0OTQ5YTYyMzg2YzRhNDJhOTEyZDc4NWRkN2Q4NGEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjaCI6OTE4OTc3OTc1LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 17 KB
18 KB 47ms
13ms Image
image/webp 23.32.101.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6ImE2ZjJmMDI4NmFlYzY0ZjA4ZmIxOTBiZGRkNTcwYWVlZWQ0OTQ5YTYyMzg2YzRhNDJhOTEyZDc4NWRkN2Q4NGEiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjaCI6OTE4OTc3OTc1LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.32.101.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-32-101-241.deploy.static.akamaitechnologies.com

Software

Resource Hash

453f36cd4b6cf79e0dd3cc429e46aa8c1a5417f4cfb2e32a46564838f1254b84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Feb 2024 01:35:59 GMT
last-modified: Mon, 05 Feb 2024 06:51:21 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2320111
access-control-allow-credentials: false
x-traceid: f146be271adbfe8ec08381447ef2ea39
timing-allow-origin: *, *
content-length: 17716

GET
H2 200 eyJpdSI6IjU2ZjNhYThlMDcyMzQ0OWNhNjJlM2YxZThlZGVjMTFhZDQ2NjI0NDQ5NTM4Y2QyM2I5MjdkZGI0MDZkMzQ3Y2EiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 11 KB
11 KB 60ms
26ms Image
image/webp 23.32.101.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU2ZjNhYThlMDcyMzQ0OWNhNjJlM2YxZThlZGVjMTFhZDQ2NjI0NDQ5NTM4Y2QyM2I5MjdkZGI0MDZkMzQ3Y2EiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.101.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-101-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1c810f0bc3214c7f0866c746a4aa7a84d85410d422ce22d7fb72eeaa98082435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
last-modified: Wed, 17 Jan 2024 16:45:11 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2371178
access-control-allow-credentials: false
x-traceid: 53b0b38968264838b1b0327517e04b43
timing-allow-origin: *, *
content-length: 10764

GET
H2 200 eyJpdSI6ImNkMGFlYjViYjI4NzI1YTY0MDAxNDc2MDI4ZGNkMjhjMzYyZjdlZjVlYTViMmJmZmFiOGMxMzA0NTkyYzExYTIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 5 KB
5 KB 59ms
25ms Image
image/webp 23.32.101.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNkMGFlYjViYjI4NzI1YTY0MDAxNDc2MDI4ZGNkMjhjMzYyZjdlZjVlYTViMmJmZmFiOGMxMzA0NTkyYzExYTIiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.32.101.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-32-101-241.deploy.static.akamaitechnologies.com

Software

Resource Hash

5f0119af2437d50e59244c774115efecd103c1f175286a190229addef3bb32c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Feb 2024 01:35:59 GMT
last-modified: Tue, 23 Jan 2024 21:22:04 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2328935
access-control-allow-credentials: false
x-traceid: c54e22498954c7c9fcd7cae2f4c9db9b
timing-allow-origin: *, *
content-length: 4622

GET
H3 200 css
fonts.googleapis.com/ 107 KB
5 KB 20ms
20ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.M0ZgdamONNs.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyE3UapaKQU2CxqIS_ZLb834q8VDw/m=web_iab_tcf_v2_wall_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

971fe9c7a0d3d03475b76cbb6ad43b41a4fc297c9facf41f6f04d5274c2e2804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Feb 2024 01:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 01:35:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Feb 2024 01:35:59 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/121/ Frame ED59 50 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/121/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 16:05:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 14 Feb 2024 08:59:29 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
125 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
Origin: https://www.gmanetwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:55:47 GMT
x-content-type-options: nosniff
age: 60012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:55:47 GMT

POST
H3 204 AGSKWxVZSkxzdkN0HSookuRwExMDBpcZNJkcJzJKiO-3_xUxQEzr5KuejfSa1w-HiUhxIMyKtE3B6Il4CiUFzemp87yawbrF1VaBfI3wDV_Wbdiz12dx-cmaRrfcAlIydLyW6kcTUe7R6A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 32ms
18ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVZSkxzdkN0HSookuRwExMDBpcZNJkcJzJKiO-3_xUxQEzr5KuejfSa1w-HiUhxIMyKtE3B6Il4CiUFzemp87yawbrF1VaBfI3wDV_Wbdiz12dx-cmaRrfcAlIydLyW6kcTUe7R6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2f0H4VNY6BjwbnNOSP6FSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2f0H4VNY6BjwbnNOSP6FSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABAL8XD837hhHZvAh_2n3zICAAYkGVY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.gmanetwork.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 30 KB
30 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 05:12:39 GMT
x-content-type-options: nosniff
age: 73400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30480
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 05:12:39 GMT

GET
H2 200 learn
ph-gmtdmp.mookie1.com/t/v2/ 42 B
204 B 315ms
279ms Image
image/gif 34.111.79.67
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ph-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_153300&src.domain=www.gmanetwork.com&src.url=%252Fnews%252Ftopstories%252Fmetro%252F897387%252Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%252Fstory%252F&src.id=GMA&src.rand=8451912269
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.79.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 67.79.111.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:35:59 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 deliveraw.nmi Show response
ads.allaccess.com.ph/ 0
0 165ms
164ms Script
text/plain 13.250.151.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.allaccess.com.ph/deliveraw.nmi?zoneid=8070&sid=0012&_=1707874557268
Requested by: Host: images.gmanetwork.com
URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.250.151.100 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-151-100.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&kq=1&lo=0&qs=1&ak=-&i=GMANMI_CONTENT1&ud=false&qm=-60&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZQSx%5ETm~ixJP%3C8%2Bce6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BQ%5EbjmPh%3E2%2BnN%23V%2Cx%258YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=1&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=5564&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&fy=268.8125&gp=277&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&f=0&o=3&t=1707874557460&de=954928915231&cu=1707874557492&m=2636&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=277&le=1&gm=1&io=1&ch=0&as=1&ag=1130&an=0&gf=0&gg=0&ez=1&ck=1130&kw=1077&aj=1&pg=34&pf=0&ib=0&cc=1&bw=1130&bx=0&undefined=1&ci=1130&jz=1077&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&em=0&en=0&bu=1077&cd=1&ah=1077&am=1&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3AQC%20auto%20spa%20ordered%20closed%20anew%20due%20to%20numerous%20violations%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=1213198113&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 14 Feb 2024 01:36:00 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 14 Feb 2024 01:36:00 GMT

GET
H2 204 oshk0
traid.jixie.io/sync/ 0
0 1169ms
343ms Fetch 43.129.34.52
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://traid.jixie.io/sync/oshk0?osEId=GM31180lY1Ap

Requested by

Host: scripts.jixie.media
URL: https://scripts.jixie.media/onescript/GM180iIHc4/jx-GM31180lY1Ap.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.129.34.52 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; include Subdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 01:36:01 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; include Subdomains; preload
vary: Origin
x-frame-options: Deny
access-control-allow-origin: undefined
access-control-allow-credentials: true
x-xss-protection: 1

GET
H2 200 jxpublisher_3_1.nnb.min.js Show response
scripts.jixie.media/ 35 KB
15 KB 179ms
178ms Script
application/javascript 223.119.20.22
CMI-INT-HK Level 30

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.jixie.media/jxpublisher_3_1.nnb.min.js
Requested by: Host: scripts.jixie.media
URL: https://scripts.jixie.media/onescript/GM180iIHc4/jx-GM31180lY1Ap.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 223.119.20.22 , Hong Kong, ASN58453 (CMI-INT-HK Level 30, Tower 1, HK),
Reverse DNS
Software: openresty /
Resource Hash: c0c0aa3578ac1ec19a4f5e8512b54dac3f859d182e17dc3c021d18dde1b5c06a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 14 Feb 2024 01:36:00 GMT
x-amz-version-id: B9hZifoxaE8gYzsVN_AL2MJuJB9tOD9o
via: EA-SGP-EDGE1-CACHE8[1],EA-SGP-EDGE1-CACHE1[0,TCP_HIT,0],EA-SGP-GLOBAL1-CACHE23[2],EA-SGP-GLOBAL1-CACHE8[0,TCP_HIT,1]
x-ccdn-cachettl: 2592000
content-encoding: gzip
x-amz-request-id: QNQ20QGGZJMWG5QX
age: 3550716
x-amz-server-side-encryption: AES256
x-amz-id-2: 3BmEaRcwHVUF3/VzJ/hdjW/K4CrXo5fSIpYFduiJyNMdZ5pFgLjmbQA032aXCuRGBEPUtLY8iJAleE3n4r+/1Q==
last-modified: Wed, 03 Jan 2024 23:17:21 GMT
server: openresty
etag: W/"d04bc4c628fbba3241233dbf21279758"
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-expires: 1635574
x-hcs-proxy-type: 1

GET
H2 200 like.php Show response
www.facebook.com/v2.5/plugins/ Frame 1CA5 0
2 KB 39ms
38ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=255951164473730&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e55009a66343e3d%26domain%3Dwww.gmanetwork.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.gmanetwork.com%252Ffdf7adeb961e4db22%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FGMANews&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=720

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=276b232ce39e2a5c21230cea0d4136b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co media.tenor.com .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co media.tenor.com .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co media.tenor.com *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co media.tenor.com *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Wed, 14 Feb 2024 01:36:00 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: hw7bCKR6xuvKXW6g9tl0DaX0vMSLuJhOu/buwkbxAlqwZu6g78NCqI7DcVuUcpjAktjgfratSs+oX+DD+BoP7Q==
x-xss-protection: 0

GET
H2 200 index.html Show response
ws.sharethis.com/secure/ Frame D420 7 KB
2 KB 7ms
7ms Document
text/html 2600:9000:2724:c800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure/index.html

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

a8be6d04466f8a2b2117e386c68248fa254b675420c346a10ffaf47ee1c4e533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gmanetwork.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6378
content-encoding: gzip
content-length: 2089
content-type: text/html
date: Tue, 13 Feb 2024 23:49:42 GMT
etag: W/"658496e7-1ade"
last-modified: Thu, 21 Dec 2023 19:49:59 GMT
server: nginx/1.20.1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 e787a68a5271d06ea7b7e56fa6886dc8.cloudfront.net (CloudFront)
x-amz-cf-id: wNRnLk8o7FBMxWfHpezpiSiFJ9uIEVkBLxtnmiTmfO2R2avaReQCIg==
x-amz-cf-pop: FRA56-P12
x-cache: Hit from cloudfront
x-robots-tag: noindex, nofollow

GET
H2 200 st.3b9f3f69dc50facea4e7ccac2c236448.js Show response
ws.sharethis.com/secure/js/ Frame D420 152 KB
38 KB 7ms
6ms Script
application/javascript 2600:9000:2724:c800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure/js/st.3b9f3f69dc50facea4e7ccac2c236448.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

3d0d76fdc0b6003bf282c7c3ad68d43c77488139d1b3f05c24dea95fc5729c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/secure/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:47:56 GMT
content-encoding: gzip
via: 1.1 e787a68a5271d06ea7b7e56fa6886dc8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P12
age: 168485
etag: W/"658496e7-25e31"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: gYm2QzQb7gcroiIbbhyfQ21baKbUKCwGS0TBSRs1kKX9s2a4Ae8aDA==
expires: Tue, 11 Feb 2025 02:47:56 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame ED59 28 B
50 B 21ms
21ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2b39c590/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
X-Goog-Request-Time: 1707874561459
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/uuiFWAtXJC4?embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22344684475%2FGNO_Web_YTP_Instream%22%2C%22cust_params%22%3A%22kv1%3Dx%2526kv2%3Dy%22%2C%22pp%22%3A%22z%22%7D%7D%7D
X-YouTube-Client-Version: 1.20240211.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtuaEZCZXBZUVM4Yyj_sbCuBjIKCgJERRIEEgAgXQ%3D%3D
X-YouTube-Ad-Signals: dt=1707874559198&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C265%2C230&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 14 Feb 2024 01:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

GET
H2 200 PBA_Images15-3_2024_02_13_16_39_29.JPG
images.gmanews.tv/webpics/2024/02/ 136 KB
136 KB 7ms
7ms Image
image/jpeg 18.245.86.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2024/02/PBA_Images15-3_2024_02_13_16_39_29.JPG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f683fd4459f81fda0c27f00aeb62a56a221aa55d6b6426790ca6dad07ed72f1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:43:26 GMT
via: 1.1 75f70026bed8fa7e14f645c02f074728.cloudfront.net (CloudFront)
last-modified: Tue, 13 Feb 2024 08:39:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 60758
etag: "7f487d470d7645530b0d669f066534e9"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 139187
x-amz-cf-id: HRj08RSwME_yhqs82ZxQQjSWVxhKem2Z8vUKhP9Gx9jGXa7NHkAItg==

GET
H2 200 flowers_2024_02_13_20_34_47.jpg
images.gmanews.tv/webpics/2024/02/ 130 KB
130 KB 7ms
6ms Image
image/jpeg 18.245.86.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gmanews.tv/webpics/2024/02/flowers_2024_02_13_20_34_47.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3634d44a700f5be8f0e184cafabac02942df1bddf1bdef3f4a37f2c3a5948cde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 12:46:33 GMT
via: 1.1 75f70026bed8fa7e14f645c02f074728.cloudfront.net (CloudFront)
last-modified: Tue, 13 Feb 2024 12:34:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 46171
etag: "3ebbfc9ad6ab89a2da4bce6d2ddc838f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 132762
x-amz-cf-id: U7ATI60GW9bLmCcpiUtiLaJ_CUA-bhNZUsRfdpd5P7TrFGQHl5dd3A==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&qs=1&ak=-&i=GMANMI_CONTENT1&ud=false&qm=-60&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZQSx%5ETm~ixJP%3C8%2Bce6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BQ%5EbjmPh%3E2%2BnN%23V%2Cx%258YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=2&vc=2&pl=1&zMoatIS=1&zMoatISOrder=0&j=&pc=0&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=5564&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&fy=268.8125&gp=277&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fnews%2Ftopstories%2Fmetro%2F897387%2Fqc-auto-spa-ordered-closed-anew-due-to-numerous-violations%2Fstory%2F&f=0&o=3&t=1707874557460&de=954928915231&cu=1707874557492&m=6636&ar=e687a89-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=277&le=1&gm=1&io=1&ch=0&as=1&ag=5130&an=1130&gf=0&gg=0&ez=1&ck=1130&kw=1077&aj=1&pg=34&pf=34&ib=0&cc=1&bw=5130&bx=1130&undefined=1&ci=1130&jz=1077&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&em=0&en=0&bu=5077&cd=1077&ah=5077&am=1077&re=0&wb=1&cl=0&at=0&d=www.gmanetwork.com%2Fnews%3AQC%20auto%20spa%20ordered%20closed%20anew%20due%20to%20numerous%20violations%3A__page__%3A-&gw=gmanmicontent461752070830&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&fs=99042&na=690983595&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 14 Feb 2024 01:36:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 14 Feb 2024 01:36:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?source=71084&sync_limit=7

Domain: www.youtube.com
URL: https://www.youtube.com/embed/uuiFWAtXJC4

Verdicts & Comments Add Verdict or Comment

842 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: zUcuH-WRp9w
.youtube.com/	1970-01-20 22:43:46	Name: VISITOR_INFO1_LIVE Value: nhFBepYQS8c
.dailymotion.com/	1969-12-31 23:59:59	Name: dmvk Value: 65cc18fd1d0c3
.dailymotion.com/	1969-12-31 23:59:59	Name: _TEST_ Value: 1
.dailymotion.com/	1970-01-21 03:51:56	Name: ts Value: 595876
.dailymotion.com/	1970-01-21 03:51:56	Name: v1st Value: f9144863-2780-4955-8f37-9fc17a6b583a
www.gmanetwork.com/	1970-01-20 19:07:46	Name: _rtbpbjs_userid_consent_data Value: 3524755945110770
.gmanetwork.com/	1970-01-20 19:07:46	Name: _sharedID Value: 13e53ba1-567a-4c12-bb0b-ac9a27bfa7d8
.gmanetwork.com/	1970-01-20 18:24:34	Name: lotame_domain_check Value: gmanetwork.com
.gmanetwork.com/	1970-01-21 04:00:34	Name: _ga_TQZBRMKGV4 Value: GS1.1.1707874557.1.0.1707874557.0.0.0
.gmanetwork.com/	1970-01-21 03:53:22	Name: _cb Value: BDtkK2Dk81_8dVS8K
.gmanetwork.com/	1970-01-21 03:53:22	Name: _chartbeat2 Value: .1707874557526.1707874557526.1.CP_edUBW7AD3B-Bk1vR3mDND5Fw5n.1
.gmanetwork.com/	1970-01-20 18:24:36	Name: _cb_svref Value: external
.quantserve.com/	1970-01-21 03:54:48	Name: mc Value: 65cc18fd-85c01-88485-b9ba8
.gmanetwork.com/	1970-01-21 03:49:03	Name: __qca Value: P0-1198694020-1707874557501
.gmanetwork.com/	1970-01-20 18:26:00	Name: _gid Value: GA1.2.16754713.1707874559
.gmanetwork.com/	1970-01-20 18:24:34	Name: _gat_gtag_UA_242242_2 Value: 1
.gmanetwork.com/	1970-01-21 04:00:34	Name: _ga_J329KM2X1X Value: GS1.1.1707874559.1.0.1707874559.60.0.0
.gmanetwork.com/	1970-01-21 04:00:34	Name: _ga Value: GA1.1.343212400.1707874558
.outbrain.com/	1970-01-20 18:24:36	Name: obsessionid-p3816 Value: edf0dd27-da82-d014-0000-018da541a4ab\|0\|1

32 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://sync.search.spotxchange.com/partner?source=71084&sync_limit=7 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
deprecation	warning	URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js(Line 1) Message: Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s.go-mpulse.net/boomerang/FG65A-Y848M-3TACG-B2LGY-Y72BW Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://images.gmanetwork.com/res/dist/js/jquery.gz.js(Line 1) Message: Unrecognized feature: 'web-share'.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gmanetwork.com/news/topstories/metro/897387/qc-auto-spa-ordered-closed-anew-due-to-numerous-violations/story/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ads.allaccess.com.ph
aphrodite.gmanetwork.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
config.aps.amazon-adsystem.com
connect.facebook.net
count-server.sharethis.com
data2.gmanetwork.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.dailymotion.com
gma.gscontxt.net
googleads.g.doubleclick.net
i.ytimg.com
id.hadron.ad.gt
id5-sync.com
images.gmanetwork.com
images.gmanews.tv
images.outbrainimg.com
jnn-pa.googleapis.com
l.sharethis.com
lb.eu-1-id5-sync.com
log.outbrainimg.com
mab.chartbeat.com
mb.moatads.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
p.adlooxtracking.com
pebed.dm-event.net
ph-gmtdmp.mookie1.com
ping.chartbeat.net
pixel.quantserve.com
prebid.andbeyond.media
px.moatads.com
region1.analytics.google.com
region1.google-analytics.com
related.gmanews.tv
rock.defybrick.com
rtbcdn.andbeyond.media
rtbdemand.apiip.net
rtbpass.andbeyond.media
rules.quantcount.com
s.go-mpulse.net
scripts.jixie.media
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
static-tagr.gd1.mookie1.com
static.chartbeat.com
static.doubleclick.net
stats.g.doubleclick.net
sync.search.spotxchange.com
tags.crwdcntrl.net
tcheck.outbrainimg.com
traid.jixie.io
widget-pixels.outbrain.com
widgets.outbrain.com
wrappers.geoedge.be
ws.sharethis.com
www.facebook.com
www.gmanetwork.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
z.moatads.com
sync.search.spotxchange.com
www.youtube.com
108.138.6.136
13.250.151.100
13.32.121.95
13.32.99.88
141.147.81.223
146.75.118.132
150.136.157.133
151.101.131.52
162.19.138.116
162.19.138.118
18.142.13.103
18.172.112.11
18.173.205.41
18.245.86.80
184.30.17.133
184.30.17.67
188.65.124.58
188.65.124.90
2.23.78.67
2001:4860:4802:32::36
223.119.20.22
23.32.101.241
23.53.42.107
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2600:9000:223c:b400:6:44e3:f8c0:93a1
2600:9000:223e:3800:d:a120:a940:93a1
2600:9000:2646:6800:18:1fcd:353:c61
2600:9000:266e:6400:1a:ba5c:3900:93a1
2600:9000:2724:c800:3:c04e:c780:93a1
2600:9000:275b:1800:c:3460:340:93a1
2600:9000:2761:200:2:d490:4d80:93a1
2606:4700:10::6816:545
2606:4700:10::ac43:246e
2606:4700:10::ac43:266a
2606:4700::6810:5514
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:802::200a
2a00:1450:4001:808::200e
2a00:1450:4001:808::2016
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9c
2a02:26f0:480:9a4::11a6
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::714
2a06:98c1:3120::9
3.66.124.228
34.107.231.31
34.111.79.67
43.129.34.52
52.204.36.237
54.216.166.217
65.9.66.97
70.42.32.191
99.86.4.30
00566b16120cfa6ce64b5ec855dcec47eb3c98b52269ec0cdc8aed082178f37f
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54
03a284c7bd7156ca8c83ee1d6ae74ecd32594ee6fa27b4638f7ad17561ea3f4b
05c173701f520cc53fcf2fba4ea74aa600c4daf76ee7d7fc321c1f00c7097603
0607bdd40f39ff5324d570b7efecd3c5e8fa7ec68089d69cebdbdbd4b05884f0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08e17785e0ad9e0247e2c5035d48d6d58bff8fcd77cee72380f9e01e2889a1a7
0d926136ea4b1182279c7fde8f2568b6f479650177fbe37d1b3071baa9dd5f39
0edfe36d4a7284b6bbcf8d49a46722ebb628f924e216c6e222df2f5338ffe958
0ef56a843eaeea072e78aa174bcb41ea0b4eacc38bb472f37cf8cb5d22108578
100e66bc02a8883892c409bca3cdeefe41eb0f5ad264f0b68aec211767649d31
103307f363f601130417241f63bdf634174fb0af278a8600d08b69fc71083965
10906b8c7ee290918a54bb5510854a38d276b9419e7f91d3781b7af6aeeaebfb
10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677
12e1180d7432fed998d28ca94b4a5a1754f846569df8972474ba7fbe3765b233
139da75dd27ce3e72eb0511df6e68f3a42e8db2b96effb3750a27e2e3dd3167a
1509246ef3a1d43913a821c59843b7eeb285d92db3b50ef673156764cbf2f5ce
1626bb546b447d9ef6b8772bae92b22e6613ef7b65b21444c7efe3437ef48677
19d57cd45b650fe883da218168a6f1c95d27fad33ec4adbe547066b62ff40e87
1c810f0bc3214c7f0866c746a4aa7a84d85410d422ce22d7fb72eeaa98082435
1fee5c29034a6e97369976bd9cab7eaecdbd7fc9f90fc828216e3122fb6046ae
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13
21bb61aeed70e48495c9536a63bbd0c49fe5a80e9c932b4b0e093964ab2872bf
233073d24ab74b28a2f0c051016d0ef42f03d4b57fdf1883874af69e19111edb
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
244f9013ff972cac8f03cdac206e08c733ba70140153ed7607ee424b58272341
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26e4439d54ef8b1b9852de41988ea70ac47d0d0ee10043512671543e8a464801
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
28e4eaa93b4b3100338bb88ad47625861b697ff3efd56b53308adca1b959f2a9
2c905617c98925807a6fdf98d7ead4be0f281661de8de7e061af32bbc328eeab
2df069745e03486e27d0660d95fbae2c838740b2690b79faa657d727c4a53e44
2e2ba17c2e51614822092e16c99667274e4d2a4f51112214b748b500846def09
2e9422dcae50c91ac6103d603a3621effc774cf7c3ba15916710963e742282a4
326cae8f14ce339b30087e3ac008763f51161bf1e05c0633db4adf9072f4f007
341675f90e0fb7952f3627756c96675d9689146ec3a574661e7a2ae4ae61c6f3
359501180b779548ad4e1ca74f38b08474350c38bed64ad69b278837d179e792
35fccc04b246dd0a782a707b2437ee552e605d3e573d344d80e082f1aea5a4e6
3634d44a700f5be8f0e184cafabac02942df1bddf1bdef3f4a37f2c3a5948cde
378d1668b3f15aeed82f6b1ccf730361134e41f8902dac2d97d66a93cedd9af9
397faf2cb8ca7f4200060d7a87c3d45ceec6cf9f3bd6ae5ab68fb4c65d1fdb80
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3bc2947b3cb9aab23eb5ef3b20b4b80aec5d43f4d4c4ef0717d9a09570fdd3ff
3bd5c300f9b36036a0be212fdb9a6184a192b5559d7d362760741e9c98cbd2d3
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d0d76fdc0b6003bf282c7c3ad68d43c77488139d1b3f05c24dea95fc5729c1d
3d85bf6dc7e193ba6aba1c7f19fa7cff8480f6a424f7511d30dd93c098fac77f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fa6bfe5ed0900edb16e4b506bbf1b848241ff4b8cfac86a5c616b85f18597e2
4070c1c35c3cb4f19867416e6d9b56926099239caf027ad165fda5fd61c4d7fc
40c99e506b5e163e2c1eebcd2a11d11390518b90da379ac2e37a8db857a252c3
42396341ae3c3d0cc59c90dc48397115f409545f964e955b9deceabe50b9aecf
4265686660c12d10f6954d8dec60884933d680f10dd79a4ff7a76c016d62f39a
43cd08ca4c6325d406527e7baafdd8d68d5d5f43a42b14f423e7a98b6bcbce91
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4490b0161dc45ad4187723d13daea81ae717eed4e782b3510b464f70ee6cdfd3
453f36cd4b6cf79e0dd3cc429e46aa8c1a5417f4cfb2e32a46564838f1254b84
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4ae6776bf90ca6f32dd483122e4a8a471c408d8ef5ac1fc15b36df84d97950d5
4b49718afb921870c9048afce0d2b11f0a4bf495229341171e95f3f315cdc3d3
4cd07edee68cd765a7cdde6fefbd032242acc261496048c610c9d2b401ef105b
51906a46cedc27ed5e349475e3bf0eb36d464f0e642eaad0f3d430f5f89af2bf
52354e3b1014f57a4e277653b1abd3778e4d9af25ea64b719a9e3e0862532832
52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3
570eb26b1f69dc91b116affae587952ea205228975cec892890a16dab882124f
57b48dbd18b3dbc898b73febff1dd1fe26d7e652dd3e932ba8a7478d47c8390b
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b3b78542673c46b4299265778cc870a3fe7d4bffc70cb1cac9c0e5199432c79
5ddadabbf40d5ed6cc3b3735f87451e0a5ec1782cec93f338005566ad060fbc6
5f0119af2437d50e59244c774115efecd103c1f175286a190229addef3bb32c5
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
62ce5c324ece8d1c33e91ab13c689539213ed66102bc0ee553a6a1ed34b795c5
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2
69e87976fd792d3bed19614080ad3ebefbe2d35c8a1a1dffe108614177aa2e20
6bc09034d5ce3fb7cd7746c76fd9520b9eeb13676ec670c8f23fad566a8f152b
6bf3efccc6fd015b3338616b19d24e8f1d48d7bd140fecec4165f538c388e250
6f0e7735adfcdf2111bdd4128aeff3912c579c0dd0fb415553327c3da059ab4d
6fe3c3849b8d63009dc4c89ff20e418ca4cea135043dd36551a9b9b2af3e41b4
7040f351fa93cddd426c4978c3cd5938173a69efc3365986135fda7da0cb5c67
74df2691f90ad196648a2f973a71619bffe0a983b0018b7b2924136ec5fa1fec
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7cdbfc4262e966041c8dd26a5ba6996cff3991b180fd01f3d24f726ef4f780a1
7f1a21d182b937b569183172ed61bbc084ced8c79e0d1c0cea671f0221cf189b
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
8095e046d436d9957b442dad9827d0289469e91f12cd94f68ffc90198e3b4f31
80a67a582fed34d5f1c3a3cbd37d3fb1866c6f02cd05d9dac1cec59d97be1d07
81e933580a3972c8e2675dea81274daba17c0de1d14ab3d14af31707408505e1
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
881c83b3b2713d24d5b5d0c45043c5c67e6b1c21a9fc821cab1b5223f3c654e3
89919930da4c7d0f027496907625bb5d97db45b07ca75582ca850b72cad1a44b
8a08b83be0a016087653926673ec3cb72c2403c76c2347d2d2b9a0f61bd8cdde
8f3ffeabfe6d704340f8bab669a80638cd798aca07f4c86825ad4bf946465bb6
90a858f656ab38529939ca7b252bd6b56629d4b70733f807afe73e5a37ee9732
911f8bf5fc6e99e7009d8ba1a822dc5ad70706ea54edad681d285215693e5958
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9344cf4083e3032799058a9016a9a3f41daf95a06055bed2692e9b9efefcf300
9370b3b056aa7f3c40b7d2576d3b625b5ec2a34a8d92f95344e0914faf4ed6e4
93cb662c97bc64a3dd58d587090d711213b3d60b0d938b9cade474edc3406f27
94d44f36044267c46ca434b1361c433965bb1fed4ebbfa35f4169c946e067b03
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
971fe9c7a0d3d03475b76cbb6ad43b41a4fc297c9facf41f6f04d5274c2e2804
974472bf8dd78aa470f5e3753323ef0dca321314dbfa514a05520d03369497d5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9cc2fab0ed2ba7fa303a444cb05e6cd2a26bcbb0e69d6fdd5f149df02467154f
9ef1e5267f753165f8dd582205b3d562f90ff47bccbd2a6c81b22b557643ac0f
9f9a2bff15018aec511e0c6a329f05a8d32c32f05a300430ea98713470c4a6be
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2d1fb3617ed05a4d24f26cea266a3eac192224d3db88258c8d9db0fa87ebe51
a4250239f39cca90bbe8e07f700a9e704baa0da7700e4ba6e50524eeda87fb21
a61b671c4f0058b9fe9e1b885ce530a086a9af2a2a008fa693f2a225a3798620
a8be6d04466f8a2b2117e386c68248fa254b675420c346a10ffaf47ee1c4e533
a917d7ca238e43edbb43e61a7a1b3fa945b7ccfe6d9d1f42172b205ca7ef1372
a96945fcf42fbe26503b3fce1f71fa301d6baf00630438f310806fd456b88407
aabffac0c7414cfe4a30f58de0fa2c8d962a4b4bafa66bbc39f4738a616ce50a
ad09eb4f381f7bdd2df06a98dde61dd1a8d88c01170865914f972ceefcc45037
ad270eb8d5f38a0c64802dc60a36afbef57a080ea8d8be816864321a5ff524f5
ad6f29ca8a46fd6ceea1d1ccbd28f0bcf41ae8193ca25369da72d1212bba73b4
afbfe8e368a2051af8391ea4c832a3d1e6784c254621e2bedf3e20b241164fe7
b22313fd719ae7c104f6bc4be142ffb0b9d2f5c604ab92163ec18a628927ce99
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b7fa368388356d84efb4effa04ce68e5536552bb789de01f2679eb889cefa96e
b9245fbcbac2eb5855dedaec1d1dce1e6685517965b2595c364dcb0a1dcb06f6
b9ca5cfa847f2db04af493f6efa8cd2450766c592cb2b392a62bc69fde2dddcb
bc515ea8431838faf553a86eee2dde390b4f513335075f34a00c362a6ad3155d
c06ec88641687c7f653a3e6b3a601130400dc1698afe67c531d693406cd99440
c0c0aa3578ac1ec19a4f5e8512b54dac3f859d182e17dc3c021d18dde1b5c06a
c2260a0c10c2fa8903fab19e7b218e5727e4e2ab04b5a68fec7fa9a2a0753a77
c42d6ce4f1cd8d3f0361d8b67c24f9024c7efe81bfbac8a7e399bd11a405a388
c6cf5572d330c48ded59c2e625cf42b167ccc4119b3d7391440c2defa931a8b0
c75b05bf2836d54cfdba76825b65d80ea4ee62cb0caae0425471f018c929d935
c7e10196933610f407da9987f5672adaadb5855df7e514b41c65bfeebe1c165a
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea
c92c3814d5c8ef8bd016d9cb4dec18ff0dfca4a3f2b4968207888383095e0197
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf521501b3729f03ec5b6aaa321e2c08b3e4a1abff11d76a2f953d98b8a484ff
d11b07859fd9c556a2e9382897ff4d5bb2a811327a3f75e95b071f6804d3f52c
d362b60418a5963fe304088ba49ebdc91d1a9279c47ae8a044ddfbee6f52eccd
d384dcb4eedad8538f182ff73bebb5d1fb5a4105fcaad5ac622f5f85d89761a5
d3c25479d7c2977020822fb709b73ef277fe1bdf7d18ae1cd15af9f8c097e504
d59c24b766c8088486b920c1c36e1b3576cd415528dc01a486d3d97c776a2c8b
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d849ef38f6ff94d4e18327c88120b7b56b686b9f579aa3cefaef18e63172ef7f
d8655ae9f9f536c5a94a5d219a58c34300619c1cd9f462a941d9b15993b32e40
d97570f8a7a641dccd170a523ad6706ea3094f645607a21856ed85de5bd4eda8
dc8e270a6c4089b306a6058d541e71d584db80c236f99875470008a97c8303c5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e097ee7ea405b7343d7e1d514ce99a8d32e7dbdb3ea8943491fc8347fb03ed2a
e1dded9e10bba321c6be6b715f8b29d9d64ea4f51499e8ef7adfb435370fac45
e22a29df78a7433ed96aa114ffc4a97e119aaa311021df6ce59ba44e5132a98e
e362a1e3d92a5cbd936c2ae0460c62af5f231a2edadd05034e13e6b0ee9b1f81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48cc4cf8eb3beb05c3bb4134506241bee34991f71e09f1189a2657d4cf049da
e5018d5569c0c42f79e1e328bb38970d99db37f953c4f808914df067c48646cf
e555151e63c492ea4f05ecedbcaf488acecfdf147d814e1920bcef9b028968ab
e56848bb3089ad58fecfd6308b584bfb7126318b86363d82b6d594f9d8bc6e84
e6017bdf5d16d3357b1bf6848ef88af9389a7cb3b4e54f5a8a276676bb0efb65
e611628273f9dc5ef47c6b9cd7904f7241eb8d8c12065d0ffc48b03229b96059
e8374573f968baeec298fa6b42befab2c5fe6438f229f6203d344665147ea0d1
e8dfe376a7edf2182420cdebe2a59189c015d31444851f4d5c43c05366288fd0
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee5a19f2adbcdf4a0a99f8d686b323063d73eda1d9e3351bcc67017e59b7dadd
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01d905a028b1230962156933281c7b4ee0413f5582907654617f6a86256ff00
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f52d80c8408e1a090992f244fb3a773dc504dbe0db6c2389becc92e69f69d995
f683fd4459f81fda0c27f00aeb62a56a221aa55d6b6426790ca6dad07ed72f1d
f712e229afbf5a77a0c52ac18990acb967632d4dc135d1c66f0f779cc89b2563
fa9e35bddc9049e6107191bca365055e22c25c1cac8cab8f1217ebb6c8d74473
fcd9b5232e83a460316b49b7ae2c1bd73222f00167bc9b70adda941919c6be1a

www.gmanetwork.com Open in urlscan Pro 2600:9000:223e:3800:d:a120:a940:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

211 Requests

99 %HTTPS

52 %IPv6

43 Domains

74 Subdomains

66 IPs

9 Countries

7819 kBTransfer

15348 kBSize

20 Cookies

12 Outgoing links

Redirected requests

211 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gmanetwork.com Open in urlscan Pro
2600:9000:223e:3800:d:a120:a940:93a1 Public Scan

Screenshot
Live screenshot

Full Image

211
Requests

99 %
HTTPS

52 %
IPv6

43
Domains

74
Subdomains

66
IPs

9
Countries

7819 kB
Transfer

15348 kB
Size

20
Cookies

211 HTTP transactions
2 data transactions