www.gmanetwork.com Open in urlscan Pro
52.85.61.113 Public Scan

URL: https://twitter.com/gmanetwork

URL: https://instagram.com/gmanetwork

URL: https://youtube.com/gmanetwork

URL: https://hh360trk.com/6978e09f-c634-4bc0-b2ac-c47549c92bd6?campaign_id=00a63bf258d892c5b2a730f47d9591d5f2&publisher_id=$publisher_id$&ad_id=00880cbd913bb7ed9c6ac7ff4317a8dba8&ad_title=Neuropathy+%28Nerve+Pain%29%3F+Do+This+Immediately+%28Watch%29&section_id=$section_id$&section_name=$section_name$&req_id=$req_id$&promoted_link_id=00880cbd913bb7ed9c6ac7ff4317a8dba8&time_stamp=$time_stamp$&ob_click_id=$ob_click_id$&obOrigUrl=true
Title: Neuropathy (Nerve Pain)? Do This Immediately (Watch) Health Headlines 360

URL: https://om.forgeofempires.com/foe/en?ref=out_en_ca_001&external_param=$section_name$&pid=$publisher_name$&bid=005140a9217c66878af68c87fe1bd8e3c0&obOrigUrl=true
Title: If You Need To Kill Time On Your Computer, This Vintage Game Is A… Forge Of Empires

URL: https://trck.tracking505.com/7b14696c-31e4-4910-8e2e-91f09b69c4b5?campaign_id=00a0092419caaae2fdb0d9e88e2a254e0a&publisher_id=$publisher_id$&publisher_name=$publisher_name$&ad_id=0082f1f6ad7417b24daba038660c3e397c&ad_title=Unsold+Laptops+Are+Being+Sold+for+Next+to+Nothing.+%28Click+for+Results%29&section_id=$section_id$&section_name=$section_name$&req_id=$req_id$&promoted_link_id=0082f1f6ad7417b24daba038660c3e397c&time_stamp=$time_stamp$&cpc=$cpc$&ob_click_id=$ob_click_id$&obOrigUrl=true
Title: Unsold Laptops Are Being Sold for Next to Nothing. (Click for Results) Laptops | Search Ads

URL: https://www.acsthper.com/products/magic-metal-kinetic-sculpture---free-shipping?obOrigUrl=true
Title: We are selling off our remaining magic metal windmills. acsthper

URL: https://canadianfinancialmatters.ca/canadians-over-40-could-get-up-to-200000-coverage-instantly-for-their-whole-family-this-march-2022/?obOrigUrl=true
Title: Canadians over 40 can qualify for this coverage. Canadian Financial Matters

URL: https://themoneytime.com/random-knowledge-quiz/2?utm_source=ob-quiz&utm_template=quiz&utm_medium=$publisher_name$-$section_name$&utm_term=$publisher_id$_$section_id$&utm_content=00a39f290056282afaa04702fd3c51e9f2&utm_campaign=tmt-ob-big4-d-randomquiz-22.02.13-8443-cnr_p15_page2_chrome_3059&utm_cpc=$cpc$&obOrigUrl=true
Title: We Will Guess Your Education Level in 20 Questions https://themoneytime.com/

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

URL: http://facebook.com/gmanetwork

URL: http://twitter.com/gmanetwork

URL: http://instagram.com/gmanetwork

URL: http://youtube.com/gmanetwork

URL: http://careers.gmanetwork.com/
Title: Careers

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lnk.ozy.com/click/gb01-2ik8sk-x5ng6e-fuoonsd6/ HTTP 302
https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsspu4Bl5Z6gKBThpJNVflX6bhsV0SVG0LGI69YoJSVJgH-gOpv7qKhC6PJAvN14X03ovvnB4v33odY_4YD6L4BaeIcKuldQzSlayvWhNA0dpi8SOP7u5s0_wcFnpL0IQEVe7g9xGY7Hl8avOhkIP43LUku56hUsPbbsN7-y--mB9jt_gON_l9agn5w2Bm7zrsD5zxxsxqAb407wPo4T71NpV5M7ZBQhop-51a18T1NNnOaMhLG3lVYOrOxtolFVqqWCmu8QFuNdSn2iYBC8IdXvckH7XVGI9-FVePvW0SEYkRTMK-EXVt-19tFHP6ShovCItUrviZB9ZiA&sai=AMfl-YQ-mH0t86RdrecE44UroiaadqIGeTJhL7s20Cq-_5zkQ18ZcBuWe7mnypSWtSlAK7-4LGo6KzDMC-FbJbW9Dy2HhtaZiecutbtdHam7lP2tekdGw8HwHSxtVyWl_yEA&sig=Cg0ArKJSzPzFRV2n1xcJEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js HTTP 302
https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js

Request Chain 156

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1647881819842.27861&hostname=www.gmanetwork.com&location=%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&title=How%20and%20where%20did%20the%20Oktoberfest%20originate%3F%20%7C%20GMA%20Entertainment&sop=false&description=Why%20is%20it%20celebrated%20in%20October%3F%20You%20may%20ask.%20Find%20out%20HERE%3A HTTP 301
https://l.sharethis.com/sc?event=pview&version=buttons.js&lang=en&sessionID=1647881819842.27861&hostname=www.gmanetwork.com&location=%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&title=How%20and%20where%20did%20the%20Oktoberfest%20originate%3F%20%7C%20GMA%20Entertainment&sop=false&description=Why%20is%20it%20celebrated%20in%20October%3F%20You%20may%20ask.%20Find%20out%20HERE%3A&samesite=None

Request Chain 192

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://sync.sharethis.com/nlsn?uid=2ed87245b9b3dfa3fc2a2dbfbf275d45

Request Chain 193

https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync.sharethis.com/int/lotame?uid=974ff2a19427fffafd50354df8c76068&gdpr=0&gdpr_consent=

Request Chain 194

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=735904f1-e50d-418d-88c3-0192d4f4b2df&gdpr=0&gdpr_consent=

Request Chain 195

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2FoTaFWlDpsQvf5ZxaAO2cIRel86N-u2Qd44M9kVHjmM&gdpr=0&gdpr_consent=

Request Chain 196

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3625949748297990195 HTTP 307
https://ml314.com/csync.ashx?fp=272f78112db6add66d3d14845236273b41c39f39881ead7bb61532496cf6a1c3f4cb09cee1a4f8eb&person_id=3625949748297990195&eid=50082

Request Chain 197

https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&_rand=1647881820427 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&_rand=1647881820427&_expected_cookie=a80a0013eea1b7fddf19fd73dd6f289a HTTP 302
https://sync.sharethis.com/drawbridge?uid=a80a0013eea1b7fddf19fd73dd6f289a

Request Chain 204

https://idsync.rlcdn.com/711123.html?partner_uid=d961550e-a2fb-48c1-b460-760b4fc2ae7e HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CNOzKxIwCiwIARDTgQoaJGQ5NjE1NTBlLWEyZmItNDhjMS1iNDYwLTc2MGI0ZmMyYWU3ZRAAGg0I3NzikQYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=36ecb55f78834d6d45699ddaa9a1b71644f2881147359fb627946f4b6d418bfc791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzNmVjYjU1Zjc4ODM0ZDZkNDU2OTlkZGFhOWExYjcxNjQ0ZjI4ODExNDczNTlmYjYyNzk0NmY0YjZkNDE4YmZjNzkxNDI2YjU0MTdkY2UyMRAAGgwI3NzikQYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzNmVjYjU1Zjc4ODM0ZDZkNDU2OTlkZGFhOWExYjcxNjQ0ZjI4ODExNDczNTlmYjYyNzk0NmY0YjZkNDE4YmZjNzkxNDI2YjU0MTdkY2UyMRAAGgwI3NzikQYSBAgCEABCAEoA&google_gid=CAESEFwH7SEJ6eGOev6aCT7eYT8&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=35fcf7ff-b2dd-48a7-bf90-bd53536d7889

Request Chain 236

https://idsync.rlcdn.com/420046.gif?partner_uid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=36ecb55f78834d6d45699ddaa9a1b71644f2881147359fb627946f4b6d418bfc791426b5417dce21&_=2 HTTP 307
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d

Request Chain 238

https://b1sync.zemanta.com/usersync/outbrain/?puid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&s=2&us_privacy=1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=yxLnveYjmqCfUD7JKYJ8&gdpr=0&us_privacy=1---

Request Chain 239

https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dappnexus%26uid%3D%24UID%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh HTTP 302
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=8459286220222525158&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh

Request Chain 240

https://dpm.demdex.net/ibs:dpid=133726&dpuuid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&gdpr=0&gdpr_pd=1&gdpr_consent=

Request Chain 242

https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://sync.outbrain.com/cookie-sync?p=ttd&uid=735904f1-e50d-418d-88c3-0192d4f4b2df

Request Chain 245

https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh HTTP 302
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=5e4b1df9-dd0b-49fb-b08e-36acc939ddbf

Request Chain 246

https://x.bidswitch.net/sync?ssp=outbrain&user_id=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=outbrain&bsw_custom_parameter=7e002fc4-96ab-4ac8-8032-4369055275d8 HTTP 302
https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=30d79969-8f10-4749-8c4e-a7f6a560917b&ssp=outbrain&bsw_param=7e002fc4-96ab-4ac8-8032-4369055275d8 HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=7e002fc4-96ab-4ac8-8032-4369055275d8&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 248

https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEE-1faDMrMqaJvSyct_Hdpk&google_cver=1 HTTP 302
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=CAESEE-1faDMrMqaJvSyct_Hdpk&dsp_id=16&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

Request Chain 249

https://dsp.adfarm1.adition.com/cookie/?ssp=25 HTTP 302
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7077598528877426828

Request Chain 252

https://creativecdn.com/cm-notify?pi=outbrain HTTP 302
https://creativecdn.com/cm-notify?pi=outbrain&tc=1 HTTP 302
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=3ItynYCuKS2fmBKIlmlC&pi=outbrain&tc=1

Request Chain 253

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268 HTTP 302
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L10YAF0G-1Z-F0UL

Request Chain 256

https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh HTTP 302
https://idsync.rlcdn.com/397416.gif?partner_uid=2ed87245b9b3dfa3fc2a2dbfbf275d45 HTTP 307
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=7ad0c045-5f9a-4f7d-92c2-bd44440666cc

Request Chain 257

https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&s=193091&C=1 HTTP 302
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YjiuXXCUXecuuj-3Gj32GgAAABEAAAAB&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh

Request Chain 258

https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&__user_check__=1&sync_id=ed6c4f30-a937-11ec-8e58-17530a7d0503 HTTP 302
https://sync.outbrain.com/cookie-sync?p=spotx&uid=ed6c4ecd-a937-11ec-8e58-17530a7d0503&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh

Request Chain 259

https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%2526uid%253D%2523PMUID HTTP 302
https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8459286220222525158&gdpr=0&gdpr_consent=PM_CONSENT

Request Chain 260

https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%26uid%3D HTTP 302
https://sync.outbrain.com/cookie-sync?p=openx&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=9f079624-ed33-44e1-aed4-6f1ac526c03f

Request Chain 261

https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UPed77f61d-a937-11ec-89a1-0e8c2194d7f9 HTTP 302
https://sync.outbrain.com/cookie-sync?p=oath&uid=UPed77f61d-a937-11ec-89a1-0e8c2194d7f9

Request Chain 262

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%0A HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%0A&b64_redirect=aHR0cHM6Ly9zeW5jLm91dGJyYWluLmNvbS9jb29raWUtc3luYz9wPWVteCZ1aWQ9JEVNWFVJRCZvYlVpZD1VTlFGdkxjSjNwYmZtc1NtbU1nQmxvZDBnX29SVWFVdmFROFpaLWdraFlCem9tVzN0MGlwanlrYnVVWnhtOGZoCg==

Request Chain 263

https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh HTTP 302
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=e2e42166-effd-4d09-8b05-6fd62b8fb307&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh

Request Chain 264

https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%24%7BUSER%7D%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&zcc=1&cb=1647881821468 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2449783454 HTTP 302
https://sync.1rx.io/usersync/tradedesk/735904f1-e50d-418d-88c3-0192d4f4b2df HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-2319feac-c3e8-4f3e-bebe-bd60cfd9bc21-005?redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3DRX-2319feac-c3e8-4f3e-bebe-bd60cfd9bc21-005%26obUid%3D%24D HTTP 302
https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-2319feac-c3e8-4f3e-bebe-bd60cfd9bc21-005&obUid=$D

Request Chain 266

https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%26gdpr%3D$GDPR_APPLIES%26gdpr_consent%3D$CONSNT_STRING HTTP 302
https://sync.outbrain.com/cookie-sync?p=smart&uid=3390273293420345663&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING

Request Chain 267

https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&redir=true HTTP 302
https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-bzpvM51E2uEI6QZL.mUmAhNlA_Ar6Cv3ZLi4pyo-~A&gdpr=0&gdpr_consent=

Request Chain 269

https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh HTTP 307
https://sync.outbrain.com/cookie-sync?p=synacor&uid=73C70720B17E414EBA9A6CCF2B5B3126&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh

Request Chain 270

https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%26uid%3D%7BUSER_ID%7D HTTP 302
https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=a9122b11-185f-4512-bdc8-c77fbd651c1e

Request Chain 272

https://id.rlcdn.com/711945.gif?cparams=obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh HTTP 307
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh

Request Chain 275

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D56%26pid%3D5b59760c073ef46a2e6b8f13%26key%3D%7Bdevice_id%7D HTTP 307
https://sync.aniview.com/cookiesyncendpoint?auid=1647881820919-953919478774-005576-007-004715&biddername=56&pid=5b59760c073ef46a2e6b8f13&key=5728f9d2-ac1a-4fc8-9df7-5885e20740dc

Request Chain 277

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1647881820919-953919478774-005576-007-004715&biddername=22&key=e2e42166-effd-4d09-8b05-6fd62b8fb307

Request Chain 279

https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D18%26key%3D%24UID HTTP 307
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D18%26key%3D%24UID&sovrn_retry=true HTTP 307
https://sync.aniview.com/cookiesyncendpoint?auid=1647881820919-953919478774-005576-007-004715&biddername=18&key=82cc8b8c4d980fb73445e855

Request Chain 308

https://c1.adform.net/serving/cookie/match?party=14&cid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4

Request Chain 309

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YjiuXQAO2wtfkgBH HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjiuXQAO2wtfkgBH&gdpr=0&gdpr_consent=&_test=YjiuXQAO2wtfkgBH HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=53e87097b3b01238&is_secure=true&networkId=17100&version=1&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGd_FWhqspSANo1yx3AAAAAAA&expiration=1647968221&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=j_YcddihGi-U904rgPICfoHxGHiU_Ewr3_LWlG8Y HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 310

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:08f46238-ae5d-4800-8e4f-69c1c3fe0652&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7062367194f01237&is_secure=true&networkId=17100&version=1&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGeKc8t_amcAN9muX3AAAAAAA&expiration=1647968221&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=j_YcddihGi-U904rgPICfoHxGHiU_Ewr3_LWlG8Y HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 311

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCVUpFN0VjVjBBQURWWVNiYTlXUQ&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABUJE7EcV0AADVYSba9WQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7924081689231374706 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABUJE7EcV0AADVYSba9WQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7924081689231374706%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
https://match.prod.bidr.io/cookie-sync?userid=7924081689231374706&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABUJE7EcV0AADVYSba9WQ&pid=558502&do=add HTTP 303
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABUJE7EcV0AADVYSba9WQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7924081689231374706%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 307
https://match.prod.bidr.io/cookie-sync?userid=7924081689231374706&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABUJE7EcV0AADVYSba9WQ HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_ED17150B_4A6A29CA&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
https://pmp.mxptint.net/sn.ashx?ak=1

Request Chain 313

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b0YMFHSRSpq26vHxErHo1A%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 314

https://idsync.rlcdn.com/420486.gif?partner_uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHR1IMVVlIEpQZKN4vzLVQ0&google_cver=1

Request Chain 315

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=50146238-ae5d-4700-98eb-30796b35639b

Request Chain 316

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkY0NjBDMTQtNzQ5MS00QTlBLUI2RUEtRjFGMTEyQjFFOEQ0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%26uid%3D6F460C14-7491-4A9A-B6EA-F1F112B1E8D4 HTTP 302
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4

Request Chain 317

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIQfyOx4JJL4_YT3BqbsHGg&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%26uid%3D6F460C14-7491-4A9A-B6EA-F1F112B1E8D4 HTTP 302
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4

Request Chain 318

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:9502D91020DB4D37BFA09D9CCB38475C HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=eda3e7b6-a937-11ec-99ba-f57c117b80eb&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=

Request Chain 319

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6942632792172556660&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%26uid%3D6F460C14-7491-4A9A-B6EA-F1F112B1E8D4 HTTP 302
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4

Request Chain 320

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=735904f1-e50d-418d-88c3-0192d4f4b2df HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=69a47549bfc71236&is_secure=true&networkId=17100&version=1&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGeQIvu7pvmwNHErEoAAAAAAA&expiration=1647968221&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 322

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-iFG7SbxE2uWotdaiYHE7wPlsmQLRwYY-~A&gdpr=0&gdpr_consent=

Request Chain 343

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=7e002fc4-96ab-4ac8-8032-4369055275d8&google_hm=N2UwMDJmYzQtOTZhYi00YWM4LTgwMzItNDM2OTA1NTI3NWQ4 HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEE-1faDMrMqaJvSyct_Hdpk&google_cver=1&ssp=sonobi&bsw_param=7e002fc4-96ab-4ac8-8032-4369055275d8 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=7e002fc4-96ab-4ac8-8032-4369055275d8

Request Chain 344

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=968625778134367006

Request Chain 345

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=dbc9632d-7a64-4725-810b-286dacfe61cb&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ckhlZEJZOTFnQTFDZmhldUItaXFsQQ&gdpr=&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMYj8BW7wL5lVA8Dsm952yM&google_cver=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=tADkUwpjEYPD

Request Chain 346

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=f79d8a858b&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us.gif?nw=td&nuid=735904f1-e50d-418d-88c3-0192d4f4b2df&pubid=f79d8a858b HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=dbc9632d-7a64-4725-810b-286dacfe61cb HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=dbc9632d-7a64-4725-810b-286dacfe61cb&ckls=true&ci=dAlS00MmLc&nc=false&trid=-649063240 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D570392714%26rnd%3D-1547960371%26pcid%3D%23PMUID HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=570392714&rnd=-1547960371&pcid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%3B1402230080%26rnd%3D1580074992&pcid=$UID HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714;1402230080&rnd=1580074992&pcid=8459286220222525158 HTTP 302
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%26rnd%3D-1943433346%26pcid%3D HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=570392714;1402230080;1709765917&rnd=-1943433346&pcid=d8b35993-de9b-41ee-89de-ab9491d54401 HTTP 302
https://ce.lijit.com/merge?pid=8101&3pid=dAlS00MmLc&location=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%26rnd%3D-1068323789%26pcid%3D%5BSOVRNID%5D HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=570392714;1402230080;1709765917;1486637409&rnd=-1068323789&pcid=82cc8b8c4d980fb73445e855 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%3B396218182%26rnd%3D-994324750%26pcid%3D%24SPOTX_USER_ID HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182&rnd=-994324750&pcid=ed6c4ecd-a937-11ec-8e58-17530a7d0503 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%26rnd%3D-944616107%26pcid=[MM_UUID] HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182;1072441116&rnd=-944616107&pcid=08f46238-ae5d-4800-8e4f-69c1c3fe0652 HTTP 302
https://sync.1rx.io/usersync/intentiq/0?dspret=1&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%3B1678944572%26rnd%3D282449813%26pcid%3D%5BRX_UUID%5D HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-2319feac-c3e8-4f3e-bebe-bd60cfd9bc21-005?redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%3B396218182%3B1072441116%3B1678944572%26rnd%3D282449813%26pcid%3DRX-2319feac-c3e8-4f3e-bebe-bd60cfd9bc21-005 HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=541745869&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182;1072441116;1678944572&rnd=282449813&pcid=RX-2319feac-c3e8-4f3e-bebe-bd60cfd9bc21-005

Request Chain 347

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=08f46238-ae5d-4800-8e4f-69c1c3fe0652

Request Chain 356

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjiuXXCUXecuuj.3Gj32GgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGO4CUTpcacgBWOOSMWRyrg&google_cver=1&google_hm=2

Request Chain 357

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YjiuXXCUXecuuj-3Gj32GgAAABEAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIzhCb-pNu7WguymFfMJjL8&google_cver=1

Request Chain 358

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=735904f1-e50d-418d-88c3-0192d4f4b2df&expiration=1650473822&gdpr=0&gdpr_consent=

Request Chain 359

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YjiuXXCUXecuuj-3Gj32GgAAABEAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YjiuXXCUXecuuj-3Gj32GgAAABEAAAAB&dcc=t

Request Chain 360

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030002_6238ae5e822d0&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030002_6238ae5e822d0

Request Chain 362

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5148532162807273423&expiration=1649091422

Request Chain 363

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=e3579f9f-1a7c-45fe-b240-388ee016dae2-6238ae5e-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3De3579f9f-1a7c-45fe-b240-388ee016dae2-6238ae5e-4341%26partner_url%3Dhttps%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253De3579f9f-1a7c-45fe-b240-388ee016dae2-6238ae5e-4341%2526expiration%253D1650473822 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=e3579f9f-1a7c-45fe-b240-388ee016dae2-6238ae5e-4341&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3De3579f9f-1a7c-45fe-b240-388ee016dae2-6238ae5e-4341%26expiration%3D1650473822 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=e3579f9f-1a7c-45fe-b240-388ee016dae2-6238ae5e-4341&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3De3579f9f-1a7c-45fe-b240-388ee016dae2-6238ae5e-4341%26expiration%3D1650473822 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=e3579f9f-1a7c-45fe-b240-388ee016dae2-6238ae5e-4341&expiration=1650473822

Request Chain 371

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gmanetwork.com%2F&domain=www.gmanetwork.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=h4-q3XwxUzhtcDF0K3RDajVNRmRNMWFqWE5aUW1pYkNvOGRYL05PdFczZlpQZ0dtSXZiSnFoMDFpMmIxVGpZT08vR01YUnJFVkZ4RHd1ckR1RHpVVVVvVno0OXVXYTA3OXVtL2FqdnJ2b1pjOFZnSWJNaEZ6bG9LT0diSmhaeWl5QW1yVC9CaEJKeUptQkFVUG44SThCaVVFaE9MU0JaYlZqdURkMVVFWkxKdGlSVGM0MXJkQytQM01LVVpyRVY1THNGVllVRzBON29PZUJqYjEzS2p0RmcwVW16ZXVUL1RuR1NaVzA4dHdqVGcvRS9KZGVLS1FRYnAyVE5wSGJLV2l3YmRhfA&cppv=2

Request Chain 493

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.sharethis.com%2Fadnxs%3Fuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync.sharethis.com/adnxs?uid=8459286220222525158&gdpr=0&gdpr_consent=

Request Chain 494

https://pixel.tapad.com/idsync/ex/receive?partner_id=2326&gdpr=0&gdpr_consent=&partner_device_id=ZHAABWI4rlsAAAAIGjlcAw%3D%3D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2c213d02-d0eb-46e8-83a8-211dec9f9486%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=735904f1-e50d-418d-88c3-0192d4f4b2df&ttd_puid=2c213d02-d0eb-46e8-83a8-211dec9f9486%2C

Request Chain 495

https://id5-sync.com/s/121/2.gif?puid=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/121/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/121/2/1/2.gif?puid=8459286220222525158&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOJUDtRQ3K-Op_M03T4WbPEgk1XT8Y9jDI_pyHqQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F121%2F3%2F0%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/121/3/0/3.gif?puid=08f46238-ae5d-4800-8e4f-69c1c3fe0652&gdpr=0&gdpr_consent=

Request Chain 496

https://aa.agkn.com/adscores/r.pixel?sid=9212270798&puid=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://i.liadm.com/s/52233?bidder_id=100905&bidder_uuid=205020204097010366541 HTTP 303
https://i.liadm.com/s/52233?bidder_id=100905&bidder_uuid=205020204097010366541&_li_chk=true&previous_uuid=5c85c2c172c24f20a0d73baaf2412958 HTTP 303
https://i6.liadm.com/s/52233?bidder_id=100905&bidder_uuid=205020204097010366541

Request Chain 497

https://pixel.onaudience.com/?partner=138&gdpr=0&gdpr_consent=&mapped=ZHAABWI4rlsAAAAIGjlcAw%3D%3D HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=2ed87245b9b3dfa3fc2a2dbfbf275d45&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=18aeb857f3ec25f2

Request Chain 498

https://tags.bluekai.com/site/59574?id=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 499

https://dpm.demdex.net/ibs:dpid=600901&dpuuid=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.sharethis.com%2Fadobe%3Fuid%3D%24%7BDD_UUID%7D%26_rand%3D1647881828556 HTTP 302
https://sync.sharethis.com/adobe?uid=19690418951726238072852260621404612550&_rand=1647881828556

586 HTTP transactions
-26 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request story Show response
www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/
Redirect Chain

http://lnk.ozy.com/click/gb01-2ik8sk-x5ng6e-fuoonsd6/
https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Cam...

278 KB
62 KB

706ms
628ms

Document
text/html

52.85.61.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-113.ewr53.r.cloudfront.net
Software: eqmod_httpd v1.0 (author: mon sarmiento) /
Resource Hash: 460e35edb59e7295c2acecbace1ae49d9116a4a4d4443d4c7b1b80736506d523

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

content-type: text/html; charset=UTF-8
content-length: 62773
date: Mon, 21 Mar 2022 16:56:56 GMT
expires: Sat, 01 Jan 2000 00:00:01 GMT
last-modified: Mon, 21 Mar 2022 16:56:56 GMT
content-encoding: gzip
server: eqmod_httpd v1.0 (author: mon sarmiento)
access-control-allow-origin: www.gmanetwork.com
access-control-allow-methods: POST, OPTIONS, GET, PUT
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With
p3p: CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
access-control-max-age: 1
cache-control: max-age=120, public
etag: "1647910616"
x-elapsed-time: 168150 microseconds
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: YDP_pJ4SdLDLYPtsR4fgAxy6z8Z8Ez4OCG3bgJAYF6LiyakmqlZILQ==

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Server: TRK01
Refresh: 0; URL=https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Date: Mon, 21 Mar 2022 16:56:55 GMT
Content-Length: 354

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 89ms
39ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-242242-18

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9600c0d5c00f134c8636ea6d84e6169adacfd82724db952210f1fa39576c12bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36792
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 16:08:06 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Mar 2022 16:56:56 GMT

GET
H2 200 global.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/build/globals/ 37 KB
11 KB 149ms
20ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/build/globals/global.js?v=1.1.0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a997e51d14e5ea6a8fc9dc34795effe7378744fdd0e2e9f4a662bdd24a918de3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 14 Mar 2022 01:50:10 GMT
server: AmazonS3
age: 38
etag: W/"d65b5bf97ec2364c52687c373353061b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:56:37 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: fcsRnjcPPWXTDbBlrB5uKS9zaGHEmSZYiGMnmlue7cnSilRAmUybjQ==

GET
H/1.1 200
OK prod-global-179580.js Show response
rtbcdn.andbeyond.media/ 369 KB
32 KB 132ms
26ms Script
text/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 081156d8defb477ebf1b704f4c794558a0546c87457deb762aa66f0e768ed994

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:56:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Mar 2022 11:44:19 GMT
ETag: "1646394259"
X-HW: 1647881816.dop096.dc2.t,1647881816.cds048.dc2.shn,1647881816.dop096.dc2.t,1647881816.cds102.dc2.c
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1667
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 32157

GET
H2 200 css
fonts.googleapis.com/ 107 KB
3 KB 88ms
38ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:300,300i,400,400i|Open+Sans:300,300i,400,400i,600,600i,700,700i|Oswald:300,400,700|Raleway:300,300i,400,400i,600,600i,700,700i|Roboto+Condensed:300,300i,400,400i,700,700i|PT+Sans:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700i|Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i|Lato:100,100i,300,300i,400,400i,700,700i,900,900i&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bd8ea974efa55ff4eeb0779b5bd2421f0332dd5321b3a80cd23ee91fbb763cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 16:46:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Mar 2022 16:56:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Mar 2022 16:56:56 GMT

GET
H2 200 global.css
aphrodite.gmanetwork.com/assets/revamp/css/build/common/ 32 KB
7 KB 149ms
20ms Stylesheet
text/css 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/common/global.css?v=1.1.0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99451ad1bc00b65d3a192c63bda692dae96879484b114c2723ebc18db1511622

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 08:32:12 GMT
server: AmazonS3
age: 51
etag: W/"b354d4b64f953bfed12030971e65fe50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:56:37 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: iVJv7E8JmpFN4BRc5pPsK1Go-MrQt2pdpxNpcp9I2uoyt4x5Q1EKXQ==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
994 B 85ms
36ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a63484b282b9e1d81890300e37264bc39cec82bb6847ba9a0e2c62374720b566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 16:56:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Mar 2022 16:56:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Mar 2022 16:56:56 GMT

GET
H2 200 deliveraw.nmi Show response
ads.allaccess.com.ph/ 505 B
692 B 1611ms
251ms Script
text/plain 52.77.123.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.allaccess.com.ph/deliveraw.nmi?sid=0015&zoneid=1058&synad=|oktoberfest|origin|history|munich|bavaria|germany|wedding|kinglouisi|princess|theresevonsachsenhildburghausen|theresienwiese|theresesfields|wiesn|tradition|totalbeerconsumed|annually|evolution|celebration|festivities|trivia|lifestyle|hobbiesandinterests|
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.123.164 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-123-164.ap-southeast-1.compute.amazonaws.com
Software: Kannel/1.4.1 /
Resource Hash: 3274a12902cd1a0c5aea8fa16ec943eab10db3c0706f4f1e4609ca4c7bb96ba6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
server: Kannel/1.4.1
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, must-revalidate
content-type: text/plain
content-length: 310

GET
H2 200 fb_audience_pixel.js Show response
aphrodite.gmanetwork.com/assets/revamp/third_party/ 611 B
972 B 25ms
21ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/fb_audience_pixel.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d14f346f2ab7021ce99a1458c7320640b3ed4913db6a88752ad15f0364b77a0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 20 Apr 2020 03:36:10 GMT
server: AmazonS3
age: 38
etag: "47fd4cc3f8f248fffb737b68408e0808"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:56:37 GMT
x-amz-cf-pop: EWR52-C4
content-length: 611
x-amz-cf-id: 1WFLBJZPHuif9cRsjC9Bht57LBWv2N1kR_Th5bAqMIzUIV94eZTWvw==

GET
H2 200 twitter_audience_pixel.js Show response
aphrodite.gmanetwork.com/assets/revamp/third_party/ 434 B
795 B 25ms
21ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/twitter_audience_pixel.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31e2714fd3bb87dc67c70acf6804d3d31243955fb1c2f8f4a871edcb75d474b3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 20 Apr 2020 03:36:10 GMT
server: AmazonS3
age: 38
etag: "6ee8814f59df2ecef41d78bdd3ff7de0"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:56:37 GMT
x-amz-cf-pop: EWR52-C4
content-length: 434
x-amz-cf-id: lbLIvJCP9M-6I55ZOCczbgZMzvkJfrJxayfbmsIw-sPsRH7McxIKwg==

GET
H2 200 alexa.js Show response
aphrodite.gmanetwork.com/assets/revamp/third_party/ 356 B
714 B 25ms
20ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/alexa.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8ec5620545c02b163f380bae1719491f6e5d4d865524537d7e8b94f340d1c19

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 20 Apr 2020 03:36:10 GMT
server: AmazonS3
age: 70
etag: "6bf8c350ad65697c9b3959785c6d61ed"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:52 GMT
x-amz-cf-pop: EWR52-C4
content-length: 356
x-amz-cf-id: -jmyoq6Alg22J1oicaSL6mmgtKYtHatx5O_m3k13d7tf8D3BGOXD_g==

GET
H2 200 xaxis.js Show response
aphrodite.gmanetwork.com/assets/revamp/third_party/ 300 B
660 B 27ms
23ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/xaxis.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6063b35596283782986e2315b130ca796ac2a849b66f4f24def9e86af3ea2123

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 20 Apr 2020 03:36:10 GMT
server: AmazonS3
age: 38
etag: "13d49fc09adb198deecd06ec9fcd42cc"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:56:37 GMT
x-amz-cf-pop: EWR52-C4
content-length: 300
x-amz-cf-id: 49209iHLIRfcCX6nPkmNUGB3Nm4qYZcOXiyilHnJSJxOUSrKTuqE1g==

GET
H2 200 dfp.js Show response
aphrodite.gmanetwork.com/assets/revamp/third_party/ 449 B
808 B 26ms
22ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/dfp.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a5d822ac21615139bee0a798ebe51aacd3faaf72e145964ad28e8bc81a19791

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 20 Apr 2020 03:36:10 GMT
server: AmazonS3
age: 38
etag: "30edd6d5a26d18f6d4e0592d0da067d5"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:56:38 GMT
x-amz-cf-pop: EWR52-C4
content-length: 449
x-amz-cf-id: Ay-Phr6SavZcsuK_utVpYZa19_NSIcyebUx_r7OdTXtX7og0Msi_uQ==

GET
H2 200 moment.min.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 46 KB
16 KB 29ms
25ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/moment.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07cd52486d776b2f3fae36135d7333afde4b870601b545e8fb1c1f76e2e5e00f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 38
etag: W/"64c72390d60a3d38239fb1c9427384b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:56:37 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: 3gyFnf5JJV0Zr_5YCppeslc8XMeivPIbj385sYVX7LAy0Mr7vxg7-A==

GET
H2 200 jquery.dotdotdot.min.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 6 KB
3 KB 26ms
19ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/jquery.dotdotdot.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8fe1b7c00540dee47863f395ae080b221e47857a6b430cc810e60051a9ed852

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 99
etag: W/"ff84fd60796a03ea6c707a5f9d890edd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:52 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: E0icV4phf9b0smGkt_ceFuzPLFvMzy_YgQsT7bQWzNAzm8g6q8EGBw==

GET
H2 200 isotope.pkgd.min.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 33 KB
10 KB 29ms
22ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/isotope.pkgd.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0a513e151eab27b1fe80031f424b9af7219ce4c81b221174a0bd0e973171a9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 99
etag: W/"4a53a5630b4912cd536531a7b95ee703"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:52 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: Hqx4CqVJDjoPFtWgYoJtTTIj_44HvQnYQCKzzi26twKeV5FRoZDF8w==

GET
H2 200 owl.carousel.min.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 39 KB
11 KB 28ms
22ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/owl.carousel.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a57842d654007cffb9883aeb5340bb3eeddbf14883b0c9e0eb7acbc52fc98ae6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 100
etag: W/"407174a8263b2768e43ce96e1d31a3ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:52 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: -hS6ciNjnhnGsP38y-6Um2_V-JjtJaCSoHhIsOwJhKe6QKn529OOhQ==

GET
H2 200 imagesloaded.pkgd.min.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 5 KB
2 KB 40ms
31ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/imagesloaded.pkgd.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64e85a9d9b39ab58a81d17212b33c8da4470fb691817ceaf2a49249792caf6de

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 99
etag: W/"8a141f3c1f1e8706e00093b22e2df23c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:52 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: kZFqwTNBWBl1KNXCNbg0I9XZuyZGj4vORQ2-un1nnahxO6pdmQvivA==

GET
H2 200 lazyload.min.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 3 KB
2 KB 42ms
33ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/lazyload.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3e57462ac92c91e04c38ba9e8320c7e46feaa9f0c36b5b31aa5cbf5b2cb1663

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 100
etag: W/"035b5efa7311b88645eb9332366a05ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:52 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: ZxcG8YudhzkCTqmnr8s_YrC43QUmu61TqRiZZNxr175hvgDNHRl23g==

GET
H2 200 dropkick.2.1.9.min.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/ 17 KB
6 KB 43ms
35ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/dropkick.2.1.9.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b817e06a793c479743836d6df14c3779d83b6d47bf5e9bda17fabe40d34c3e29

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 10 Oct 2019 12:34:12 GMT
server: AmazonS3
age: 99
etag: W/"7229ed9bd5cfc5a13888a2b6c4064ac8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:52 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: XrHz4NBuhDiI_V7x8rUn_2ndK76OnGDPW637nE9zpsft23S6LcEx-Q==

GET
H2 200 js.cookie.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 2 KB
1 KB 41ms
32ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/js.cookie.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e327064ee5d9487aca2d6f653c9968a48ea6c417a4782c4513ff94140335bd2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 111
etag: W/"0518b2d1f4a953e0ac736ff724ce490d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:06 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: FykHgOUWzZde5aWQ-KzYp0uGDCkLaqczTyFRwh6teeG-OZrj0MB_hQ==

GET
H2 200 jquery.validate.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 23 KB
8 KB 41ms
32ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/jquery.validate.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f90c8378906ccce3bdc8feb67309c093e47a06d146821fc3b1f6f2b6a341b635

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 99
etag: W/"64083b4fafa91bbbe1b257f4787db104"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:52 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: eCzqohkfnwfp_axbNy0EQlrh4XEOfqg9WEJ7S0N7BdUxniUYS8VW9g==

GET
H2 200 jquery.webui-popover.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 17 KB
6 KB 41ms
32ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/jquery.webui-popover.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b93b2a7697e6683b18e83e797d6809eba592fc5603205f6f1bd7d851c0d2c39

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 111
etag: W/"2ed09c7af072a98b77a41640b49f5e85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:52 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: EG9z9fdaqKl_e9p-X4m4ehHXHSp7Xi1J7hla0RSbYUFtqNJIyrPlLA==

GET
H2 200 datepicker.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 17 KB
6 KB 39ms
32ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/datepicker.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efd6654d1532784a176f6d7c32bc66684a269528a5358c3d8e2838b1ec186a66

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 100
etag: W/"9459cdf667a55950a6a8255011169d3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:49 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: 88yrU7hzEePl-KSGIN0QIaoPxBgSNSljnwB-lRDkoRE6OpuG3DPgTw==

GET
H2 200 pwstrength-bootstrap.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 12 KB
4 KB 53ms
47ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/pwstrength-bootstrap.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a82876df90dd9dce6546d543aa44fbf65fa1d136a3d10062c8339ebeb08f7a5f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 111
etag: W/"e60e65ed966db0cdf7014288e6d3b6ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:06 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: Pu-uQHdq6gUkBCthwaSBGZbx23oL_DbWg1yhEmtrrA_Xc_dWlVEZ3Q==

GET
H2 200 perfect-scrollbar.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 24 KB
7 KB 38ms
33ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/perfect-scrollbar.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34149146801b604104c038f1afa8b9db20f7223cb8039f6338ab8dc4e980a2ae

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 109
etag: W/"134411abb405e10986ee2356349a1592"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:08 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: QfQvYUgTzzloqKG7Busje3b4Ap4SYj6W8newQ94zD4btA35y6uEZPA==

GET
H2 200 sso.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/build/globals/ 56 KB
13 KB 39ms
34ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/build/globals/sso.js?v=1.1.0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caf4e4ec996ecb2b60b89a824c946ce67e8958d74f07f1866424e9cd57d82570

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 18 May 2021 09:54:11 GMT
server: AmazonS3
age: 99
etag: W/"38b5d9b5a3a641c0bf760b54c555ebc3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:50 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: 5LMFS-yuUzmBd7uXVrp9lMzuynDYGH31PZhy68qo16BW-yY2WuhbqQ==

GET
H2 200 common.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/build/globals/ 17 KB
6 KB 38ms
33ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/build/globals/common.js?v=1.1.0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4ea62723bea1f1b6ed2a3ad95b145a5c8637c250ddd29872e1d7b02f7f743b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 05:32:09 GMT
server: AmazonS3
age: 99
etag: W/"76f51941b9dd2f03a47ae05afa14d70a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:52 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: 4GqAkTfSqRi-h79F78e3s6J4bhfzIMjlSHWiG72P1tpn-OMo0ACruw==

GET
H2 200 celebritylife_article.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/build/ 246 KB
59 KB 617ms
612ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/build/celebritylife_article.js?v=1.1.0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0b1bd77c5a97e8405cfa0a5517d56c6fdd1c601311382e02d354235cea6febe

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 01:20:08 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
etag: W/"f2dcab15fd180bdb665a17a6f81b9eae"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:56:57 GMT
x-amz-cf-id: O4BYo9x-Ss_V_4PUo--J9CPwVuuLnJ26NFulwWGbr4gFv5RNfAREbQ==

GET
H2 200 modernizr-2.8.3.min.js Show response
aphrodite.gmanetwork.com/assets/revamp/libs/ 14 KB
6 KB 51ms
47ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/libs/modernizr-2.8.3.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d487f8f89772d53e7f3f57569abdd5b090439e3d9bbc1a6b084b27a6fb6ee9b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 99
etag: W/"a33f2da92180afd81cc38edfdbc08945"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:52 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: B3gtYiptxwmViDEkiJJgTnEOnTjT3rjdKGxIu7XTzQlCq5jiipYWEw==

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/5.5.4/ 34 KB
12 KB 87ms
22ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.4/firebase-app.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9061f372e65347081ccc226f73a3c961fdf266629e5f4490cea8fa4fb8637582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 23:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12419
x-xss-protection: 0
last-modified: Thu, 11 Oct 2018 22:40:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Mar 2023 23:12:26 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/5.5.4/ 35 KB
10 KB 83ms
18ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.4/firebase-messaging.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e87c14a38296bdf92c4f9a1cd41ad9077a3cbe2d33d51eb4fb54f4706c9ebe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 01:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10045
x-xss-protection: 0
last-modified: Thu, 11 Oct 2018 22:40:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Sun, 19 Mar 2023 01:25:37 GMT

GET
H2 200 ent_webpush.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/build/sw/ 37 KB
12 KB 36ms
33ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/build/sw/ent_webpush.js?v=1.1.0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72ffa8d7f17574be83584954d4195ef712e44d1bddb7b401fb27c6b8525a9bc1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 06:50:09 GMT
server: AmazonS3
age: 108
etag: W/"750a8c3167328fb5f02c1abad060b898"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:08 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: 21LBztFntIbZVewXWPsBjiTu22dYFmbiAX-53c02iZTbr6AdIiLQ2g==

GET
H2 200 fb_sdk.js Show response
aphrodite.gmanetwork.com/assets/revamp/third_party/ 436 B
797 B 36ms
34ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/fb_sdk.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ef4f2c2fa38f88e1aeaea7043fc0b3331efdc18d3fe7fbe9843d1b2b473b238

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 20 Apr 2020 03:36:10 GMT
server: AmazonS3
age: 99
etag: "8a6da5f25792b4d4a59f85f7d6bb7da2"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:52 GMT
x-amz-cf-pop: EWR52-C4
content-length: 436
x-amz-cf-id: d_8BzzkTLQNM1eyLm2elTHyGGkBbM528PXAHLxdDksBR--MHgANDfA==

GET
H2 200 quantcast.js Show response
aphrodite.gmanetwork.com/assets/revamp/third_party/ 555 B
915 B 49ms
47ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/quantcast.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a23bb9735adef0d14b41b552116f24a195b12d47029a6725305e921c5410ebf

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Thu, 04 Nov 2021 07:00:10 GMT
server: AmazonS3
age: 99
etag: "9d9ea6cf6cba460f511a5b81a18c3c6d"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:21 GMT
x-amz-cf-pop: EWR52-C4
content-length: 555
x-amz-cf-id: vYgU4hkXlcYSGP3G0VQUFyDIp8dyqTRE8wY0n8OqF-fG9extGvhA_A==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 80ms
25ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/fb_audience_pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: qLaS381RWldxBFLGZmSgdq3BKrQq3cTFRuXZvh83NTCddDkwVCHatJ1zRJG6OTwUFAgzE0slRUB46ZcXZwzEng==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 21 Mar 2022 16:56:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 84ms
24ms Script
application/javascript 146.75.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/twitter_audience_pixel.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:56 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 16:54:43 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200094-IAD

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 101ms
18ms Script
application/javascript 52.85.61.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/alexa.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-112.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 17:55:47 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 3279670
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: EWR53-P1
X-Amz-Cf-Id: UxGCa7YfOCLh3aFcwyHgX0VMFA0VnbtHa5_H2Qtzs2jm6uwimmgEEQ==

GET
H/1.1 200
OK tagr_lib_learn_ph_v3.js Show response
static-tagr.gd1.mookie1.com/s1/ 4 KB
1 KB 103ms
18ms Script
application/javascript 23.199.195.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tagr.gd1.mookie1.com/s1/tagr_lib_learn_ph_v3.js?tagid=V2_153300&id=GMA
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/xaxis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.199.195.120 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-195-120.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5ddadabbf40d5ed6cc3b3735f87451e0a5ec1782cec93f338005566ad060fbc6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:56:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2016 05:35:34 GMT
Server: nginx
ETag: "579999a6-1153"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1217

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 92ms
39ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/dfp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67a5c532b577b0e10202b41c659659a5de038f5f476fc2942e7ae96b2482f22b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27816
x-xss-protection: 0
server: sffe
etag: "1164 / 871 of 1000 / last-modified: 1647861046"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 21 Mar 2022 16:56:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 80ms
20ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242242-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 780
date: Mon, 21 Mar 2022 16:43:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 21 Mar 2022 18:43:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 170 KB
63 KB 50ms
48ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B4FW0S5GFB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242242-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15991086c0f4229a3c5011785747d2e8331dff463e7a3d6fd510f3d505824baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64285
x-xss-protection: 0
expires: Mon, 21 Mar 2022 16:56:56 GMT

GET
H2 200 abm.js Show response
serving.stat-rock.com/player/ 310 KB
98 KB 1487ms
272ms Script
application/javascript 199.101.135.227
WZCOM-

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/player/abm.js
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.101.135.227 , United States, ASN40824 (WZCOM-, US),
Reverse DNS: ap7.adplayer.pro
Software: nginx /
Resource Hash: 486acaeac912171619ad0b625813096a8379b38901b822e450ed7aeef1a1390e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:57 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 09:47:09 GMT
server: nginx
etag: W/"61f1189d-4d83b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 72ms
20ms Script
application/javascript 52.85.63.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-63-179.ewr53.r.cloudfront.net
Software: Server /
Resource Hash: 43935402f95c6e02452551eed170ad4ce21cd71f18dedc5efddd21ed1deca984

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: PkzOLZU8S17VIVcnoP84wAEiDGtgTmz9
content-encoding: gzip
etag: 0e4876665018a306b1c42fb415cdf907
age: 57204
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1XBZNAV4A4DDYPR1MY4X
date: Mon, 21 Mar 2022 01:03:32 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: EWR53-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Gx39riLvbN6EkycGnZRkucsNPzgUQjZ-vbwLYXlSxFd8uMSCJkcqZw==

GET
H/1.1 200
OK impstats.php Show response
prebid.andbeyond.media/ 68 B
297 B 1690ms
266ms XHR
text/html 13.250.247.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.andbeyond.media/impstats.php?aff=179580&type=pv
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.250.247.182 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-247-182.ap-southeast-1.compute.amazonaws.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d33dbc2542009ce4f15b633143b18578d9b5cfbddda30c555860d40ddce3d8db

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 21 Mar 2022 16:56:58 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
X-Powered-By: PHP/5.3.3
Content-Length: 68
Content-Type: text/html; charset=UTF-8

GET
H3 200 1543737212511664 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 43ms
18ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1543737212511664?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2e19882abf007f4f07b4defa177f25d9b6f8892d301aa53559767ed500858189

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89177
x-xss-protection: 0
pragma: public
x-fb-debug: jRH+WX48+3vShRpFxdT8yR45jk14B8hE80WRNavxB1dQ1HIqjdOmEKIKZ57U59eWm84xPuYEboIvH6N9HkQgxg==
x-frame-options: DENY
date: Mon, 21 Mar 2022 16:56:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
350 B 86ms
34ms Ping
text/plain 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-B4FW0S5GFB&gtm=2oe3e0&_p=2039056619&sr=1600x1200&_gaz=1&ul=en-us&cid=347536005.1647881817&_s=1&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=How%20and%20where%20did%20the%20Oktoberfest%20originate%3F&sid=1647881816&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.audience_interest=Celebrities&ep.author=Racquel%20Quieta&ep.publish_date=October%208%2C%202021
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4FW0S5GFB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:56:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
350 B 84ms
33ms Ping
text/plain 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B4FW0S5GFB&cid=347536005.1647881817&gtm=2oe3e0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4FW0S5GFB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:56:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 88ms
36ms Image
image/gif 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B4FW0S5GFB&cid=347536005.1647881817&gtm=2oe3e0&aip=1&z=1583384934

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:56:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
458 B 122ms
40ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1qzn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=a56d2b08-efec-44c4-9731-0964a8056248&tw_document_href=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 6
date: Mon, 21 Mar 2022 16:56:56 GMT
content-encoding: gzip
server: tsa_b
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 95a89c97dd04db1678e596b0e40b024bcd89096c9665e9e39aa64bf92156a2c6
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
337 B 133ms
47ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1qzn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=a56d2b08-efec-44c4-9731-0964a8056248&tw_document_href=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 6
date: Mon, 21 Mar 2022 16:56:56 GMT
server: tsa_b
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 68f158b0b1facc0e2745d98ccb390df560a6cedd9c38930775ada89b7ef16cf9
content-length: 43

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 97ms
34ms Image
image/gif 99.84.125.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=How%20and%20where%20did%20the%20Oktoberfest%20originate%3F%20%7C%20GMA%20Entertainment&time=1647881816861&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&random_number=526462075&sess_cookie=7ea8e75917fad690b1c23bf1b1b&sess_cookie_flag=1&user_cookie=7ea8e75917fad690b1c23bf1b1b&user_cookie_flag=1&dynamic=true&domain=gmanetwork.com&account=LssQl1aE+GW1O7&jsv=20130128&user_lang=en-US
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-4.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 00:47:02 GMT
Via: 1.1 8d41af75f0c67663aa0315daec98e02c.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 58195
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: EWR52-C3
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: rycZgZJUjqMqo8PZEdfECI5vjd8p36UzNzxTqCdDyEBEIqicKUNsTg==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 1182ms
85ms Image
text/plain 54.187.225.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.225.247 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-225-247.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
server: Server

GET
H2 200 learn
ph-gmtdmp.mookie1.com/t/v2/ 43 B
608 B 257ms
211ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ph-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_153300&src.domain=www.gmanetwork.com&src.url=%252Fentertainment%252Fcelebritylife%252Fnews%252F81377%252Fhow-and-where-did-the-oktoberfest-originate%252Fstory&src.id=GMA&src.rand=1809125184
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:56:57 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pubads_impl_2022031501.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 70ms
20ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b6c2cabe35ab603f2cff6d7b73775bca1d81016b1f1e06fe4da4bbf3c5766eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517008
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126660
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 08:35:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Mar 2023 17:20:08 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 490 B
839 B 93ms
38ms XHR
application/json 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gmanetwork.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c70d45d2ab747d75e22938e1b29534b531fd0bd9ba654bec1c31e907bf9baf73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0
expires: Mon, 21 Mar 2022 16:56:56 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 65ms
34ms XHR
text/plain 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2039056619&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=How%20and%20where%20did%20the%20Oktoberfest%20originate%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAAC~&jid=1014009954&gjid=1563569598&cid=347536005.1647881817&tid=UA-242242-18&_gid=808596817.1647881817&_r=1&gtm=2ou3e0&cd9=Celebrities&cd7=Racquel%20Quieta&cd11=October%208%2C%202021&z=442909831

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:56:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
744 B 20ms
19ms XHR
application/json 52.85.63.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.gmanetwork.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-63-179.ewr53.r.cloudfront.net
Software: Server /
Resource Hash: 17c1a65dfc520d641ac19f90acbbb439bd737a4e0bfbbffad3733203abe9280e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 13:51:56 GMT
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
server: Server
age: 11099
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.gmanetwork.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
content-length: 385
x-amz-cf-id: soAz8w2m9DMCcW7G8hFf4-zvdUyKcp8542qflSKS8zo-sGMIU0vz2g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 55ms
18ms XHR
application/javascript 52.85.63.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.63.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-63-179.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 00:30:51 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 59166
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
via: 1.1 e5bd532dbdee524acdf00690205f3b5a.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: EWR53-P1
content-type: application/javascript
x-amz-cf-id: iG4U7XP1OpDueqsb1SFknFfTjC_RpbW09p7GDcFgqk_yWQmcOZnjFA==

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 59ms
19ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1543737212511664&ev=PageView&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&rl=&if=false&ts=1647881816944&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647881816940.461279156&it=1647881816793&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 21 Mar 2022 16:56:56 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 60ms
20ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1543737212511664&ev=ViewContent&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&rl=&if=false&ts=1647881816947&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1647881816940.461279156&it=1647881816793&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 21 Mar 2022 16:56:56 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 40 KB
11 KB 72ms
18ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.122.0/26
date: Mon, 21 Mar 2022 16:52:33 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: bhs
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 11181
x-request-id: 691734532

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 60ms
33ms XHR
text/plain 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-242242-18&cid=347536005.1647881817&jid=1014009954&gjid=1563569598&_gid=808596817.1647881817&_u=4CDAAUAAAAAAAC~&z=671577490

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 21 Mar 2022 16:56:57 GMT
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 933ms
39ms Image
image/gif 2607:f8b0:4006:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-242242-18&cid=347536005.1647881817&jid=1014009954&_u=4CDAAUAAAAAAAC~&z=1516309342

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:56:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 69ms
41ms Image
image/gif 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-242242-18&cid=347536005.1647881817&jid=1014009954&_u=4CDAAUAAAAAAAC~&z=1516309342

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:56:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 984.json Show response
id5-sync.com/g/v2/ 2 KB
2 KB 1098ms
102ms XHR
application/json 54.36.109.183
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/984.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.183 , France, ASN16276 (OVH, FR),

Reverse DNS

p08.id5-sync.com

Software

Resource Hash

0e40122d2b1dfdc4d746eb97e9c42cedfc5ce1f8a023c38a527393b02944417b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 21 Mar 2022 16:56:57 GMT
Vary: Origin
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 722ms
19ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:300,300i,400,400i|Open+Sans:300,300i,400,400i,600,600i,700,700i|Oswald:300,400,700|Raleway:300,300i,400,400i,600,600i,700,700i|Roboto+Condensed:300,300i,400,400i,700,700i|PT+Sans:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700i|Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i|Lato:100,100i,300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:46:05 GMT
x-content-type-options: nosniff
age: 497452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:46:05 GMT

GET
H2 200 fontello.woff2
aphrodite.gmanetwork.com/assets/revamp/fonts/icons/ 14 KB
15 KB 63ms
22ms Font
binary/octet-stream 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/fonts/icons/fontello.woff2
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/common/global.css?v=1.1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10906b8c7ee290918a54bb5510854a38d276b9419e7f91d3781b7af6aeeaebfb

Request headers

Referer: https://aphrodite.gmanetwork.com/assets/revamp/css/build/common/global.css?v=1.1.0
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 ef83386f79c9e19f4894237e9cf67dd2.cloudfront.net (CloudFront)
etag: "f7d914c20b6df8faac5c74ee903a3f9b"
age: 91
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 14692
last-modified: Thu, 10 Oct 2019 12:34:10 GMT
server: AmazonS3
date: Mon, 21 Mar 2022 16:56:51 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=120,public
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: VW8J6KFGWbcZkFe_pP0ZlgzHndk765tx86BmDRWPKUx00XqW8VCngA==

GET
H2 200 fontello.woff2
aphrodite.gmanetwork.com/assets/revamp/fonts/sso-icons/ 4 KB
4 KB 42ms
30ms Font
binary/octet-stream 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/fonts/sso-icons/fontello.woff2
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 653e5e6042494570b92735cd368e62434b9df3deeae84d5f7389436c38b097ff

Request headers

Referer: https://www.gmanetwork.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 ef83386f79c9e19f4894237e9cf67dd2.cloudfront.net (CloudFront)
etag: "4409b201d85647b927059b61fb987f74"
age: 64
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 3872
last-modified: Thu, 10 Oct 2019 12:34:10 GMT
server: AmazonS3
date: Mon, 21 Mar 2022 16:56:57 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=120,public
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: s53yO7awCRY5nmOsY9FMnzMImn2z4rFiPO99116TN1nrTIy0SYEawQ==

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v19/ 34 KB
34 KB 725ms
53ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v19/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:35:35 GMT
x-content-type-options: nosniff
age: 422482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:56:27 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:35:35 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 49ms
48ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/js/build/celebritylife_article.js?v=1.1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3221651103697de1efb29b38ac3a8611476981904f54a123a5ff44a2da5b905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Mon, 21 Mar 2022 16:56:57 GMT

GET
H2 200 81377.gz Show response
data.igma.tv/entertainment/773/entertainment/articles/ 6 KB
3 KB 1176ms
523ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/773/entertainment/articles/81377.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63519f1fdb980cfecbda5250879ac1c8a2d10cfe550827822d36d2b1297b0c7e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:59 GMT
content-encoding: gzip
x-amz-cf-pop: EWR53-P1
x-cache: RefreshHit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2686
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 08 Oct 2021 01:52:33 GMT
server: AmazonS3
etag: "ca29714cc0120473e23dd19c26063e53"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-id: vRPpthmVeq_EqcvNtzGmnDKD2M3E47ZX25vSvrjdyuehK9wSJduvEg==

GET
H2 200 gma-header-logo.svg
aphrodite.gmanetwork.com/ 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/gma-header-logo.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4265686660c12d10f6954d8dec60884933d680f10dd79a4ff7a76c016d62f39a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 07:47:19 GMT
server: AmazonS3
age: 37990
etag: W/"6070135b0880a0cca74ba0fc1221e24f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
date: Mon, 21 Mar 2022 06:23:48 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: UnkZUTBqzpGUMy5QNP-2eQKtoothVfF8YtbuFTEHnERgT4O8O7ot8w==
x-amz-meta-s3b-last-modified: 20200403T073750Z

GET
H2 200 gma_white.png
aphrodite.gmanetwork.com/assets/revamp/img/ 1 KB
2 KB 22ms
22ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/img/gma_white.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8095e046d436d9957b442dad9827d0289469e91f12cd94f68ffc90198e3b4f31

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Z1a4KR1IgQCUibmGiK2ThFq69ie8hdZd
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Thu, 01 Feb 2018 07:44:52 GMT
server: AmazonS3
age: 135
etag: "e8749bb5058882d51032084665c54c4f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=180
date: Mon, 21 Mar 2022 16:55:52 GMT
x-amz-cf-pop: EWR52-C4
content-length: 1428
x-amz-cf-id: NEeOtXfwu3LPW-SCvZtmbfOhRuHrn-bpxsBPiu_aIu8i5qYnhVFc9Q==
x-amz-meta-s3b-last-modified: 20180201T034941Z

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 20ms
18ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/fb_sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

49f050516e23f851128dd9ee5a54cc1a2103c12f5847632e5d8bf578cf0df0ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Hhsu+Z9VmyZ7r3VFgdDP0w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 21 Mar 2022 17:01:10 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: y1GdBVnn0gEaql7rY7VMZzstKaR/9sROXUiXLVkmC4Pc6o22siu8FAppjfV4ktaM4thdAss6izz2NGZE+SiPjQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 6498359b908647bfd76e54107372d01a
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Mar 2022 16:56:57 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "acb6c78eacd0c790cf344f33e1139fb6"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 651ms
24ms Script
application/javascript 2620:116:800b:21:ea23:7677:128a:8c9c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:ea23:7677:128a:8c9c , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:57 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 28 Mar 2022 16:56:57 GMT

GET
H2 404 custom_fab.gz Show response
data.igma.tv/entertainment/widgets/ 563 B
994 B 1100ms
476ms XHR
text/html 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/custom_fab.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11f2988ac78a3fa349457d9be972881afc1ce0b7adf0b5bcf4862d2d13fcf211

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:57 GMT
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: EWR53-P1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-cache: Error from cloudfront
content-length: 563
x-amz-cf-id: HFKvZz_o8UtTYn_Clc_v9mIr5elLjkqsBi0CBmI_5HurNe9mFWoIUQ==

GET
H/1.1 200
OK Script Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 42 KB
16 KB 676ms
42ms Script
application/x-javascript 104.209.192.206
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.209.192.206 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f8c7e910c96fde5ae3055d9a9cc90b935392920e368d5a2f5f6af6eb634cd180

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:56:57 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Last-Modified: Mon, 21 Mar 2022 16:56:57 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: public, max-age=3600
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 16140
Expires: Mon, 21 Mar 2022 17:56:57 GMT

GET
H2 200 query Show response
global.cloud.netacuity.com/webservice/ 573 B
695 B 631ms
24ms XHR
application/json 3.220.165.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://global.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.165.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-165-255.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: a4132d8a87fcc8c3531941238abaf57c1318577a75a21093cd95b4132a729350

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Mar 2022 16:56:57 GMT
server: nginx/1.20.0
content-length: 573
content-type: application/json;charset=UTF-8

POST
H3 200 / Show response
www.facebook.com/tr/ Frame DEB4 0
18 B 41ms
20ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.gmanetwork.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Mon, 21 Mar 2022 16:56:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 151ms
45ms Script
application/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 149ms
44ms Script
application/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
19 KB 460ms
432ms XHR
text/plain 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2333231219155970&correlator=4401713642219162&eid=31063247&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fifs&iu_parts=344684475%2CENT_Celeblife_Desktop_Leaderboard1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=1&adks=1118826149&sfv=1-0-38&ecs=20220321&fsapi=false&prev_scp=keyword%3Doktoberfest%2Corigin%2Chistory%2Cmunich%2Cbavaria%2Cgermany%2Cwedding%2Cking%2520louis%2520i%2Cprincess%2Ctherese%2520von%2520sachsen-hildburghausen%2Ctheresienwiese%2Cthereses%2520fields%2Cwiesn%2Ctradition%2Ctotal%2520beer%2520consumed%2Cannually%2Cevolution%2Ccelebration%2Cfestivities%2Ctrivia%2Clifestyle%2Chobbies%2520and%2520interests%26ad_pt%3DCelebrity_Life_Article_Page%26ad_pos%3DENT_Celeblife_Desktop_Leaderboard1_1%26site_id%3DGMA_Entertainment&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1647881817867&lmt=1647881816&dlt=1647881816384&idt=714&biw=1600&bih=1200&adxs=315&adys=80&oid=2&ucis=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=970x0&fws=132&ohw=1600&ga_vid=347536005.1647881817&ga_sid=1647881818&ga_hid=2039056619&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1538c9205551a054c1ccd1da833f8e2cc63bef761d5cb4fbb36942501aac173f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19116
x-xss-protection: 0
google-lineitem-id: 5852356465
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374677129
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 570 B
326 B 178ms
151ms XHR
text/plain 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2333231219155970&correlator=425618930932995&eid=31063247&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fifs&iu_parts=344684475%2CENT_Celeblife_Desktop_Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=2935993112&sfv=1-0-38&ecs=20220321&ists=1&fsapi=false&prev_scp=ad_pt%3DCelebrity_Life_Article_Page%26ad_pos%3DENT_Celeblife_Desktop_Interstitial_1%26site_id%3DGMA_Entertainment&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1647881817879&lmt=1647881816&dlt=1647881816384&idt=714&biw=1600&bih=1200&adxs=800&adys=80&oid=2&ucis=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=0x0&fws=132&ohw=1600&ga_vid=347536005.1647881817&ga_sid=1647881818&ga_hid=2039056619&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b504b80699080af3b97f0c63aa78940e7247f364400b6dce8d83544227c9ffed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 296
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 498ms
472ms XHR
text/plain 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2333231219155970&correlator=1379207775802477&eid=31063247&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fifs&iu_parts=344684475%2CENT_Celeblife_Desktop_Mrec1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C250x250&ifi=3&adks=915958108&sfv=1-0-38&ecs=20220321&fsapi=false&prev_scp=keyword%3Doktoberfest%2Corigin%2Chistory%2Cmunich%2Cbavaria%2Cgermany%2Cwedding%2Cking%2520louis%2520i%2Cprincess%2Ctherese%2520von%2520sachsen-hildburghausen%2Ctheresienwiese%2Cthereses%2520fields%2Cwiesn%2Ctradition%2Ctotal%2520beer%2520consumed%2Cannually%2Cevolution%2Ccelebration%2Cfestivities%2Ctrivia%2Clifestyle%2Chobbies%2520and%2520interests%26ad_pt%3DCelebrity_Life_Article_Page%26ad_pos%3DENT_Celeblife_Desktop_Mrec1_1%26site_id%3DGMA_Entertainment&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1647881817882&lmt=1647881816&dlt=1647881816384&idt=714&biw=1600&bih=1200&adxs=1041&adys=95&oid=2&ucis=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&frm=20&vis=1&scr_x=0&scr_y=0&psz=336x0&msz=336x20&fws=132&ohw=1600&ga_vid=347536005.1647881817&ga_sid=1647881818&ga_hid=2039056619&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

cafe /

Resource Hash

937858a9e5565c747f7ddde11fc9424c884f36c85a2110728ab2b08dcd9dd3f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9453
x-xss-protection: 0
google-lineitem-id: 5471012876
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138322335932
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b5f6992a376c38e49c5908794f6b0474.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 38D5 6 KB
4 KB 131ms
40ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b5f6992a376c38e49c5908794f6b0474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 21 Mar 2022 16:56:58 GMT
expires: Tue, 21 Mar 2023 16:56:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/577098c0/www-widgetapi.vflset/ 152 KB
49 KB 55ms
20ms Script
text/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/577098c0/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5abae6e19ed0784a432e61a5f9915cbff9a587062c7a1f2c9b4bc7ab2ea06d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 19:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50182
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:17:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 20 Mar 2023 19:01:20 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 283 KB
81 KB 39ms
19ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=2f7311c0f922f78f608b62f88df3f27a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ee824099e3986395742334f4edfde4499d173c234e35582a9752b31c14a1f957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.gmanetwork.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: FAUSPDPnhyJqPuFriZpBJQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 21 Mar 2023 15:44:13 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 82633
x-fb-rlafr: 0
x-fb-debug: 196QMpi+9kSao1Akn15DmgJHkM0gs+8V9mAvD/Jvnl9sMGkjPj13WZ6G0nd4jSBuKNCxU8DikgXMvbEChX8ZHA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: f2a7ef4685824cf8092e2767aa70e525
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Mar 2022 16:56:57 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "2125959426237ac772fa1368dc9d16ad"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 8 KB
4 KB 86ms
22ms Script
application/javascript 34.107.231.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

9a59c5e5bf506c979d9baf8521375edc46c510007ea428f877717bdf90a81528

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:07:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sun, 11 Jul 2021 15:29:14 GMT
server: nginx
age: 2985
etag: W/"91f36cb612bb5287d05f3c7044927cbe"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3532

GET
H/1.1 200
OK prebid-custom.js Show response
rtbpass-us.andbeyond.media/ 614 KB
185 KB 140ms
27ms Script
text/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9cf38d674eb5c60dba01afbf5e86354462cbd6e7bb08964acfd1aad8429bc2ff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:56:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Mar 2022 05:21:08 GMT
Server: AmazonS3
x-amz-request-id: NZ64J5HNP1FM47JV
ETag: "92d2798eaad6e680016754b5d24cc079"
X-HW: 1647881818.dop012.dc2.t,1647881818.cds084.dc2.shn,1647881818.dop012.dc2.t,1647881818.cds164.dc2.c
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31494372
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 188698
x-amz-id-2: pzxMMtp2C9is7H7U3HadihvyM2cHauDHZfu/8dRfC3K/IoLjZOlPTN0I+tZSRy6cwZNRH4Wr2Aw=

GET
H/1.1 403 8.gif
id5-sync.com/i/984/ 79 B
79 B 101ms
100ms Image
text/html 54.36.109.183
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/984/8.gif?id5id=ID5*ntPblOHbe57JUW4xu6jbCCX9WcnNrsvk3G2mEzoHEXILyWljQH0s4DyS1E8MgAlbC8ozsC5Sbb6oQ6cQTrlyowvLSt90VeKFXlXeaG5rC_QLzPGnvDgvM35liPyWWpNCC821e9eV1RynUUkuMVcN_AvOv8r_FJMBDdlZQP6gwmMLz8i5NEplBTQrjwr0c5ftC9BjMtZTgOi1XF23gNTozwvRlYLiJeoOnrFHdwRBL7EL0vqHQ_Zd3LVOjRT1evVUC9NaWBPrWhrAqSYwoY8aGAvUrU7iz3tT13D1-9TXI7AL1exiIt_hDz2I1BEqVW17C9YzumA3RCRKKl0raBgOJwvXLcg7X8e3tIgTImqnZJ4L2D_PSoMFkzbqrfsu410_C9kdaF-V6mzZJWR_HTZglgva-xUBsZqxz7jGSug9UzUL2xmqY1TI7uOwtbL_fGLrC9xUWX9L1YA-WRqhZqwBrgvdvMqJ494U0WtQFyu0krAL3q4aU0qqlnisM0KVIMOxC9-uX-ShQNH5L0EWRzqNkQvgNUY87Pbzo8DGF2EsQYML4cHdAKUjCZ-hOXLq0V0AC-IeT6QYZ10AHgQ4Rk6kAwvjJ2aqO5D0hmtlI-61cggL5FVyutb4BPULf5Kf_-QZC-VNLdEg7k7hDm_ILM3OEA&o=api&gdpr_consent=undefined&gdpr=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.183 , France, ASN16276 (OVH, FR),

Reverse DNS

p08.id5-sync.com

Software

Resource Hash

e9fe08a8107cd60b0cecb888c9c2fb73c8d101af53151428e347d62be50db83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Date: Mon, 21 Mar 2022 16:56:58 GMT
Transfer-Encoding: chunked
Content-Type: text/html;charset=utf-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 44FC 0
0 49ms
45ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSrJogOatqJkxfekBPX7lqQv9f231oKFleCn7vlvhw7rMRW6XYWRqAuROiVO-drxexESpjwUqF7enl96YEJVVYM0X78j68jEgIyIyhiip4ynB5sU1izBHtYQNPd7rotXA4jDfawgs_fPGatagnIik56dT-GnsTJ3U6fz6JMAA8y1yw1V6bOMIvRhELiPJIEC6dyHwhioejAMy_qrlxG-IXTZmqVEL9q7oCtdhO6V8DVGeKlVFWE6YRXiOStmkdLfho54mee-dHyc4O2JOnQMLUvp0hoZvU1sLYZMY9IsziqhOE1GlXFE3Cgiv6Mydk0LBZmJFgxDkT2jDaQfsnIYKj&sai=AMfl-YQSuZlB2lQ4z46H-GiCv0VKa1mr1FxhX2zINhhKE5UhYypoBDtquHvlQAS5wvyHv5mINmEBc5DJqbyfbzhJ6vwe3cBCahlyea9dWF5pCgmFt7gTOJxWOv2ovvfyTqrA&sig=Cg0ArKJSzJvRiG1jGX2UEAE&uach_m=[UACH]&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:56:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 21 Mar 2022 16:56:58 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 44FC 19 KB
8 KB 26ms
19ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 16:56:01 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 44FC 2 KB
1 KB 32ms
27ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:53:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 16:53:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44FC 117 KB
36 KB 90ms
53ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:56:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 44FC 0
0 74ms
36ms Image
text/html 2607:f8b0:4006:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPXg-QAU6rWkPc9BaDtQw0WZLVWyUruVx1gLio9ZAnKMSea5lptyS_xL_WDx3n4PxrdhAMMC5ezcdP_bMDqxP7PcxZTw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/gmanmidfpdisplay183413089896/ Frame 44FC 12 KB
5 KB 77ms
20ms Script
application/x-javascript 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/gmanmidfpdisplay183413089896/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d3cdcd5682e1ae08a0bf5318faed144df464c8d576364769cf8362004fa7e562

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 17:17:11 GMT
server: AmazonS3
x-amz-request-id: PQWGV6E804EG4Q74
etag: "17ec5516d15dd1a5f277b76ac8af2dae"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=18678
accept-ranges: bytes
content-length: 4363
x-amz-id-2: G2z7Pct4lagdqMYeLLBLIM5CQtMk6RonuZcwSoyhgH+e6wy5/cyET+UcV7Jd4KZslALwzQA7P88=

GET
H2 200 5600437763217876655
tpc.googlesyndication.com/simgad/ Frame 44FC 38 KB
38 KB 30ms
28ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5600437763217876655

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d512acac4a11e210c493384bf64a7895e6cd639c17fa437abbc72d890aa20af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 02:17:43 GMT
x-content-type-options: nosniff
age: 225555
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38907
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 07:18:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Mar 2023 02:17:43 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8FA6 0
0 45ms
44ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssp7RBTnolJVGsd6mkExMJYeLWEBlDqScxfpVCbBREvfSAQwvn2q9y6MB-6Y31qLbOuRgG8hmBCFNHJ2Z3pax5-f_WvwxG3qg43L7xneqNexRylQghJqwyTsMoJCB6G31JExj--67W2msDUKsJBdBBs1GYP2un_QLXuJmWMbr5uOgqcaTe4Z1LDpDyj9RirBHTaHJ4EQJz0jV1kJwFyqaM-Aq_kXRiGC_pCtTSs31p5MaysVatC5gPuurMKHSu7N2xipk_CJR-YfTgqErJ7ipts7Pm2fodRCp7tqULiY5yRAERPF86udkVZKwiyIaUaT8RaHMFGpVYTcTeH_Tk&sai=AMfl-YQiHGbPMxULFYUSBblqGXyhm4mHQn6zzBK9alu1E9H-N3KpFsthnBJaOfjf6Y0UDSGBDxAJkTwOmr9EwSRJbUlnpHyDVOeYcLjQeT11UOCGcp08Wl91HNhsMZN-_9tI&sig=Cg0ArKJSzJyuHLvcW1_ZEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:56:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 21 Mar 2022 16:56:58 GMT

GET
H2

200

Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js Show response
cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/ Frame 8FA6
Redirect Chain

https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsspu4Bl5Z6gKBThpJNVflX6bhsV0SVG0LGI69YoJSVJgH-gOpv7qKhC6PJAvN14X03ovvnB4v33odY_4YD6L4BaeIcKuldQzSlayvWhNA0dpi8SOP7u5s0_wcFnpL0IQEVe7g9xGY7Hl8avO...
https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js

42 KB
42 KB

248ms
23ms

Script
application/octet-stream

8.252.31.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Server: 8.252.31.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac06a4bf4509a76500a4548b7b267ee564022537bd167ddaff4fd96768ee3dc2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:59 GMT
last-modified: Thu, 10 Mar 2022 13:17:27 GMT
server: AmazonS3
age: 963474
etag: "3a75963ff5e202de5246fe57a36f8b97"
x-amz-id-2: K2Bwgo+is8AMw+q3yscc88VNCw6/mEQfHsRLUTUP27itnuUlAaH43gmfQU6tTkC5YfJdjOmo+Sg=
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 43036
accept-ranges: bytes
x-amz-request-id: B8WJWKKEHP0K70T3
x-cdn: Lumen
expires: Mon, 09 May 2022 13:22:17 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:56:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FA6 117 KB
36 KB 67ms
51ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:56:58 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/gmanmidfpdisplay183413089896/ Frame 8FA6 12 KB
5 KB 54ms
19ms Script
application/x-javascript 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/gmanmidfpdisplay183413089896/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d3cdcd5682e1ae08a0bf5318faed144df464c8d576364769cf8362004fa7e562

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 17:17:11 GMT
server: AmazonS3
x-amz-request-id: PQWGV6E804EG4Q74
etag: "17ec5516d15dd1a5f277b76ac8af2dae"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=18678
accept-ranges: bytes
content-length: 4363
x-amz-id-2: G2z7Pct4lagdqMYeLLBLIM5CQtMk6RonuZcwSoyhgH+e6wy5/cyET+UcV7Jd4KZslALwzQA7P88=

GET
H2 200 related_video_source.json Show response
aphrodite.gmanetwork.com/configuration/ 63 B
579 B 24ms
19ms XHR
application/json 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/configuration/related_video_source.json
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2fdaafcf1b5f7ae36648f8e7a2c6e7cf6760b89c8a01e5b9393fe98c4afb540

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 ef83386f79c9e19f4894237e9cf67dd2.cloudfront.net (CloudFront)
etag: "0d995cb867ba3592c8ca4c0fe90e2098"
age: 38686
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-length: 63
last-modified: Thu, 15 Jul 2021 08:30:23 GMT
server: AmazonS3
date: Mon, 21 Mar 2022 06:25:57 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: Wtk1MXNojN4vXbVgtmSdxgO5BppjlxW60DDU1OlXh1RD2Clj6D90GQ==

GET
H2 200 gnoadscript.js Show response
images.gmanews.tv/res/js/ 35 KB
5 KB 152ms
31ms Script
application/javascript 52.85.61.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanews.tv/res/js/gnoadscript.js
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/js/build/celebritylife_article.js?v=1.1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-34.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c0b89c553e4c70b21fb9eec928fa59e122860be4fa7bd6ef159b21115a6feb4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 08:39:04 GMT
server: AmazonS3
age: 19
etag: W/"8fc8ca7e762ba014eafa1cc550a4c670"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6f9ef5ae165c9835aa6935d9fb7e2072.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: NZW6ISI6EKDL04KjyFQ-IXcbaGnHfLhNz-DZEPM2bCLV3yRpHLj3dg==

GET
H2 200 rules-p-ernMzxMzj4rTH.js Show response
rules.quantcount.com/ 1 KB
1 KB 61ms
18ms Script
application/javascript 2600:9000:2209:1e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-ernMzxMzj4rTH.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:1e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77695b735ff222bd744719885ab7ec9fca5db071f901f86bb625f0561c9a47f1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:24:47 GMT
content-encoding: gzip
age: 2097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 21:31:35 GMT
server: AmazonS3
etag: W/"538423f6a5866c708d4e3f53d4ed407a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: U8s1jP7647Vc-w6jF8lwtY96QvjEn-zUakLbbj5meqDiqMSlcIF-GA==

GET
H2 200 zd_w_s_loading.css
d99666469a0d.bitsngo.net/content/ 907 B
749 B 92ms
21ms Stylesheet
text/css 69.164.46.3
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/content/zd_w_s_loading.css?ver=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.3 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-3.jfk.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: df2f130ebaf879966d5e5e8e8623f57a217befe98549db88445fea1e2e1a5797

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 09:55:22 GMT
server: Microsoft-IIS/10.0
age: 92991
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 470
x-llid: d7e8e2f903681df77b764079455d84b8
expires: Wed, 30 Mar 2022 15:07:07 GMT

GET
H2 200 jquery.tap.min.js Show response
d99666469a0d.bitsngo.net/common-scripts/ 2 KB
1 KB 93ms
22ms Script
application/x-javascript 69.164.46.3
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/common-scripts/jquery.tap.min.js
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.3 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-3.jfk.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3d9b4c1e21f076d905f1b85a541dda587ee989d1516f1465c6c6ded005cb99a8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 09:55:20 GMT
server: Microsoft-IIS/10.0
age: 9381
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 1130
x-llid: d0f448bd94268faa1b806fc8c8d8088a
expires: Thu, 31 Mar 2022 14:20:37 GMT

GET
H2 200 zoomd.widget.loader.min.js Show response
d99666469a0d.bitsngo.net/widget-scripts/ 34 KB
12 KB 93ms
23ms Script
application/x-javascript 69.164.46.3
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/widget-scripts/zoomd.widget.loader.min.js?ver=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.3 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-3.jfk.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a7dd680732ed5074ada10d9e20563897400b23af5ead821b6b941f9e69569588

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 12:54:12 GMT
server: Microsoft-IIS/10.0
age: 358655
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 12300
x-llid: e351aaa54cca98712581eaf808bce0ac
expires: Sun, 27 Mar 2022 13:19:23 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 22ms
19ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=100769456682076&ev=fb_page_view&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&rl=&if=false&ts=1647881818842&sw=1600&sh=1200&at=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 21 Mar 2022 16:56:58 GMT

GET
H2 200 ga.js Show response
aphrodite.gmanetwork.com/assets/revamp/third_party/ 369 B
729 B 45ms
43ms Script
application/javascript 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/ga.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2457210e6bc9df66a39079cfae0b8f1f16a7863725b0714b5a4bc1f21c5b948d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Tue, 14 Jul 2020 09:40:07 GMT
server: AmazonS3
age: 38
etag: "e1214ed4f5406b79a0a586ad58111f73"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:56:40 GMT
x-amz-cf-pop: EWR52-C4
content-length: 369
x-amz-cf-id: qw5Zqh8ZSaTnfrOz_mJqxkjxAGMRSOOLCOGW0d_4zuhx5e_c3ljGpg==

GET
H2 200 buttons.js Show response
ws.sharethis.com/button/ 59 KB
17 KB 79ms
22ms Script
application/javascript 2600:9000:21dd:e200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/buttons.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:e200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

7ba38c636940db54018406db91e3a02040d14fd6ce7dabf8bdb011067ba8eb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 08:05:14 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 31904
x-cache: Hit from cloudfront
content-length: 16739
server: nginx/1.20.1
etag: W/"61e1c3a2-ea95"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 15b896d254f935ae71226074f7ea14b6.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: EWR53-C2
x-robots-tag: noindex, nofollow
x-amz-cf-id: XNYjBJKSaPe7BlNTrb88kUjSTgzBdMRRi6_OMKUxPuRkxSJMS-ITSw==
expires: Thu, 24 Mar 2022 08:05:14 GMT

GET
H2 200 gmalogo-p.jpg
aphrodite.gmanetwork.com/assets/revamp/img/ 10 KB
10 KB 38ms
38ms Image
image/jpeg 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/img/gmalogo-p.jpg
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/common/global.css?v=1.1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16e70fc2b149c196a4984435e17450b1d68ca078d6eb41109e5b937cf269b511

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://aphrodite.gmanetwork.com/assets/revamp/css/build/common/global.css?v=1.1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 12:34:10 GMT
server: AmazonS3
age: 100
etag: "218be9b830fb06b1c16c60da80d2a6ea"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=120,public
date: Mon, 21 Mar 2022 16:55:53 GMT
x-amz-cf-pop: EWR52-C4
content-length: 10365
x-amz-cf-id: 9EKy4JvUWS3BObwzC5XNc3LX_0QdfN-tUzUaBCHGAO0XSWTt5VB6_g==

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v24/ 15 KB
15 KB 50ms
20ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v24/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:58 GMT
x-content-type-options: nosniff
age: 422760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:13:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:58 GMT

GET
H3 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v47/ 25 KB
25 KB 64ms
35ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v47/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e0f1d4d244fa557ae96c648168b0620a4f5ad3dbb653fc979a1b3ea0000699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 23:35:02 GMT
x-content-type-options: nosniff
age: 408116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25384
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2023 23:35:02 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 77ms
47ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:30:29 GMT
x-content-type-options: nosniff
age: 375989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Mar 2023 08:30:29 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 58ms
28ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 14:35:30 GMT
x-content-type-options: nosniff
age: 526888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 14:35:30 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 68ms
40ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:30:30 GMT
x-content-type-options: nosniff
age: 375988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Mar 2023 08:30:30 GMT

GET
H3 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 22 KB
22 KB 103ms
75ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:34:59 GMT
x-content-type-options: nosniff
age: 422519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:34:59 GMT

GET
H2 200 top_photos.gz Show response
data.igma.tv/entertainment/widgets/common/ 8 KB
3 KB 27ms
26ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/top_photos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d92fa2ba5ba671f2321982eae144bd03cbe77fc9d7501547bd4bf8814c274fe

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
age: 18
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2700
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 16:46:39 GMT
server: AmazonS3
etag: "c05775adf77230d9dc32fdb7ba3903f6"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: Ub8CSUIaQ5yMd9cGhpjp1QUw8Vj7LfMvSf0JySTOiuryO9fM73O7Ug==

GET
H2 200 most_watched.gz Show response
data.igma.tv/entertainment/widgets/common/ 4 KB
2 KB 35ms
29ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/most_watched.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5068d595dd6d4ba61e001625e184184db6955b78e6632fbeb52377690b0c596d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
age: 17
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1621
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 16:16:38 GMT
server: AmazonS3
etag: "3c176cc3fd54fafb2ca86023e81cc4ec"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: noEZfWM6HT74NfWXTbpkDuJLaLBJ2SvDBt1A3cXp4VKn_s9nfMGeJg==

GET
H2 200 top_photos.gz Show response
data.igma.tv/entertainment/widgets/common/ 8 KB
3 KB 27ms
19ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/top_photos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d92fa2ba5ba671f2321982eae144bd03cbe77fc9d7501547bd4bf8814c274fe

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
age: 18
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2700
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 16:46:39 GMT
server: AmazonS3
etag: "c05775adf77230d9dc32fdb7ba3903f6"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: VmhN28l9VJPcAd3KmLT419GZXWgufF-i3XoRvUmYFhr0WT5dSQIBWA==

GET
H2 200 most_watched.gz Show response
data.igma.tv/entertainment/widgets/common/ 4 KB
2 KB 32ms
27ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/most_watched.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5068d595dd6d4ba61e001625e184184db6955b78e6632fbeb52377690b0c596d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
age: 17
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1621
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 16:16:38 GMT
server: AmazonS3
etag: "3c176cc3fd54fafb2ca86023e81cc4ec"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: UG-ivV5LEjEo5cj9Hbcnf1hke_361F0mn3sZPu8oAPNjDH9ybXU0Uw==

GET
H2 200 latest_photos.gz Show response
data.igma.tv/entertainment/widgets/common/ 6 KB
3 KB 38ms
32ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/latest_photos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 558329208971c152572d13cda6f26dba4ee70ed8386c9e47c79d0e137129861e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
age: 18
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2296
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 13:35:05 GMT
server: AmazonS3
etag: "9bb0192b54efb8b6ec5a37d31db64bb0"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: cnLi-ZaEJ3CmP5hs0l3b_9OWhvA3NnREiqxPnArAcUpmOIc-CEyWhg==

GET
H2 200 latest_videos.gz Show response
data.igma.tv/entertainment/widgets/common/ 4 KB
2 KB 36ms
31ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/latest_videos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc62e2ce88dc8df6e1c9f80cbfbc6bb9222440ad07d6837b05dfa169f5b40516

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
age: 17
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1342
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 15:04:39 GMT
server: AmazonS3
etag: "4e187d9e293a2af14f49aefac5dae687"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: X62xmTGH9CuXtMJivH78DIi6HyAok7ZwY1S40kDWatXppajhnZ1Q3w==

GET
H2 200 latest_photos.gz Show response
data.igma.tv/entertainment/widgets/common/ 6 KB
3 KB 44ms
39ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/latest_photos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 558329208971c152572d13cda6f26dba4ee70ed8386c9e47c79d0e137129861e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
age: 18
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2296
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 13:35:05 GMT
server: AmazonS3
etag: "9bb0192b54efb8b6ec5a37d31db64bb0"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: Fc792cd-LWCc10b8_9kAXxRv3st2o4TMGgOfO8MEg636fsoVKyau9g==

GET
H2 200 latest_videos.gz Show response
data.igma.tv/entertainment/widgets/common/ 4 KB
2 KB 40ms
35ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/latest_videos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc62e2ce88dc8df6e1c9f80cbfbc6bb9222440ad07d6837b05dfa169f5b40516

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
age: 17
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1342
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 15:04:39 GMT
server: AmazonS3
etag: "4e187d9e293a2af14f49aefac5dae687"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: G4JrbVGTWufaZ7SzQGJ2gTA40IHE3x4K4iQfjU7nzLAYsd--6XJ_Cg==

GET
H/1.1 403
Forbidden 81377.json Show response
related.gmanews.tv/15/article/773/ 243 B
788 B 370ms
277ms XHR
application/xml 99.84.42.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://related.gmanews.tv/15/article/773/81377.json
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.42.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-42-97.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb94e25bbe9d2f2849907523ee3064235ed66f4436f030bd988ee05b398288a1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:56:59 GMT
Via: 1.1 502d715ad2f775c7dae1f1c4bfbfc168.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C4
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1200
Transfer-Encoding: chunked
X-Cache: Error from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: ssu8LOBezzO1ZJn5M220yCcUK6A0x5ogvx_ILAWjG4n3DnPlHnG7sQ==

GET
H/1.1 403
Forbidden 81377.json Show response
related.gmanews.tv/15/article/773/ 243 B
788 B 615ms
522ms XHR
application/xml 99.84.42.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://related.gmanews.tv/15/article/773/81377.json
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.42.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-42-97.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ccd8be7c173075910c0fd40772789f28a8765e13d401364484770027694484b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:56:59 GMT
Via: 1.1 bb784f1db0a47d55a8953c84e49cfa34.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C4
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1200
Transfer-Encoding: chunked
X-Cache: Error from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: _4UifT6IeV-TZbmPkDWtgTOeG8jBS8jTxo4NCb7i3wiOhCrlFUUS8A==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 197 KB
68 KB 106ms
20ms Script
application/x-javascript 23.52.162.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957730676d8e4f2a7e936befdd19bbbe2cd4e1cdb955b79d9ad93455b052245d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:59 GMT
content-encoding: gzip
last-modified: Sun, 20 Mar 2022 08:20:28 GMT
etag: "15-1JAh6t5pujPw/ypFuBLxPjmSUJc"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 109a23111ab29dd668fe4e8a79506d37
timing-allow-origin: *, *
content-length: 69506

GET
H2 200 latest_photos.gz Show response
data.igma.tv/entertainment/widgets/common/ 6 KB
3 KB 41ms
36ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/latest_photos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 558329208971c152572d13cda6f26dba4ee70ed8386c9e47c79d0e137129861e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
age: 18
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2296
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 13:35:05 GMT
server: AmazonS3
etag: "9bb0192b54efb8b6ec5a37d31db64bb0"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: 77UXMqxfJLtDa3acNVjGAmILb7HnW_5ABCNieAj3hfjpdcbJMD3l4A==

GET
H2 200 latest_videos.gz Show response
data.igma.tv/entertainment/widgets/common/ 4 KB
2 KB 37ms
32ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/latest_videos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc62e2ce88dc8df6e1c9f80cbfbc6bb9222440ad07d6837b05dfa169f5b40516

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
age: 17
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1342
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 15:04:39 GMT
server: AmazonS3
etag: "4e187d9e293a2af14f49aefac5dae687"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: E9h6K3tC0MRkOC7LQ7zrZwJ8MloKYmDBLGYQ0arZ5SeDKsPprRyodA==

GET
H2 200 latest_photos.gz Show response
data.igma.tv/entertainment/widgets/common/ 6 KB
3 KB 38ms
35ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/latest_photos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 558329208971c152572d13cda6f26dba4ee70ed8386c9e47c79d0e137129861e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
age: 18
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2296
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 13:35:05 GMT
server: AmazonS3
etag: "9bb0192b54efb8b6ec5a37d31db64bb0"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: aeD7tPGgmZKsepMtGXqwU8zhnCw-KU-tdt98Xd1TOBBeOe6bAWbc5w==

GET
H2 200 latest_videos.gz Show response
data.igma.tv/entertainment/widgets/common/ 4 KB
2 KB 34ms
31ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/latest_videos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc62e2ce88dc8df6e1c9f80cbfbc6bb9222440ad07d6837b05dfa169f5b40516

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
age: 17
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1342
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 15:04:39 GMT
server: AmazonS3
etag: "4e187d9e293a2af14f49aefac5dae687"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: QJRMZPOKdOeVXT9us29l8M8bUCfsAke02WwkjLxtYmJHvqYnF7ZXKw==

GET
H2 200 top_photos.gz Show response
data.igma.tv/entertainment/widgets/common/ 8 KB
3 KB 29ms
27ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/top_photos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d92fa2ba5ba671f2321982eae144bd03cbe77fc9d7501547bd4bf8814c274fe

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
age: 18
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2700
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 16:46:39 GMT
server: AmazonS3
etag: "c05775adf77230d9dc32fdb7ba3903f6"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: oJf5X2ZVKszUFas-ecaXrJo1YgTOv6MhpLEcCa2Tg00ng3Cg7dCv3g==

GET
H2 200 most_watched.gz Show response
data.igma.tv/entertainment/widgets/common/ 4 KB
2 KB 30ms
28ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/most_watched.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5068d595dd6d4ba61e001625e184184db6955b78e6632fbeb52377690b0c596d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
age: 17
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1621
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 16:16:38 GMT
server: AmazonS3
etag: "3c176cc3fd54fafb2ca86023e81cc4ec"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: GnETY_U_arHgHuxdFASuH-LYOb1S7Wem1NZrNTAT3cbJvX6fjArZOQ==

GET
H2 200 top_photos.gz Show response
data.igma.tv/entertainment/widgets/common/ 8 KB
3 KB 27ms
25ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/top_photos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d92fa2ba5ba671f2321982eae144bd03cbe77fc9d7501547bd4bf8814c274fe

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
age: 18
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2700
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 16:46:39 GMT
server: AmazonS3
etag: "c05775adf77230d9dc32fdb7ba3903f6"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: FQSir2V20TuleWD-q-cZXh6-H2o_aO_LgjDuJrLG99f0QBKjHKd-lw==

GET
H2 200 most_watched.gz Show response
data.igma.tv/entertainment/widgets/common/ 4 KB
2 KB 28ms
27ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/most_watched.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5068d595dd6d4ba61e001625e184184db6955b78e6632fbeb52377690b0c596d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:58 GMT
content-encoding: gzip
age: 17
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1621
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 16:16:38 GMT
server: AmazonS3
etag: "3c176cc3fd54fafb2ca86023e81cc4ec"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: OdITO2fxKaoAXoqGE7PZH1x7EovGVerZgUsaHm42obOHw4IWHpcyEQ==

GET
H2 200 ent_home_trending_videos.gz Show response
data.igma.tv/entertainment/widgets/trending/ 7 KB
3 KB 36ms
27ms XHR
application/json 52.85.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/trending/ent_home_trending_videos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-47.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4141aa40cec72dfaf2c0633d1300afd83c0a5f4e1e3e387a82eef5e12c47261

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:15 GMT
content-encoding: gzip
age: 44
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2358
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Mon, 21 Mar 2022 16:20:11 GMT
server: AmazonS3
etag: "73e96d623a8a01904b7cf818e0f66695"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: i2qtNUM1VObjIlOArSnrEei1fMxBX_R7PeTXYiGHK8sAtFMc8ZzhfQ==

POST
H2 200 next_article_v2 Show response
www.gmanetwork.com/api/data/ 291 B
941 B 712ms
708ms XHR
application/json 52.85.61.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gmanetwork.com/api/data/next_article_v2
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-113.ewr53.r.cloudfront.net
Software: eqmod_httpd v1.0 (author: mon sarmiento) /
Resource Hash: adc954f599d66c9ff088d7228b3e2f7cb83ce0616806d1038425b0ab1870a0de

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
X-Requested-With: XMLHttpRequest
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 21 Mar 2022 16:56:59 GMT
via: 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
vary: User-Agents,Accept-Encoding
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
p3p: CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
content-length: 291
server: eqmod_httpd v1.0 (author: mon sarmiento)
etag: "1647910619"
access-control-max-age: 1
access-control-allow-methods: POST, OPTIONS, GET, PUT
content-type: application/json; charset=UTF-8
access-control-allow-origin: www.gmanetwork.com
cache-control: max-age=120, public
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With
x-amz-cf-id: s1Xs1dM3bkZzglKyffOOJuDi4qMt3cE8E1uxmcf5zyR5yTe91EkARw==
x-elapsed-time: 53575 microseconds

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ 3 KB
3 KB 124ms
17ms XHR
text/html 2600:9000:21dd:f600:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:f600:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 21 Mar 2022 01:32:26 GMT
via: 1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 12:46:04 GMT
server: AmazonS3
age: 55474
etag: "4a6c546fe449447f2a620613c0655458"
access-control-allow-methods: GET
x-amz-version-id: gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: EWR53-C2
accept-ranges: bytes
content-type: text/html
content-length: 3121
x-amz-cf-id: A5IACLZv--ByTDqdbRIkjcNeUgp74z10xpbQA42f-pw182bHj2SR4g==

GET
H2 200 moatcore.js Show response
z.moatads.com/gmanmidfpdisplay183413089896/ Frame 8FA6 302 KB
103 KB 21ms
20ms Script
application/x-javascript 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/gmanmidfpdisplay183413089896/moatcore.js
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/gmanmidfpdisplay183413089896/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7c426a1dbdfc86de82f1da708227a50f0d7e7a32e4317a580ff8a1af32b14712

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:59 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 17:17:15 GMT
server: AmazonS3
x-amz-request-id: 24BRCSNHCK1GH9Q2
etag: "71a17029f13e123d65e7c7e2698e4eba"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=12982
accept-ranges: bytes
content-length: 104579
x-amz-id-2: 3BawKrTr/XbrgCL08Ia9Kipwf/pGwPLAVPiAja+jeXNvQu27CBQEFdvQ94hsv9ZSobCGmEBfUFQ=

GET
H2 200 pixel.gif
px.moatads.com/ Frame 8FA6 43 B
260 B 19ms
18ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&d=GMANMI_DFP_DISPLAY1%3A343684595%3A346094075%3A-&de=262645046815&t=1647881819128&i=MOAT_FEATHER_DEBUG1&gw=gmanmidfpdisplay183413089896&cm=1&ac=1&f=0&bq=0&ar=359f21c1e97-clean&iw=2add9d8&dMoatOQs=moatClientLevel1%3D4914438385%26moatClientLevel2%3D2739195827%26moatClientLevel3%3D5471012876%26moatClientLevel4%3D138322335932%26moatClientSlicer1%3D343684595%26moatClientSlicer2%3D346094075%26zMoatSZ%3D300x250%26zMoatPS%3DENT_Celeblife_Desktop_Mrec1_1%26zMoatPT%3DCelebrity_Life_Article_Page%26zMoatMMV%3D%26zMoatSite%3DGMA_Entertainment%26zMoatMData%3D%26zMoatMGV%3D%26zMoatMSafety%3D&fq=0&sy=0&gh=0&wb=0&g=0&na=751924296&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:56:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 16:56:59 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 20ms
20ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:02 GMT
x-content-type-options: nosniff
age: 422817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:02 GMT

GET
DATA 200
OK truncated
/ Frame 8FA6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8bfc5547509dd0d8fe8db63aae42cb237ed4dc6bcd8fd8683e9a23784197248

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 44FC 0
0 76ms
44ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2OXbssCMOSYFaDbuzlhUWkNfazgCtYtMvnBMZQ-Y0lqh1HkxHfxJTIEYtDQp6E1WKCBDx-PriK3Z2Ek8MJzVnfs9gtNAdEbeIzd7lWxqffDgpZsmQUCAbhXYUa2bpiD1Pp5GOCz2xVcu2CjTebl38Bzkb8a1mVKJISGelvUMHmhfvFfT2B4RZWIQPUi01veY9abGxO1admWViTWBi0N7T4qZXMC7uWN8z0r0ueCmVzhSrcBADOXJUgNcfanfAt0gPKjptXhjl7i9BiB2sP0zDnstKtBkjkaMltjbq3zritdI_PLo3dOeZfJ16rgHzvFoGni--Dh5eHpKIjzum7eVl2q8&sai=AMfl-YSQPaWsRmMg2U8o8WrB0-6ACyuFJ0ndEcJU1xbrTmoVRyGVlbZNM5ixKN3dKv7y6fhz-2x-UUt4xj5JSCbxwnCIJfbxiewvgZkYtuyC8ReRSiBuiZ8t-PFa6azQYMv0&sig=Cg0ArKJSzDlr1muI1UKdEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-129-242-122.us-east-2.compute.amazonaws.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:56:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 21 Mar 2022 16:56:59 GMT

GET
H2 200 moatcore.js Show response
z.moatads.com/gmanmidfpdisplay183413089896/ Frame 44FC 302 KB
103 KB 19ms
19ms Script
application/x-javascript 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/gmanmidfpdisplay183413089896/moatcore.js
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/gmanmidfpdisplay183413089896/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7c426a1dbdfc86de82f1da708227a50f0d7e7a32e4317a580ff8a1af32b14712

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:59 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 17:17:15 GMT
server: AmazonS3
x-amz-request-id: 24BRCSNHCK1GH9Q2
etag: "71a17029f13e123d65e7c7e2698e4eba"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=12982
accept-ranges: bytes
content-length: 104579
x-amz-id-2: 3BawKrTr/XbrgCL08Ia9Kipwf/pGwPLAVPiAja+jeXNvQu27CBQEFdvQ94hsv9ZSobCGmEBfUFQ=

GET
H2 200 pixel.gif
px.moatads.com/ Frame 44FC 43 B
260 B 27ms
27ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&d=GMANMI_DFP_DISPLAY1%3A343684595%3A21798732940%3A-&de=84806201347&t=1647881819168&i=MOAT_FEATHER_DEBUG1&gw=gmanmidfpdisplay183413089896&cm=1&ac=1&f=0&bq=0&ar=359f21c1e97-clean&iw=2add9d8&dMoatOQs=moatClientLevel1%3D88868795%26moatClientLevel2%3D2921963009%26moatClientLevel3%3D5852356465%26moatClientLevel4%3D138374677129%26moatClientSlicer1%3D343684595%26moatClientSlicer2%3D21798732940%26zMoatSZ%3D970x250%26zMoatPS%3DENT_Celeblife_Desktop_Leaderboard1_1%26zMoatPT%3DCelebrity_Life_Article_Page%26zMoatMMV%3D%26zMoatSite%3DGMA_Entertainment%26zMoatMData%3D%26zMoatMGV%3D%26zMoatMSafety%3D&fq=0&sy=0&gh=0&wb=0&g=0&na=545662983&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:56:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 16:56:59 GMT

GET
DATA 200
OK truncated
/ Frame 44FC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20b0a9b7ff05eb3e0e85dfb06147e52b06411c73c4281740ce6f6bb14b929771

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 video-play-logo.png
aphrodite.gmanetwork.com/assets/images/ 4 KB
5 KB 24ms
22ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/assets/images/video-play-logo.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cd0a40d9ad10941ea5728a680334d3e8449ce87fa0c3dbd6bcae7e491509dcb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Tue, 18 Feb 2020 10:08:13 GMT
server: AmazonS3
age: 55429
etag: "b8dbb273415508d187d017e4cbb365e6"
x-cache: Hit from cloudfront
content-type: image/png
date: Mon, 21 Mar 2022 01:33:11 GMT
x-amz-cf-pop: EWR52-C4
content-length: 4440
x-amz-cf-id: 7ee7KCGFIzEl5I8KxSeopnhCBC9yDxRXJxyL3xlaZ1rsvGa6UHylWw==
x-amz-meta-s3b-last-modified: 20200218T100519Z

GET
H2 200 640_360_030722+NSOTV_Bolero-pictorial_-20220307225806.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 40 KB
40 KB 25ms
23ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/640_360_030722+NSOTV_Bolero-pictorial_-20220307225806.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f5394b7f4de91648cd02eb3ec35238bb7628d2af0b4c278038edfa3ea713df0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 03:50:34 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 07 Mar 2022 14:58:09 GMT
server: AmazonS3
age: 47186
etag: "62551e27eb68e2271fea9eaba6d7a061"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 40861
x-amz-cf-id: kScApKdx-iG6DVUYdPlq_VSHVbWZYO9bltN1h3J1iXacf8-kqko_DQ==

GET
H2 200 480_360_FAMILY_FEUD_1-1_-20220311153807.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 25 KB
25 KB 25ms
23ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/480_360_FAMILY_FEUD_1-1_-20220311153807.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a721dbd711fa91302ad714682fcdeea20476df834eb43063e31f1aaa07b73777

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 11 Mar 2022 07:38:09 GMT
server: AmazonS3
age: 47187
etag: "eedd78c5f2904ce9b6eabb264a02c2f9"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Mon, 21 Mar 2022 03:50:33 GMT
x-amz-cf-pop: EWR52-C4
content-length: 25423
x-amz-cf-id: 3lrEbql_-zo2cRV66XBcawM3yhILnwThmd0aKhDNTH2ioc1LduLTDQ==

GET
H2 200 480_360_CMS_-20220310190713.png
aphrodite.gmanetwork.com/entertainment/videos/images/ 234 KB
235 KB 25ms
24ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/480_360_CMS_-20220310190713.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 331dd8ebf8c352b945e57b7f49cd1690bf94745c97e2a165600a1df6bbf196ad

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Thu, 10 Mar 2022 11:07:16 GMT
server: AmazonS3
age: 1849
etag: "6b7aa50e78cefb1c54fca6783a8e8673"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Mon, 21 Mar 2022 16:26:11 GMT
x-amz-cf-pop: EWR52-C4
content-length: 239783
x-amz-cf-id: c6iEvhCnk-LPB5tex6zgBDFz4i-fmha4tZXIWJMC3ihX-fRuM8wxQw==

GET
H2 200 480_360_OTS_NCAA_REPORTERS_THUMB_-20220316134834.png
aphrodite.gmanetwork.com/entertainment/videos/images/ 287 KB
288 KB 26ms
25ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/480_360_OTS_NCAA_REPORTERS_THUMB_-20220316134834.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e0832013f87df56b5a97371267ef4fb2ad14eb55798fbce55f3580c4daa39d6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 03:50:33 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 05:48:36 GMT
server: AmazonS3
age: 47187
etag: "6cd5d29a43b00910ea80d0636265979e"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 293800
x-amz-cf-id: u7Fyhvvita1jGehnVljZ6hOCRgvmyK74oGPqJleU_fTf7qVxbcxRfw==

GET
H2 200 pixel;r=1089741054;labels=category.Entertainment%2Ckeywords.oktoberfest%2Ckeywords.origin%2Ckeywords.history%2Ckeywords.munich%2Ckeywords.bavaria%2Ckeywords.germany%2Ckeywords.wedding%2Ckeywords.ki...
pixel.quantserve.com/ 35 B
372 B 30ms
28ms Image
image/gif 2620:116:800b:21:ea23:7677:128a:8c9c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1089741054;labels=category.Entertainment%2Ckeywords.oktoberfest%2Ckeywords.origin%2Ckeywords.history%2Ckeywords.munich%2Ckeywords.bavaria%2Ckeywords.germany%2Ckeywords.wedding%2Ckeywords.king%20louis%20i%2Ckeywords.princess%2Ckeywords.therese%20von%20sachsen-hildburghausen%2Ckeywords.theresienwiese%2Ckeywords.thereses%20fields%2Ckeywords.wiesn%2Ckeywords.tradition%2Ckeywords.total%20beer%20consumed%2Ckeywords.annually%2Ckeywords.evolution%2Ckeywords.celebration%2Ckeywords.festivities%2Ckeywords.trivia%2Ckeywords.lifestyle%2Ckeywords.hobbies%20and%20interests%2Ctitle.How%20and%20where%20did%20the%20Oktoberfest%20originate%3F;rf=0;a=p-ernMzxMzj4rTH;url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-9276533-1647881819221;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=gmanetwork.com;je=0;sr=1600x1200x24;dst=0;et=1647881819221;tzo=0;ogl=title.How%20and%20where%20did%20the%20Oktoberfest%20originate%3F%2Cdescription.Why%20is%20it%20celebrated%20in%20October%3F%20You%20may%20ask%252E%20Find%20out%20HERE%3A%2Cimage.https%3A%2F%2Faphrodite%252Egmanetwork%252Ecom%2Fentertainment%2Farticles%2F900_675_Main_Image07_100%2Cimage%3Awidth.900%2Cimage%3Aheight.675%2Cimage%3Asecure_url.https%3A%2F%2Faphrodite%252Egmanetwork%252Ecom%2Fentertainment%2Farticles%2F900_675_Main_Image07_100%2Curl.https%3A%2F%2Fwww%252Egmanetwork%252Ecom%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-%2Ctype.website

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:ea23:7677:128a:8c9c , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:56:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 uuid.min.js Show response
cdnjs.cloudflare.com/ajax/libs/node-uuid/1.4.8/ 2 KB
2 KB 53ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/node-uuid/1.4.8/uuid.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87b3e2271b71b1fefe56400637a37ef3fd2a66b84aee860973fa60b839d8262e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3232963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1095
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJDoK2Tyak%2B0WfnLpHQE2JZ4VLzjhOwBOJQ67Fzl16zlZjJQ2MbG7xD5M693AzAa4BK9U%2BPRNjz2m8Xaje%2BgOs%2Beo018E8i8k%2FDoffVQ0n5ctADyoG5MFQMcxrE%2Fx%2BvPP%2FMmW%2FsT75IIUxynoxXCew7q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ef8395aedc17142-YUL
expires: Sat, 11 Mar 2023 16:56:59 GMT

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 24ms
23ms Script
application/javascript 2600:9000:21dd:e200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/async-buttons.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:e200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 02:59:40 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 136639
x-cache: Hit from cloudfront
content-length: 18813
server: nginx/1.20.1
etag: W/"61e1c3fb-16245"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 15b896d254f935ae71226074f7ea14b6.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: EWR53-C2
x-robots-tag: noindex, nofollow
x-amz-cf-id: 0QAwUEt6DvaRiY1pOw8doykuob-wWK-SJVp-SUUVraN5t20H3JghaQ==
expires: Wed, 23 Mar 2022 02:59:40 GMT

GET
H/1.1

200
OK

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1647881819842.27861&hostname=www.gmanetwork.com&location=%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-whe...
https://l.sharethis.com/sc?event=pview&version=buttons.js&lang=en&sessionID=1647881819842.27861&hostname=www.gmanetwork.com&location=%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-...

160 B
684 B

37ms
36ms

XHR
text/plain

3.129.242.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/sc?event=pview&version=buttons.js&lang=en&sessionID=1647881819842.27861&hostname=www.gmanetwork.com&location=%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&title=How%20and%20where%20did%20the%20Oktoberfest%20originate%3F%20%7C%20GMA%20Entertainment&sop=false&description=Why%20is%20it%20celebrated%20in%20October%3F%20You%20may%20ask.%20Find%20out%20HERE%3A&samesite=None

Requested by

Protocol

HTTP/1.1

Server

3.129.242.122 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0444cac4f89958fe4a2fb343a03df7afff5b942facef06db9b21409d8680187f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:00 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 160
Stid: ZHAABWI4rlsAAAAIGjlcAw==

Redirect headers

Date: Mon, 21 Mar 2022 16:56:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Max-Age: 1728000
Content-Type: text/html; charset=utf-8
Location: /sc?event=pview&version=buttons.js&lang=en&sessionID=1647881819842.27861&hostname=www.gmanetwork.com&location=%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&title=How%20and%20where%20did%20the%20Oktoberfest%20originate%3F%20%7C%20GMA%20Entertainment&sop=false&description=Why%20is%20it%20celebrated%20in%20October%3F%20You%20may%20ask.%20Find%20out%20HERE%3A&samesite=None
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 871
Stid: ZHAABWI4rlsAAAAIGjlcAw==

GET
H/1.1 200
OK d3d3LmdtYW5ldHdvcmsuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 73ms
18ms XHR
application/json 23.52.164.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmdtYW5ldHdvcmsuY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-164-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:56:59 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=38908
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 90d4a4452b1860b7a3b29d9b93c6eeda
Content-Length: 15
Expires: Tue, 22 Mar 2022 03:45:27 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 94ms
19ms Image
image/gif 23.52.162.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=0.7555765997879944
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:59 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Wed, 20 Apr 2022 16:56:59 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 8FA6 43 B
260 B 19ms
18ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&d=GMANMI_DFP_DISPLAY1%3A343684595%3A346094075%3A-&de=262645046815&t=1647881819128&i=MOAT_FEATHER_DEBUG1&gw=gmanmidfpdisplay183413089896&cm=1&ac=1&f=0&bq=0&ar=359f21c1e97-clean&iw=2add9d8&dMoatOQs=moatClientLevel1%3D4914438385%26moatClientLevel2%3D2739195827%26moatClientLevel3%3D5471012876%26moatClientLevel4%3D138322335932%26moatClientSlicer1%3D343684595%26moatClientSlicer2%3D346094075%26zMoatSZ%3D300x250%26zMoatPS%3DENT_Celeblife_Desktop_Mrec1_1%26zMoatPT%3DCelebrity_Life_Article_Page%26zMoatMMV%3D%26zMoatSite%3DGMA_Entertainment%26zMoatMData%3D%26zMoatMGV%3D%26zMoatMSafety%3D&fq=0&sy=0&gh=0&wb=0&g=1&tc=1&na=370979397&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:56:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 16:56:59 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
19ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=GMANMI_DFP_DISPLAY1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1647881819902&de=398096358040&m=0&ar=359f21c1e97-clean&iw=a1dda84&q=2&cb=0&ym=0&cu=1647881819902&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4914438385%3A2739195827%3A5471012876%3A138322335932&zMoatPT=Celebrity_Life_Article_Page&zMoatSZ=300x250&zMoatPS=ENT_Celeblife_Desktop_Mrec1_1&zMoatSite=GMA_Entertainment&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&id=1&ii=4&bo=343684595&bd=346094075&zMoatOrigSlicer1=343684595&zMoatOrigSlicer2=346094075&gw=gmanmidfpdisplay183413089896&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1106%3A1106%3A0%3A993&iq=na&tt=na&tu=&tp=&fs=197273&na=1233984450&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:56:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 16:56:59 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 44FC 43 B
260 B 23ms
22ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&d=GMANMI_DFP_DISPLAY1%3A343684595%3A21798732940%3A-&de=84806201347&t=1647881819168&i=MOAT_FEATHER_DEBUG1&gw=gmanmidfpdisplay183413089896&cm=1&ac=1&f=0&bq=0&ar=359f21c1e97-clean&iw=2add9d8&dMoatOQs=moatClientLevel1%3D88868795%26moatClientLevel2%3D2921963009%26moatClientLevel3%3D5852356465%26moatClientLevel4%3D138374677129%26moatClientSlicer1%3D343684595%26moatClientSlicer2%3D21798732940%26zMoatSZ%3D970x250%26zMoatPS%3DENT_Celeblife_Desktop_Leaderboard1_1%26zMoatPT%3DCelebrity_Life_Article_Page%26zMoatMMV%3D%26zMoatSite%3DGMA_Entertainment%26zMoatMData%3D%26zMoatMGV%3D%26zMoatMSafety%3D&fq=0&sy=0&gh=0&wb=0&g=1&tc=1&na=1396306524&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:00 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 16:57:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 44FC 43 B
260 B 37ms
19ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&d=GMANMI_DFP_DISPLAY1%3A343684595%3A21798732940%3A-&de=84806201347&t=1647881819168&i=MOAT_FEATHER_DEBUG1&gw=gmanmidfpdisplay183413089896&cm=1&ac=1&f=0&bq=0&ar=359f21c1e97-clean&iw=2add9d8&dMoatOQs=moatClientLevel1%3D88868795%26moatClientLevel2%3D2921963009%26moatClientLevel3%3D5852356465%26moatClientLevel4%3D138374677129%26moatClientSlicer1%3D343684595%26moatClientSlicer2%3D21798732940%26zMoatSZ%3D970x250%26zMoatPS%3DENT_Celeblife_Desktop_Leaderboard1_1%26zMoatPT%3DCelebrity_Life_Article_Page%26zMoatMMV%3D%26zMoatSite%3DGMA_Entertainment%26zMoatMData%3D%26zMoatMGV%3D%26zMoatMSafety%3D&fq=0&sy=0&gh=0&wb=0&g=2&tc=1&id=1&na=665947906&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:00 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 16:57:00 GMT

GET
H2 200 5f212d9d5440c96fb49c4d53.js Show response
cdn.vidcrunch.com/ Frame 8FA6 440 B
793 B 22ms
22ms Script
text/javascript 8.252.31.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/5f212d9d5440c96fb49c4d53.js?channelId=5f212d174b419e3bf16f66ad&cb=1647881820111
Requested by: Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsspu4Bl5Z6gKBThpJNVflX6bhsV0SVG0LGI69YoJSVJgH-gOpv7qKhC6PJAvN14X03ovvnB4v33odY_4YD6L4BaeIcKuldQzSlayvWhNA0dpi8SOP7u5s0_wcFnpL0IQEVe7g9xGY7Hl8avOhkIP43LUku56hUsPbbsN7-y--mB9jt_gON_l9agn5w2Bm7zrsD5zxxsxqAb407wPo4T71NpV5M7ZBQhop-51a18T1NNnOaMhLG3lVYOrOxtolFVqqWCmu8QFuNdSn2iYBC8IdXvckH7XVGI9-FVePvW0SEYkRTMK-EXVt-19tFHP6ShovCItUrviZB9ZiA&sai=AMfl-YQ-mH0t86RdrecE44UroiaadqIGeTJhL7s20Cq-_5zkQ18ZcBuWe7mnypSWtSlAK7-4LGo6KzDMC-FbJbW9Dy2HhtaZiecutbtdHam7lP2tekdGw8HwHSxtVyWl_yEA&sig=Cg0ArKJSzPzFRV2n1xcJEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.252.31.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27c8dd8b9b8947535a0d67cc1f009f4d724711935637b3f4919c9a52c0a6aad8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
last-modified: Thu, 10 Mar 2022 13:29:42 GMT
server: AmazonS3
age: 962768
etag: "fcb49bb3d2c35a94eaa35b1b6c03c647"
x-amz-id-2: GORfqZKdA8PuQfb8CQyAYD9XIohaW4EAsGt2Wid17hh50l8bxBD4cm9wGUdFViJYeiNdXyGfobE=
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 440
accept-ranges: bytes
x-amz-request-id: 2Z0KVT0QKYHHJA2A
x-cdn: Lumen
expires: Mon, 09 May 2022 13:31:13 GMT

GET
H2 200 900_675_Main_Image07_1008__20211008095228.jpg
aphrodite.gmanetwork.com/entertainment/articles/ 119 KB
120 KB 486ms
486ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/articles/900_675_Main_Image07_1008__20211008095228.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70f6e89aad2247918026119991ae8fe2635a9824a0bb181c8fba5995fc1d5783

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 08 Oct 2021 01:52:31 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
etag: "5deda58f3b469f6bbceb7e512b7db172"
x-cache: RefreshHit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Mon, 21 Mar 2022 16:57:01 GMT
content-length: 121978
x-amz-cf-id: Z7YVf4NYPWmo-NusO_MRCbGoZPztvuhf5oyxZZj0YTAqxFwmil9NMQ==

GET
H2 200 zoomd.widget.logger.min.js Show response
d99666469a0d.bitsngo.net/widget-scripts/ 8 KB
4 KB 25ms
25ms Script
application/x-javascript 69.164.46.3
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/widget-scripts/zoomd.widget.logger.min.js?ver=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.3 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-3.jfk.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3727ee6b2ebeb3d7afd764d42abf601c2d36896755f94df00a14837b47f65c5d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 12:54:14 GMT
server: Microsoft-IIS/10.0
age: 358657
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 3849
x-llid: ec87e1a472e2d494b5c946c28410f567
expires: Sun, 27 Mar 2022 13:19:23 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=GMANMI_DFP_DISPLAY1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1647881819979&de=881364681777&m=0&ar=359f21c1e97-clean&iw=a1dda84&q=5&cb=0&ym=0&cu=1647881819979&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=88868795%3A2921963009%3A5852356465%3A138374677129&zMoatPT=Celebrity_Life_Article_Page&zMoatSZ=970x250&zMoatPS=ENT_Celeblife_Desktop_Leaderboard1_1&zMoatSite=GMA_Entertainment&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&id=1&ii=4&bo=343684595&bd=21798732940&zMoatOrigSlicer1=343684595&zMoatOrigSlicer2=21798732940&gw=gmanmidfpdisplay183413089896&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1106%3A1106%3A0%3A993&iq=na&tt=na&tu=&tp=&fs=197273&na=1082944435&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:00 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 16:57:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 92ms
18ms XHR
application/json 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1647881820135&sessionId=67354ba6-b1e0-efe8-2e08-7bb5f47e9648&url=www.gmanetwork.com&cheqSource=1&cheqEvent=3&responseTime=275
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:00 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: b755c2a9f5c9cd7438215731be206147
Content-Length: 4
Expires: 0

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 17ms
17ms Stylesheet
text/css 2600:9000:21dd:e200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/css/buttons-secure.css

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:e200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 08:16:54 GMT
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 18:42:03 GMT
server: nginx/1.20.1
age: 31206
etag: W/"61e1c3fb-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 15b896d254f935ae71226074f7ea14b6.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: pOxzkMTDaMssEUBkKynvavcZEEc6MtQSdE7LEkT6ObbjJo-fOLauQg==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8FA6 0
0 45ms
44ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHE9M7TIvFyP8G4oZbB22NzZMWW6DJMA3LqvKwiirepwSJvi5pvi5MNSFGTCDaQb-M8PFWdujElcMZzu6NnSFxymSUbDgh-75OMrTbICuvtGa9Uy1wel2DGgBTevXcBl-1QRE-vk2eOEbDgYBnoIHyUy-svX-KBE7D0HGcyGbW1IIbb9o9hYYl4GoiyT0YiD7iBbOEeZRczOInCLmU8A897lZUOIUdXntqH-aHv_7rTn1rliYsmm7-CJrTX7ek50Wy-qLhWeyKtQaDsSuN0_SWxl1uzLlq7eG_UOGHCN0uDsuxGzMs_vQ7pC4u-vTcmVOxl_OeNllBi29hnKF2fA&sai=AMfl-YScWTC2KSonuNSGPFwaFSg_xSIn0rf_5Je23oAmYzqHEEuOH2DFh1zRCmuChvqr__WhrzgDShpPL4C6Xv42zPlp6fNPBZAsHwUSLd6txqVZzu27kMaz3dnsBmjj6S1u&sig=Cg0ArKJSzHa-U738awWNEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:57:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 21 Mar 2022 16:57:00 GMT

GET
H2 200 aniview.js Show response
player.aniview.com/script/6.1/ Frame 8FA6 26 KB
10 KB 77ms
19ms Script
application/javascript 2600:1400:d:592::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/aniview.js
Requested by: Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsspu4Bl5Z6gKBThpJNVflX6bhsV0SVG0LGI69YoJSVJgH-gOpv7qKhC6PJAvN14X03ovvnB4v33odY_4YD6L4BaeIcKuldQzSlayvWhNA0dpi8SOP7u5s0_wcFnpL0IQEVe7g9xGY7Hl8avOhkIP43LUku56hUsPbbsN7-y--mB9jt_gON_l9agn5w2Bm7zrsD5zxxsxqAb407wPo4T71NpV5M7ZBQhop-51a18T1NNnOaMhLG3lVYOrOxtolFVqqWCmu8QFuNdSn2iYBC8IdXvckH7XVGI9-FVePvW0SEYkRTMK-EXVt-19tFHP6ShovCItUrviZB9ZiA&sai=AMfl-YQ-mH0t86RdrecE44UroiaadqIGeTJhL7s20Cq-_5zkQ18ZcBuWe7mnypSWtSlAK7-4LGo6KzDMC-FbJbW9Dy2HhtaZiecutbtdHam7lP2tekdGw8HwHSxtVyWl_yEA&sig=Cg0ArKJSzPzFRV2n1xcJEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1400:d:592::2c79 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 625d5045bbad85753d71af310f093afd66f84024777e2a6413cbd680429cd589

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdu5w5N7qio7I66iz4g9Kdd3NfDQwA8nu--wnj8ivGjyxrG_PsjO9OyVR4wYs-603EOHCOqTv8Bz9pwbqX0r0kw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 9411
last-modified: Tue, 15 Mar 2022 06:30:57 GMT
server: UploadServer
etag: "23fa81b5f3d763b662a58567032ba34f"
vary: Accept-Encoding
x-goog-hash: crc32c=wLm1HA==, md5=I/qBtfPXY7ZipYVnAyujTw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1647325857124484
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9411
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 21 Mar 2022 17:02:00 GMT

GET
H2 200 track
track1.aniview.com/ Frame 8FA6 0
71 B 86ms
23ms Image
text/plain 34.206.162.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5eea0864e08b0760d33128ae&cid=5f212d174b419e3bf16f66ad&e=playerLoaded&cb=1647881820158
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.162.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-162-204.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F5600437763217876655&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-KDIqFj9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-3Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=Sqht8Mx%3BIB&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&id=1&ii=4&f=0&j=&t=1647881819979&de=881364681777&cu=1647881819979&m=17&ar=359f21c1e97-clean&iw=a1dda84&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4573&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1106%3A1106%3A0%3A993&as=0&ag=3&an=0&gf=3&gg=0&ix=3&ic=3&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=3&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6&cd=0&ah=6&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=88868795%3A2921963009%3A5852356465%3A138374677129&bo=343684595&bd=21798732940&gw=gmanmidfpdisplay183413089896&zMoatOrigSlicer1=343684595&zMoatOrigSlicer2=21798732940&zMoatPT=Celebrity_Life_Article_Page&zMoatSZ=970x250&zMoatPS=ENT_Celeblife_Desktop_Leaderboard1_1&zMoatSite=GMA_Entertainment&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&iq=na&tt=na&tu=&tp=&tc=0&fs=197273&na=1093295179&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:00 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 16:57:00 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 36 KB
15 KB 591ms
544ms Script
text/javascript 151.101.210.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&idx=0&rand=97246&key=NANOWDGT01&widgetJSId=AR_30&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=237&py=4077&vpd=2877&cw=770&activeTab=true&darkMode=false&settings=true&recs=true&version=2000640&sig=UZQWG8hS&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&aqp=utm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&id5=ID5*ntPblOHbe57JUW4xu6jbCCX9WcnNrsvk3G2mEzoHEXILyWljQH0s4DyS1E8MgAlbC8ozsC5Sbb6oQ6cQTrlyowvLSt90VeKFXlXeaG5rC_QLzPGnvDgvM35liPyWWpNCC821e9eV1RynUUkuMVcN_AvOv8r_FJMBDdlZQP6gwmMLz8i5NEplBTQrjwr0c5ftC9BjMtZTgOi1XF23gNTozwvRlYLiJeoOnrFHdwRBL7EL0vqHQ_Zd3LVOjRT1evVUC9NaWBPrWhrAqSYwoY8aGAvUrU7iz3tT13D1-9TXI7AL1exiIt_hDz2I1BEqVW17C9YzumA3RCRKKl0raBgOJwvXLcg7X8e3tIgTImqnZJ4L2D_PSoMFkzbqrfsu410_C9kdaF-V6mzZJWR_HTZglgva-xUBsZqxz7jGSug9UzUL2xmqY1TI7uOwtbL_fGLrC9xUWX9L1YA-WRqhZqwBrgvdvMqJ494U0WtQFyu0krAL3q4aU0qqlnisM0KVIMOxC9-uX-ShQNH5L0EWRzqNkQvgNUY87Pbzo8DGF2EsQYML4cHdAKUjCZ-hOXLq0V0AC-IeT6QYZ10AHgQ4Rk6kAwvjJ2aqO5D0hmtlI-61cggL5FVyutb4BPULf5Kf_-QZC-VNLdEg7k7hDm_ILM3OEA&id5type=1&ogn=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.210.132 Newark, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 93eeec873e08dee30e168ad7c07af5c7ba164e836f9b1314d9c3c64ae5c5bcbd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: gzip
traffic-path: SADC1, EWR, North_America
x-cache: MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-cache-hits: 0
x-traceid: b7f2fff6e8a645aa9b0afcee1cf592d9
content-length: 14493
x-served-by: cache-ewr18168-EWR
pragma: no-cache
x-timer: S1647881820.222986,VS0,VE527
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 121ms
74ms Fetch
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: d99666469a0d.bitsngo.net
URL: https://d99666469a0d.bitsngo.net/widget-scripts/zoomd.widget.loader.min.js?ver=4.0.v20220317125347.11905

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 16297774524744588451
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 21 Mar 2022 16:57:00 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 109ms
24ms Script
application/javascript 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?rnd=1647881820175&cid=c010&dmn=www.gmanetwork.com&gdpr_domain=false

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

9199db884caefe94e61764def614cfe37b0acec90c05956796ff762987c5ff06

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1363
Expires: Mon, 21 Mar 2022 17:57:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44FC 42 B
497 B 79ms
42ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHRYW3hNWcDG6A8m-jfmoJCrrZuz9Y5e_SdEgMIXOHcd6ss1pHIjs1MEbv8bGnYRybx5cN2SPcVXralZ4HNpFN5UXI29ad3fXSX-1WI8bxfwNVhGBa&sig=Cg0ArKJSzJaF6qneIlaQEAE&id=lidar2&mcvt=1000&p=70,315,320,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1118826149&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647881818752&rpt=395&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK AVmanager.js Show response
player.vidcrunch.com/script/6.1/ Frame 3E48 365 KB
103 KB 396ms
36ms Script
application/javascript 2600:1400:c000::172b:3a8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:c000::172b:3a8a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 5ca5329444dae31b56cd7c9d89aa0152f0767a16cbad6e068966ae956e567868

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:00 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdtlCTjzxqIaYgG1ON4U2zuiXOlajIqaLrAcanaEt8p-SDpOR83AzhSndkg51N-Cq4P1PsJB2BZGrObWgg9RyStSWjussQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 104663
Last-Modified: Mon, 21 Mar 2022 15:04:31 GMT
Server: UploadServer
ETag: "44acf1a344e23e382f049224a668d242"
Vary: Accept-Encoding
x-goog-hash: crc32c=KfAxrA==, md5=RKzxo0TiPjgvBJIkpmjSQg==
Content-Language: en
Access-Control-Allow-Origin: *
x-goog-generation: 1647875071046546
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=300
x-goog-stored-content-length: 104663
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Mon, 21 Mar 2022 17:02:00 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 9EEF 2 KB
1 KB 20ms
19ms Document
text/html 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.873.23186&cid=c010

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?rnd=1647881820175&cid=c010&dmn=www.gmanetwork.com&gdpr_domain=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

Content-Length: 1160
Cache-Control: max-age=604800
Expires: Mon, 28 Mar 2022 16:57:00 GMT
Date: Mon, 21 Mar 2022 16:57:00 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Encoding: gzip
Content-Type: text/html
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK gmanetwork_zoomd.js Show response
prodpsus1.blob.core.windows.net/content/pixels/ 860 B
1 KB 173ms
34ms Script
application/x-javascript 20.150.88.132
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prodpsus1.blob.core.windows.net/content/pixels/gmanetwork_zoomd.js?userId=d961550e-a2fb-48c1-b460-760b4fc2ae7e
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.88.132 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d46b7712943d14b327830c345926bdb29d127f75dfd28105dd88b5f0293981b7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 21 Mar 2022 16:57:00 GMT
Last-Modified: Thu, 20 May 2021 10:56:59 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: SeH3AvXe18mvsXriAhnG7g==
ETag: "0x8D91B7DFDD717B0"
x-ms-meta-CbModifiedTime: Thu, 20 May 2021 10:55:52 GMT
Content-Type: application/x-javascript
x-ms-request-id: 6011038d-a01e-0017-3c44-3dcfa3000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 860
x-ms-lease-state: available

POST
H/1.1 200
OK GetToken Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 224 B
953 B 131ms
37ms XHR
application/json 104.209.192.206
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.209.192.206 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8e498807477a535a158346a21fd4b7860afd193bc474c5172cbf1abb3ac74542

Request headers

Accept: */*
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 21 Mar 2022 16:57:00 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 324

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 107ms
79ms Fetch
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: d99666469a0d.bitsngo.net
URL: https://d99666469a0d.bitsngo.net/widget-scripts/zoomd.widget.loader.min.js?ver=4.0.v20220317125347.11905

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54921
x-xss-protection: 0
server: cafe
etag: 4534471561382026359
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 16:57:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 3 KB
627 B 62ms
34ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 15:20:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Mar 2022 16:57:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Mar 2022 16:57:00 GMT

GET
H3 200 icon
fonts.googleapis.com/ 569 B
366 B 63ms
36ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 16:57:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Mar 2022 16:57:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Mar 2022 16:57:00 GMT

GET
H2 200 masonry.pkgd.min.js Show response
d99666469a0d.bitsngo.net/widget-scripts/ 25 KB
10 KB 23ms
23ms Script
application/x-javascript 69.164.46.3
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/widget-scripts/masonry.pkgd.min.js?v=4.0.v201807040945
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.3 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-3.jfk.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b4ab3afc167a24f795563b7a51fae8dfbe6efc232ccb2e2add52dacc59cec3e3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 09:55:22 GMT
server: Microsoft-IIS/10.0
age: 109304
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 10208
x-llid: 0765ab80cd2825aedb6d99351507cc9d
expires: Wed, 30 Mar 2022 10:35:16 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 49ms
22ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 28708416
cdn-cachedat: 2021-03-10 13:26:28
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9de03c320bd826dd854266be13ad082b
cf-ray: 6ef839611eaf4bb9-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3 200 core.min.js Show response
cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/ 86 KB
26 KB 39ms
23ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/core.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c062e44ef26a7b57ee5e158af4af360561ed6f3d18d96e4c1faa9b69097add0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1027162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25572
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-156f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yd3DDgdPEC%2FDV6WxWwXpSGhVg3cXSiFAvCuNLK5vr1FeIQvBY6TFajOty0CPlqA5TXELzHWXS2%2FBjcJLFPQGaFM5ekeyErlAUHHPGVCh9Q1qOqpeARB9yDdHZOhHN1%2BtGG48jd6jkbxpGeISyqGUQUIl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ef839611b9aecea-YUL
expires: Sat, 11 Mar 2023 16:57:00 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.873.23186/a/CA/ Frame B444 23 KB
10 KB 22ms
21ms Script
text/javascript 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.873.23186/a/CA/t_.js?cid=c010

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.873.23186&cid=c010

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

79c54b3e884eff89d5bb4de506d76aad867ef49583c5d5364a3d3e5a0a8e5546

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.873.23186&cid=c010
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:00 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 9493
Expires: Mon, 28 Mar 2022 16:57:00 GMT

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v28/ 16 KB
16 KB 23ms
22ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:44:51 GMT
x-content-type-options: nosniff
age: 497529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:06:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:44:51 GMT

GET
H2 200 runtime.js Show response
d99666469a0d.bitsngo.net/content/4.0/js/ 3 KB
2 KB 23ms
22ms Script
application/x-javascript 69.164.46.3
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/content/4.0/js/runtime.js?v=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.3 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-3.jfk.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b7fa4ecd73e09d3c33ee2d635c416c8cb1dcfe500a1536936e7b3e4052eaff6b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 13:00:24 GMT
server: Microsoft-IIS/10.0
age: 358654
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 1984
x-llid: 2297f1d350ac509adfef715d0128feb7
expires: Sun, 27 Mar 2022 13:19:26 GMT

GET
H2 200 zoomd.widget.externalcontent.loader.min.js Show response
d99666469a0d.bitsngo.net/widget-scripts/extra_content/ 15 KB
6 KB 23ms
22ms Script
application/x-javascript 69.164.46.3
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/widget-scripts/extra_content/zoomd.widget.externalcontent.loader.min.js?ver=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.3 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-3.jfk.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 34d2701c293a921dbbaf7b206c1f4ffb541a7223c1ab3c5c6ff2b1fa011a85a0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 12:54:20 GMT
server: Microsoft-IIS/10.0
age: 358654
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 6259
x-llid: 9a74a0491fa696acb21b149f8250c6a6
expires: Sun, 27 Mar 2022 13:19:26 GMT

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame A1A6 438 B
675 B 181ms
37ms Script
application/javascript 3.132.123.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.873.23186&cid=c010

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.132.123.199 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-132-123-199.us-east-2.compute.amazonaws.com

Software

Resource Hash

d0607f25565941fcc65c024ba1de08b4c8379d0451f4461a12e7f49dd5213437

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:00 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: application/javascript

GET
H/1.1

200
OK

nlsn
sync.sharethis.com/ Frame B444
Redirect Chain

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://sync.sharethis.com/nlsn?uid=2ed87245b9b3dfa3fc2a2dbfbf275d45

42 B
297 B

178ms
36ms

Image
image/gif

13.59.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/nlsn?uid=2ed87245b9b3dfa3fc2a2dbfbf275d45

Requested by

Protocol

HTTP/1.1

Server

13.59.214.99 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Mon, 21 Mar 2022 16:57:00 GMT
Content-Length: 42
Stid: ZHAABWI4rlsAAAAIGjlcAw==
Content-Type: image/gif

Redirect headers

date: Mon, 21 Mar 2022 16:57:00 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sync.sharethis.com/nlsn?uid=2ed87245b9b3dfa3fc2a2dbfbf275d45
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1

200
OK

lotame
sync.sharethis.com/int/ Frame B444
Redirect Chain

https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_conse...
https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_...
https://sync.sharethis.com/int/lotame?uid=974ff2a19427fffafd50354df8c76068&gdpr=0&gdpr_consent=

42 B
297 B

131ms
43ms

Image
image/gif

13.59.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/int/lotame?uid=974ff2a19427fffafd50354df8c76068&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

13.59.214.99 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Mon, 21 Mar 2022 16:57:00 GMT
Content-Length: 42
Stid: ZHAABWI4rlsAAAAIGjlcAw==
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:00 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.sharethis.com/int/lotame?uid=974ff2a19427fffafd50354df8c76068&gdpr=0&gdpr_consent=
cache-control: no-cache
x-server: 10.40.43.226
content-length: 0
expires: 0

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame B444
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=735904f1-e50d-418d-88c3-0192d4f4b2df&gdpr=0&gdpr_consent=

42 B
297 B

172ms
39ms

Image
image/gif

13.59.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=735904f1-e50d-418d-88c3-0192d4f4b2df&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

13.59.214.99 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Mon, 21 Mar 2022 16:57:00 GMT
Content-Length: 42
Stid: ZHAABWI4rlsAAAAIGjlcAw==
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.sharethis.com/ttd?uid=735904f1-e50d-418d-88c3-0192d4f4b2df&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame B444
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2FoTaFWlDpsQvf5ZxaAO2cIRel86N-u2Qd44M9kVHjmM&gdpr=0&gdpr_consent=

42 B
297 B

175ms
37ms

Image
image/gif

13.59.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2FoTaFWlDpsQvf5ZxaAO2cIRel86N-u2Qd44M9kVHjmM&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

13.59.214.99 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Mon, 21 Mar 2022 16:57:00 GMT
Content-Length: 42
Stid: ZHAABWI4rlsAAAAIGjlcAw==
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2FoTaFWlDpsQvf5ZxaAO2cIRel86N-u2Qd44M9kVHjmM&gdpr=0&gdpr_consent=
Date: Mon, 21 Mar 2022 16:57:00 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

csync.ashx
ml314.com/ Frame B444
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3625949748297990195
https://ml314.com/csync.ashx?fp=272f78112db6add66d3d14845236273b41c39f39881ead7bb61532496cf6a1c3f4cb09cee1a4f8eb&person_id=3625949748297990195&eid=50082

43 B
312 B

25ms
25ms

Image
image/gif

34.233.103.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=272f78112db6add66d3d14845236273b41c39f39881ead7bb61532496cf6a1c3f4cb09cee1a4f8eb&person_id=3625949748297990195&eid=50082
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Server: 34.233.103.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-103-61.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:00 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Tue, 22 Mar 2022 12:57:00 GMT

Redirect headers

date: Mon, 21 Mar 2022 16:57:00 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=272f78112db6add66d3d14845236273b41c39f39881ead7bb61532496cf6a1c3f4cb09cee1a4f8eb&person_id=3625949748297990195&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

drawbridge
sync.sharethis.com/ Frame B444
Redirect Chain

https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&...
https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&...
https://sync.sharethis.com/drawbridge?uid=a80a0013eea1b7fddf19fd73dd6f289a

42 B
297 B

159ms
37ms

Image
image/gif

13.59.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/drawbridge?uid=a80a0013eea1b7fddf19fd73dd6f289a

Requested by

Protocol

HTTP/1.1

Server

13.59.214.99 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a23-78-204-173.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Mon, 21 Mar 2022 16:57:00 GMT
Content-Length: 42
Stid: ZHAABWI4rlsAAAAIGjlcAw==
Content-Type: image/gif

Redirect headers

date: Mon, 21 Mar 2022 16:57:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='NON DSP COR CONi OUR BUS CNT'
location: https://sync.sharethis.com/drawbridge?uid=a80a0013eea1b7fddf19fd73dd6f289a
cf-ray: 6ef839627baaa204-YYZ
content-length: 0

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 158ms
32ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Mon, 21 Mar 2022 16:57:00 GMT

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 98ms
37ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Accept-Language: en-CA,en;q=0.9
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=ZgPtNT8oYGJGRpryADdBkOpRMeMO1XnbmkgkTJBZPEw%3D&se=1647883095&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: pageView
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
clientId: "89268379"

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 21 Mar 2022 16:56:59 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

GET
H2 200 vendor.js Show response
d99666469a0d.bitsngo.net/content/4.0/js/ 451 KB
154 KB 23ms
22ms Script
application/x-javascript 69.164.46.3
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/content/4.0/js/vendor.js?v=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.3 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-3.jfk.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 08c81648bcbad3dd665ef330cf7e792f55a7a4dd36468820a8c4412fa15f8e9b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 13:00:24 GMT
server: Microsoft-IIS/10.0
age: 358654
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 157748
x-llid: ce798f766130f130bf31d10b0b7f6295
expires: Sun, 27 Mar 2022 13:19:26 GMT

GET
H2 200 jquery.dfp.min.js Show response
d99666469a0d.bitsngo.net//common-scripts/ 7 KB
3 KB 111ms
111ms Script
application/x-javascript 69.164.46.3
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net//common-scripts/jquery.dfp.min.js?v=4.0.v201807040945
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.3 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-3.jfk.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9d566d5a66973cf49495579c828f81361d994a2b2e42690b5824ef1fd7803227

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 12:54:22 GMT
server: Microsoft-IIS/10.0
age: 115154
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 3227
x-llid: 124b9ae4c06beff091614f9f6283894c
expires: Wed, 30 Mar 2022 08:57:46 GMT

GET
H2 200 zd_top.searches.css
d99666469a0d.bitsngo.net/Content/3.0/widget-css/ 16 KB
3 KB 111ms
110ms Stylesheet
text/css 69.164.46.3
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/Content/3.0/widget-css/zd_top.searches.css?ver=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.3 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-3.jfk.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 176f3ca1ee7b655aa9f2c16e71c09dc548d315c9b77ff39d637eebb931d70d81

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 09:55:22 GMT
server: Microsoft-IIS/10.0
age: 358654
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 2799
x-llid: f66d3f465033dbb277565e962289e0f9
expires: Sun, 27 Mar 2022 13:19:26 GMT

GET
H2 200 zd_top.searches.min.js Show response
d99666469a0d.bitsngo.net/widget-scripts/extra_content/ 17 KB
7 KB 111ms
110ms Script
application/x-javascript 69.164.46.3
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/widget-scripts/extra_content/zd_top.searches.min.js?ver=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.3 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-3.jfk.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1426c56748e464a4c9a1dae580dc73acf291663684aa701711537d8709329014

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 12:54:18 GMT
server: Microsoft-IIS/10.0
age: 358654
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 6909
x-llid: 0e0f9a709ea9baa7830c1c7bb40a2c11
expires: Sun, 27 Mar 2022 13:19:26 GMT

GET
H3

200

458249.gif Show response
idsync.rlcdn.com/ Frame 451F
Redirect Chain

https://idsync.rlcdn.com/711123.html?partner_uid=d961550e-a2fb-48c1-b460-760b4fc2ae7e
https://idsync.rlcdn.com/1000.gif?memo=CNOzKxIwCiwIARDTgQoaJGQ5NjE1NTBlLWEyZmItNDhjMS1iNDYwLTc2MGI0ZmMyYWU3ZRAAGg0I3NzikQYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=36ecb55f78834d6d45699ddaa9a1b71644f2881147359fb627946f4b6d418bfc791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzNmVjYjU1Zjc4ODM0ZDZkNDU2OTlkZGFhOWExYjcxNjQ0ZjI4ODExNDczNTlmYjYyNzk0NmY0YjZkNDE4YmZjNzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzNmVjYjU1Zjc4ODM0ZDZkNDU2OTlkZGFhOWExYjcxNjQ0ZjI4ODExNDczNTlmYjYyNzk0NmY0YjZkNDE4YmZjNzkxNDI2YjU0MTdkY2UyMRAAGgwI3NzikQYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=35fcf7ff-b2dd-48a7-bf90-bd53536d7889

42 B
60 B

56ms
55ms

Document
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=35fcf7ff-b2dd-48a7-bf90-bd53536d7889
Requested by: Host: prodpsus1.blob.core.windows.net
URL: https://prodpsus1.blob.core.windows.net/content/pixels/gmanetwork_zoomd.js?userId=d961550e-a2fb-48c1-b460-760b4fc2ae7e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
timing-allow-origin: *
date: Mon, 21 Mar 2022 16:57:00 GMT
content-length: 42
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/458249.gif?partner_uid=35fcf7ff-b2dd-48a7-bf90-bd53536d7889
x-samesite: secure
date: Mon, 21 Mar 2022 16:57:00 GMT
content-length: 111
via: 1.1 google
alt-svc: clear

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 80ms
44ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Accept-Language: en-CA,en;q=0.9
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=ZgPtNT8oYGJGRpryADdBkOpRMeMO1XnbmkgkTJBZPEw%3D&se=1647883095&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: DFPLoaded
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
clientId: "89268379"

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 21 Mar 2022 16:57:00 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 68ms
31ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Mon, 21 Mar 2022 16:57:00 GMT

GET
H2 200 main.js Show response
d99666469a0d.bitsngo.net/content/4.0/js/ 79 KB
26 KB 23ms
23ms Script
application/x-javascript 69.164.46.3
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/content/4.0/js/main.js?v=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.3 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-3.jfk.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 521cfede6a16331d21fdff4b48c11f482412469d46a48aa271f2cce5af3b7e44

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 13:00:24 GMT
server: Microsoft-IIS/10.0
age: 358653
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 25867
x-llid: 96646b379a97c53387a0d787b50757b3
expires: Sun, 27 Mar 2022 13:19:27 GMT

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 89ms
34ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Mon, 21 Mar 2022 16:57:00 GMT

GET
H/1.1 200
OK MultipleTopSearch Show response
zdwidget3-bs.sphereup.com/ 558 B
750 B 39ms
38ms Script
text/javascript 104.209.192.206
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/MultipleTopSearch?callback=jQuery112002954769523782721_1647881816426&clientId=89268379&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&query=&title=&loader=false&containerType=SR1&overrideActions=true&targetUrl=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&_=1647881816427
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.209.192.206 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9336069f4ff33675211907391e6e365074404307082876e5cc899fbb658baf2c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:00 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Content-Type: text/javascript; charset=utf-8
Content-Length: 368
Expires: -1

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 73ms
66ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Accept-Language: en-CA,en;q=0.9
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=ZgPtNT8oYGJGRpryADdBkOpRMeMO1XnbmkgkTJBZPEw%3D&se=1647883095&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: TSrequested
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
clientId: "89268379"

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 21 Mar 2022 16:56:59 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

GET
H3 200 zone.min.js Show response
cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/ 43 KB
13 KB 17ms
17ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

937fdab3409538bd4f6164b79c2caf886f7bb6170fcc37d9bb2fa3c9c010940f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10278976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12870
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:18:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04044-ac73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtE%2BgUzd746QqStVfNbQioNPPyJpuQAVXhm30MqzCVliHFGABBvW%2BZukjQ4Y5eaPBcvn8oSiiBKZDKnsJoCPk7m86%2BEHrIxJk0ukvzNKbopijqSb70X70NfsyeZVq6c68QTbqz22U2omX6h5RDuJomVM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ef839630d93ecea-YUL
expires: Sat, 11 Mar 2023 16:57:00 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ Frame A1A6 51 KB
16 KB 120ms
34ms Script
application/javascript 23.78.204.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.78.204.173 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Mon, 21 Mar 2022 16:57:00 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Mon, 28 Mar 2022 16:57:00 GMT

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 50ms
35ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Mon, 21 Mar 2022 16:57:00 GMT

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 41ms
40ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Accept-Language: en-CA,en;q=0.9
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=ZgPtNT8oYGJGRpryADdBkOpRMeMO1XnbmkgkTJBZPEw%3D&se=1647883095&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: TSdisplayed
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
clientId: "89268379"

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 21 Mar 2022 16:57:00 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

GET
H2 200 track
track1.aniview.com/ 0
70 B 24ms
24ms Image
text/plain 34.206.162.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.gmanetwork.com&sn=&ic=0&tgt=0&app=&wi=300&he=250&test=&d36=6.2.10&apppkg=&fv=1&proto=https&pid=5eea0864e08b0760d33128ae&cid=5f212d174b419e3bf16f66ad&stagid=&stplid=&e=inventory&vi=100&cb=1647881820794
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.162.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-162-204.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 23 KB
4 KB 127ms
52ms XHR
application/json 54.165.191.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_DNTCHECK=1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&AV_PUBLISHERID=5eea0864e08b0760d33128ae&AV_CHANNELID=5f212d174b419e3bf16f66ad&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gmanetwork.com&AV_DADPOS=1&AV_PLACEMENT=1&d36=6.2.10&responsive=1&sver=2&avtoken=820793&AV_WIDTH=300&AV_HEIGHT=250&AV_DNT=0&cb=1647881820828
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.191.202 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-191-202.compute-1.amazonaws.com
Software: /
Resource Hash: cf8253b256feb276a8ec8b7dd7adec4f091e044b28e7de411585295f5486ec5f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 10 Mar 2022 03:10:20 GMT

GET
H2 200 vidcrunch.svg
cdn.vidcrunch.com/integrations/ Frame 8FA6 1 KB
2 KB 19ms
18ms Image
image/svg+xml 8.252.31.250
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidcrunch.com/integrations/vidcrunch.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.252.31.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab1382c70c0a537459c8eec56c1d9f6a66caab98eccb6b7fa057309aae36c99e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
last-modified: Mon, 21 Jun 2021 09:40:53 GMT
server: AmazonS3
age: 3455617
etag: "1c9fbc73f4d739ceb1acb5dd88d42d30"
x-amz-id-2: HUmoxmUcUxEHSYGNFbAXnofuYYy/uxCBEq1Zfxw/oD82XRSO3k/64Nlf08Ifm5akLUj4eOav6ng=
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 1227
accept-ranges: bytes
x-amz-request-id: 40X2V4HZ2VKPKRYA
x-cdn: Lumen
expires: Sun, 10 Apr 2022 17:03:23 GMT

GET
H2 206 5f212d9d5440c96fb49c4d53.mp4
cdn.vidcrunch.com/ Frame 8FA6 224 KB
0 24ms
23ms Media
video/mp4 8.252.31.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/5f212d9d5440c96fb49c4d53.mp4?channelId=5f212d174b419e3bf16f66ad&cb=1647881820111
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.252.31.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.gmanetwork.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
last-modified: Thu, 10 Mar 2022 13:29:42 GMT
server: AmazonS3
age: 962779
etag: "892c855684d8f00b62c151ee5bb70f1a"
x-amz-id-2: CLztmZ5Rddkqel8gYK2qTEH/2MsmljWrsY5DUqMyN39YWgNT+6KdMbHWKRgWO1cUi1hdfHNkqh0=
content-type: video/mp4
Content-Range: bytes 0-1156511/1156512
cache-control: max-age=5184000
Content-Length: 1156512
access-control-allow-origin: *
x-amz-request-id: E5NQRRCVZRN86JWV
x-cdn: Lumen
expires: Mon, 09 May 2022 13:30:50 GMT

GET
H/1.1 200
OK 59574 Show response
stags.bluekai.com/site/ Frame A794 62 B
747 B 133ms
89ms Document
image/gif 184.85.195.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHAABWI4rlsAAAAIGjlcAw%3D%3D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.873.23186%26cid%3Dc010&phint=__bk_v%3D3.1.10&limit=5&r=58231936
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.85.195.135 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-85-195-135.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/

Response headers

Content-Type: image/gif
Content-Length: 62
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Date: Mon, 21 Mar 2022 16:57:00 GMT
Connection: keep-alive

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame 4EEF 2 KB
1004 B 20ms
19ms Document
text/html 23.52.162.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=0e21726d-18a0-4bf6-80a2-4c3f18a6a3ef
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "1e015194a0e596827cb8971f884eb43c:1647766141.118212"
last-modified: Sun, 20 Mar 2022 08:17:50 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 686
cache-control: max-age=14400
expires: Mon, 21 Mar 2022 20:57:00 GMT
date: Mon, 21 Mar 2022 16:57:00 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 8674 416 B
598 B 19ms
19ms Document
text/html 23.52.162.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1647766137.89585"
last-modified: Sun, 20 Mar 2022 08:17:50 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 282
cache-control: max-age=14400
expires: Mon, 21 Mar 2022 20:57:00 GMT
date: Mon, 21 Mar 2022 16:57:00 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 19ms
19ms Image
image/png 23.52.162.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
last-modified: Tue, 08 Mar 2022 10:17:27 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1646735217.992808"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Wed, 20 Apr 2022 16:57:00 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 21ms
20ms Image
image/svg+xml 23.52.162.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
last-modified: Tue, 08 Mar 2022 10:17:27 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1646735198.653837"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 20 Apr 2022 16:57:00 GMT

GET
H/1.1 200
OK l Show response
mcdp-sadc1.outbrain.com/ 2 B
292 B 310ms
79ms Fetch
text/plain 38.133.127.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-sadc1.outbrain.com/l?token=d9ab8758c47c2a128266eb098d117f49_3816_1647881820699&tm=1019&eT=0&widgetWidth=770&widgetHeight=558&widgetX=237&widgetY=4136&wRV=2000640&pVis=1&lsd=0e21726d-18a0-4bf6-80a2-4c3f18a6a3ef&eIdx=&cheq=0&rtt=704&oo=false&ab=0&wl=0
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.133.127.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 21 Mar 2022 16:57:01 GMT
content-encoding: gzip
X-TraceId: ddd20b9010628241eb23ccf2d6f9ec5e
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 48 KB
18 KB 331ms
34ms Script
text/javascript 13.225.223.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-95.jfk51.r.cloudfront.net
Software: Caddy /
Resource Hash: 55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 13:20:24 GMT
content-encoding: gzip
server: Caddy
age: 12997
etag: "bf83-flSXooGsmrmYNlxSK09toJAtNHc"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 9ded77b3c7d35f54d8f10a70f8717c86.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: JFK51-C1
content-length: 18458
x-amz-cf-id: _2EnGWC6ocGQXKYR1FdllI8fN3UIDsc1gP_4sO1xu5MZn_8HH4Wavg==
expires: Tue, 22 Mar 2022 01:20:24 GMT

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame D8B3 17 KB
6 KB 21ms
19ms Document
text/html 23.52.162.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4ba5146eb33e639576b0befa39a523230a21b504b6a68f57bb1a32ea9b514c23

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "2f2b7a716f5b20c4b13adcdfd51e461b:1646323178.713502"
last-modified: Thu, 03 Mar 2022 15:52:32 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
expires: Mon, 21 Mar 2022 20:57:00 GMT
date: Mon, 21 Mar 2022 16:57:00 GMT
content-length: 5861
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 clip.js Show response
widgets.outbrain.com/nanoWidget/2000640/module/ 1 KB
939 B 22ms
22ms Script
application/x-javascript 23.52.162.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000640/module/clip.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 75a831522065e9fa96d424797593491860618d31c45719d56372936f68c5d376

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
content-encoding: gzip
last-modified: Sun, 20 Mar 2022 08:19:31 GMT
server: AkamaiNetStorage
etag: "4ae0b34aff71d43b4059eaf06434092e:1647766016.363468"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 611
expires: Mon, 21 Mar 2022 20:57:00 GMT

GET
H2 200 eyJpdSI6IjU3ODVkMGRmZjVkOWM5Y2JiYTJkMWQ5YjIyYmY1MjI0ZmExODI1NDZhNmVjMzFkZGUyY2Y0YWJlM2UzMTQ3YTYiLCJ3IjozMTgsImgiOjIyMiwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 20 KB
20 KB 89ms
19ms Image
video/mp4 23.52.164.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU3ODVkMGRmZjVkOWM5Y2JiYTJkMWQ5YjIyYmY1MjI0ZmExODI1NDZhNmVjMzFkZGUyY2Y0YWJlM2UzMTQ3YTYiLCJ3IjozMTgsImgiOjIyMiwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-164-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
cache-control: max-age=862274
last-modified: Wed, 02 Mar 2022 00:30:06 GMT
x-traceid: 5a32d6949e81b7a9d4d218a6770fa817
timing-allow-origin: *
content-length: 525319
content-type: video/mp4

GET
H2 200 eyJpdSI6ImRkZmU3ZjExMWYwNmJkOTlhYWY5MTE3NWYzOGFhOGU2ZTE3NTJiYTljZTgyZGNjN2MxYTAxZTRiNmJlMWMzM2EiLCJ3IjozMTgsImgiOjIyMiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 12 KB
12 KB 142ms
77ms Image
image/webp 23.52.164.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRkZmU3ZjExMWYwNmJkOTlhYWY5MTE3NWYzOGFhOGU2ZTE3NTJiYTljZTgyZGNjN2MxYTAxZTRiNmJlMWMzM2EiLCJ3IjozMTgsImgiOjIyMiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-164-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bb0e06abfac8ffb852f12675a0fbe753efe765b55106cd73f2edcc20e104c648

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
cache-control: max-age=2458477
last-modified: Tue, 01 Mar 2022 23:58:25 GMT
x-traceid: 716788625c7a1f35247b77947ada3eb4
timing-allow-origin: *
content-length: 12106
content-type: image/webp

GET
H2 200 eyJpdSI6ImIwM2FjZTYxOGE2NTgxMzcyZTk2Njk2ZDU1NmE1Mzc5ZDBlY2QxNWMzMmEyMjMyMzVkNDg4ZGZkMGY4MWI2NWQiLCJ3IjozMTgsImgiOjIyMiwiZCI6MS41LCJjaCI6MTY4Nzk2NzM0NCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 42 KB
42 KB 142ms
78ms Image
image/webp 23.52.164.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImIwM2FjZTYxOGE2NTgxMzcyZTk2Njk2ZDU1NmE1Mzc5ZDBlY2QxNWMzMmEyMjMyMzVkNDg4ZGZkMGY4MWI2NWQiLCJ3IjozMTgsImgiOjIyMiwiZCI6MS41LCJjaCI6MTY4Nzk2NzM0NCwiY3MiOjAsImYiOjR9.webp
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-164-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 381d7b221399f06a7afd5ed9de9f78bf3ba5f5349f6f2029a829465a0a699687

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
cache-control: max-age=2035871
last-modified: Mon, 14 Mar 2022 18:35:10 GMT
x-traceid: afef6265aaf397f406dd499d235c1b27
timing-allow-origin: *
content-length: 43188
content-type: image/webp

GET
H2 200 eyJpdSI6IjQyNTRkMTU5MzAxYzU3MmExZGQ4MGZlMTIxMWVmMjhhYWZlNDE1YTJhMzU3NDE4ZGY5NTExNWE3NjBhNWY5ZDkiLCJ3IjozMTgsImgiOjIyMiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 15 KB
15 KB 274ms
211ms Image
image/webp 23.52.164.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQyNTRkMTU5MzAxYzU3MmExZGQ4MGZlMTIxMWVmMjhhYWZlNDE1YTJhMzU3NDE4ZGY5NTExNWE3NjBhNWY5ZDkiLCJ3IjozMTgsImgiOjIyMiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-164-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 86f5527da11532f54ed2386689e69712c23f44ceb41de48c220e29a539f9c9a8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
cache-control: max-age=2462378
last-modified: Thu, 10 Mar 2022 21:19:01 GMT
x-traceid: 2f8c795dc6118e08018b42d138aaa00b
timing-allow-origin: *
content-length: 14918
content-type: image/webp

GET
H2 206 eyJpdSI6IjU3ODVkMGRmZjVkOWM5Y2JiYTJkMWQ5YjIyYmY1MjI0ZmExODI1NDZhNmVjMzFkZGUyY2Y0YWJlM2UzMTQ3YTYiLCJ3IjozMTgsImgiOjIyMiwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 513 KB
514 KB 119ms
58ms Media
video/mp4 23.52.164.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU3ODVkMGRmZjVkOWM5Y2JiYTJkMWQ5YjIyYmY1MjI0ZmExODI1NDZhNmVjMzFkZGUyY2Y0YWJlM2UzMTQ3YTYiLCJ3IjozMTgsImgiOjIyMiwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-164-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0b5c1a22229c45d900a85594f29bc0c7f8ec0476acbe33989e96b3f5c439ea02

Request headers

Referer: https://www.gmanetwork.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
last-modified: Wed, 02 Mar 2022 00:30:06 GMT
content-type: video/mp4
Content-Range: bytes 0-525318/525319
cache-control: max-age=862274
x-traceid: 5a32d6949e81b7a9d4d218a6770fa817
timing-allow-origin: *
Content-Length: 525319

GET
DATA 200
OK truncated
/ Frame 8FA6 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 206 5f212d9d5440c96fb49c4d53.mp4
cdn.vidcrunch.com/ Frame 8FA6 41 KB
42 KB 24ms
23ms Media
video/mp4 8.252.31.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/5f212d9d5440c96fb49c4d53.mp4?channelId=5f212d174b419e3bf16f66ad&cb=1647881820111
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.252.31.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19e55920f769b934706ec848f0357a84e3870f914845ab7240529f18572186e8

Request headers

Referer: https://www.gmanetwork.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=1114112-

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
last-modified: Thu, 10 Mar 2022 13:29:42 GMT
server: AmazonS3
age: 962779
etag: "892c855684d8f00b62c151ee5bb70f1a"
x-amz-id-2: CLztmZ5Rddkqel8gYK2qTEH/2MsmljWrsY5DUqMyN39YWgNT+6KdMbHWKRgWO1cUi1hdfHNkqh0=
content-type: video/mp4
Content-Range: bytes 1114112-1156511/1156512
cache-control: max-age=5184000
Content-Length: 42400
access-control-allow-origin: *
x-amz-request-id: E5NQRRCVZRN86JWV
x-cdn: Lumen
expires: Mon, 09 May 2022 13:30:50 GMT

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 8674 610 B
674 B 19ms
19ms Document
text/html 23.52.162.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1647766138.738535"
last-modified: Sun, 20 Mar 2022 08:17:50 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 355
cache-control: max-age=14400
expires: Mon, 21 Mar 2022 20:57:00 GMT
date: Mon, 21 Mar 2022 16:57:00 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2

200

px
p.adsymptotic.com/d/ Frame D8B3
Redirect Chain

https://idsync.rlcdn.com/420046.gif?partner_uid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
https://pippio.com/api/sync?pid=5324&it=1&iv=36ecb55f78834d6d45699ddaa9a1b71644f2881147359fb627946f4b6d418bfc791426b5417dce21&_=2
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d

43 B
131 B

45ms
45ms

Image
image/gif

104.18.98.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Server: 104.18.98.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ef8396608d3a204-YYZ
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

date: Mon, 21 Mar 2022 16:57:01 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1 400
Bad Request 29859
tags.bluekai.com/site/ Frame D8B3 0
225 B 152ms
99ms Image
text/plain 184.85.195.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29859?id=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.85.195.135 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-85-195-135.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://b1sync.zemanta.com/usersync/outbrain/?puid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&gdpr=0&gdpr_consent=&us_privacy=1---
https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&s=2&us_privacy=1---
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=yxLnveYjmqCfUD7JKYJ8&gdpr=0&us_privacy=1---

0
292 B

23ms
23ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=zemanta&uid=yxLnveYjmqCfUD7JKYJ8&gdpr=0&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: a7fa0a2da75a51e1700d035c514318d2
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:01 GMT
P3p: CP="We do not support P3P header."
Location: https://sync.outbrain.com/cookie-sync?p=zemanta&uid=yxLnveYjmqCfUD7JKYJ8&gdpr=0&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 130
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dappnexus%26uid%3D%24UID%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=8459286220222525158&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh

0
291 B

21ms
21ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=8459286220222525158&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: 49753fb2928bc26ede790df6a10d1ecb
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:01 GMT
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 77ca19a4-6128-4bd3-8ac3-d54fb708e070
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=8459286220222525158&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame D8B3
Redirect Chain

https://dpm.demdex.net/ibs:dpid=133726&dpuuid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&gdpr=0&gdpr_pd=1&gdpr_consent=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&gdpr=0&gdpr_pd=1&gdpr_consent=

42 B
945 B

80ms
79ms

Image
image/gif

44.239.164.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&gdpr=0&gdpr_pd=1&gdpr_consent=

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html

Protocol

HTTP/1.1

Server

44.239.164.41 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-164-41.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v027-0fe95f6b3.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: xbqjF+ISSsQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-usw2-1-v027-0fe95f6b3.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: NJ4t6fGuTJ0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&gdpr=0&gdpr_pd=1&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 set
sync-jp.im-apps.net/imid/ Frame D8B3 43 B
203 B 778ms
248ms Image
image/gif 52.193.171.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.171.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-171-41.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
cache-control: no-cache
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
content-length: 43
expires: Mon, 21 Mar 2022 16:57:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent=
https://sync.outbrain.com/cookie-sync?p=ttd&uid=735904f1-e50d-418d-88c3-0192d4f4b2df

0
306 B

90ms
21ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=ttd&uid=735904f1-e50d-418d-88c3-0192d4f4b2df
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: 87ce201033b445bb8b6b8f45719cc0f5
Content-Length: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.outbrain.com/cookie-sync?p=ttd&uid=735904f1-e50d-418d-88c3-0192d4f4b2df
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame D8B3 0
338 B 108ms
17ms Image
text/plain 44.196.16.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.16.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-16-107.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1647881821
x-served-by: beacon-n009-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK g.pixel
aa.agkn.com/adscores/ Frame D8B3 43 B
684 B 178ms
34ms Image
image/gif 156.154.200.36
NEUSTAR-AS6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.154.200.36 , United States, ASN19907 (NEUSTAR-AS6, US),
Reverse DNS
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:01 GMT
Server: AAWebServer
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Type: image/gif
Access-Control-Allow-Headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
Content-Length: 43
Expires: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=5e4b1df9-dd0b-49fb-b08e-36acc939ddbf

0
308 B

45ms
20ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=5e4b1df9-dd0b-49fb-b08e-36acc939ddbf
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: 8eea4520cdc2293560bbb3710fbdcdc3
Content-Length: 0

Redirect headers

location: //sync.outbrain.com/cookie-sync?p=mediaforce&uid=5e4b1df9-dd0b-49fb-b08e-36acc939ddbf
date: Mon, 21 Mar 2022 16:57:01 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://x.bidswitch.net/sync?ssp=outbrain&user_id=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=outbrain&bsw_custom_parameter=7e002fc4-96ab-4ac8-8032-4369055275d8
https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=30d79969-8f10-4749-8c4e-a7f6a560917b&ssp=outbrain&bsw_param=7e002fc4-96ab-4ac8-8032-4369055275d8
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=7e002fc4-96ab-4ac8-8032-4369055275d8&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

0
309 B

22ms
21ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=7e002fc4-96ab-4ac8-8032-4369055275d8&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: 4978cdd00e37538ec67e02479441a635
Content-Length: 0

Redirect headers

Location: //sync.outbrain.com/cookie-sync?p=bidswitch&uid=7e002fc4-96ab-4ac8-8032-4369055275d8&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame D8B3 43 B
363 B 106ms
17ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%26uid%3D%40%40CRITEO_USERID%40%40

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:01 GMT
server: Kestrel
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 678924
content-type: image/gif
expires: Mon, 21 Mar 2022 00:00:00 GMT

GET
H/1.1

200
OK

bswsync
crb.kargo.com/api/v1/ Frame D8B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEE-1faDMrMqaJvSyct_Hdpk&google_cver=1
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=CAESEE-1faDMrMqaJvSyct_Hdpk&dsp_id=16&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

43 B
504 B

124ms
25ms

Image
image/gif

3.233.122.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=CAESEE-1faDMrMqaJvSyct_Hdpk&dsp_id=16&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 3.233.122.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-122-14.compute-1.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:01 GMT
Vary: Origin
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 43
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: //crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=CAESEE-1faDMrMqaJvSyct_Hdpk&dsp_id=16&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=25
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7077598528877426828

0
294 B

24ms
21ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7077598528877426828
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: 9416965af9684df5ccd6e1253eb6a5a2
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7077598528877426828
Date: Mon, 21 Mar 2022 16:57:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame D8B3 70 B
440 B 27ms
25ms Image
image/gif 34.231.251.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=1mpn7m0&uid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-251-31.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
id.geistm.com/m/OB/ Frame D8B3 0
157 B 110ms
24ms Image
text/plain 3.222.216.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.geistm.com/m/OB/UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.216.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-216-235.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
x-powered-by: Express

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://creativecdn.com/cm-notify?pi=outbrain
https://creativecdn.com/cm-notify?pi=outbrain&tc=1
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=3ItynYCuKS2fmBKIlmlC&pi=outbrain&tc=1

0
292 B

22ms
21ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=3ItynYCuKS2fmBKIlmlC&pi=outbrain&tc=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: 2da5c07bea288fbfd54c03c09571140f
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=3ItynYCuKS2fmBKIlmlC&pi=outbrain&tc=1
pragma: no-cache
date: Mon, 21 Mar 2022 16:57:01 GMT, Mon, 21 Mar 2022 16:57:01 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L10YAF0G-1Z-F0UL

0
287 B

21ms
20ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L10YAF0G-1Z-F0UL
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: 1de1dfcdf822ca6ce6ee1b71c8827ffb
Content-Length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L10YAF0G-1Z-F0UL
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 20e8391fc78a9019eb67dba4b22f0ac2
Expires: 0

GET
H/1.1 200
OK cookiesyncredir
bttrack.com/Pixel/ Frame D8B3 35 B
573 B 98ms
25ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/Pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbidtellect%26uid%3D%7Bglobalid%7D%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ServerName: Track002-iad
Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:00 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2 403 tpid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame D8B3 49 B
268 B 25ms
24ms Image
image/gif 107.20.181.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.181.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-181-84.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.47.89
content-type: image/gif
content-length: 49
expires: 0

GET
H3

200

396846.gif
idsync.rlcdn.com/ Frame D8B3
Redirect Chain

https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
https://idsync.rlcdn.com/397416.gif?partner_uid=2ed87245b9b3dfa3fc2a2dbfbf275d45
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=7ad0c045-5f9a-4f7d-92c2-bd44440666cc

42 B
60 B

47ms
46ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=7ad0c045-5f9a-4f7d-92c2-bd44440666cc
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:57:01 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Mon, 21 Mar 2022 16:57:01 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=7ad0c045-5f9a-4f7d-92c2-bd44440666cc
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBz...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipj...
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YjiuXXCUXecuuj-3Gj32GgAAABEAAAAB&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh

0
307 B

22ms
21ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YjiuXXCUXecuuj-3Gj32GgAAABEAAAAB&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: 27cbdcfe9e84bfacf4e32850c8c2aa07
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YjiuXXCUXecuuj-3Gj32GgAAABEAAAAB&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 348
Expires: Mon, 21 Mar 2022 16:57:01 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhY...
https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhY...
https://sync.outbrain.com/cookie-sync?p=spotx&uid=ed6c4ecd-a937-11ec-8e58-17530a7d0503&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh

0
308 B

30ms
24ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=spotx&uid=ed6c4ecd-a937-11ec-8e58-17530a7d0503&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: b9e072d0f9433d3c0227ce0c8b813f81
Content-Length: 0

Redirect headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Server: nginx
Location: https://sync.outbrain.com/cookie-sync?p=spotx&uid=ed6c4ecd-a937-11ec-8e58-17530a7d0503&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 144
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D8B3
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=PM_CONSENT
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8459286220222525158&gdpr=0&gdpr_consent=PM_CONSENT

42 B
407 B

24ms
24ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8459286220222525158&gdpr=0&gdpr_consent=PM_CONSENT
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 07:45:30 GMT
cache-control: no-store, no-cache, private
x-lat: va2pug004:0:481
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:01 GMT
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: c0a0e75d-4f7f-45d0-a4bb-d4ec83d1572b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8459286220222525158&gdpr=0&gdpr_consent=PM_CONSENT
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuU...
https://sync.outbrain.com/cookie-sync?p=openx&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=9f079624-ed33-44e1-aed4-6f1ac526c03f

0
308 B

22ms
20ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=openx&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=9f079624-ed33-44e1-aed4-6f1ac526c03f
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: 822aa58c65013e0c47c6ac3c197d2611
Content-Length: 0

Redirect headers

date: Mon, 21 Mar 2022 16:57:01 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync.outbrain.com/cookie-sync?p=openx&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=9f079624-ed33-44e1-aed4-6f1ac526c03f
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UPed77f61d-a937-11ec-89a1-0e8c2194d7f9
https://sync.outbrain.com/cookie-sync?p=oath&uid=UPed77f61d-a937-11ec-89a1-0e8c2194d7f9

0
309 B

23ms
22ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=oath&uid=UPed77f61d-a937-11ec-89a1-0e8c2194d7f9
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: feed5e8678b42dfad531acf074171608
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=oath&uid=UPed77f61d-a937-11ec-89a1-0e8c2194d7f9
date: Mon, 21 Mar 2022 16:57:01 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

302
Found

getuid
ib.adnxs.com/ Frame D8B3
Redirect Chain

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%0A
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ...

0
820 B

92ms
53ms

Image
text/html

68.67.179.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%0A&b64_redirect=aHR0cHM6Ly9zeW5jLm91dGJyYWluLmNvbS9jb29raWUtc3luYz9wPWVteCZ1aWQ9JEVNWFVJRCZvYlVpZD1VTlFGdkxjSjNwYmZtc1NtbU1nQmxvZDBnX29SVWFVdmFROFpaLWdraFlCem9tVzN0MGlwanlrYnVVWnhtOGZoCg==

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html

Protocol

HTTP/1.1

Server

68.67.179.153 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:01 GMT
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: e6824541-5f9d-4a6b-9b8e-3508df1aad87
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%0A&b64_redirect=aHR0cHM6Ly9zeW5jLm91dGJyYWluLmNvbS9jb29raWUtc3luYz9wPWVteCZ1aWQ9JEVNWFVJRCZvYlVpZD1VTlFGdkxjSjNwYmZtc1NtbU1nQmxvZDBnX29SVWFVdmFROFpaLWdraFlCem9tVzN0MGlwanlrYnVVWnhtOGZoCg==
date: Mon, 21 Mar 2022 16:57:00 GMT
content-length: 0
content-type: text/html

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ...
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=e2e42166-effd-4d09-8b05-6fd62b8fb307&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh

0
318 B

24ms
22ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=e2e42166-effd-4d09-8b05-6fd62b8fb307&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: 9ee4269fadbfe4252dfb3cd1b7d1218d
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=e2e42166-effd-4d09-8b05-6fd62b8fb307&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
date: Mon, 21 Mar 2022 16:57:01 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%24%7BUSER%7D%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW...
https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&zcc=1&cb=1647881821468
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2449783454
https://sync.1rx.io/usersync/tradedesk/735904f1-e50d-418d-88c3-0192d4f4b2df
https://sync.targeting.unrulymedia.com/csync/RX-2319feac-c3e8-4f3e-bebe-bd60cfd9bc21-005?redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3DRX-2319feac-c3e8-4f3e-bebe-bd60cfd9...
https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-2319feac-c3e8-4f3e-bebe-bd60cfd9bc21-005&obUid=$D

0
145 B

22ms
21ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-2319feac-c3e8-4f3e-bebe-bd60cfd9bc21-005&obUid=$D
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: 560c27f76e4e13c4721ec2b8bd28448d
Content-Length: 0

Redirect headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Server: Tengine
ETag: RX2319feacc3e84f3ebebebd60cfd9bc21005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-2319feac-c3e8-4f3e-bebe-bd60cfd9bc21-005&obUid=$D
Connection: keep-alive
Content-Type: text/html

GET
H2 204 /
s.ad.smaato.net/c/ Frame D8B3 0
241 B 72ms
18ms Image
text/plain 2600:9000:2209:a800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:a800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
via: 1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: f5y3PBFFP-nEcIjbFFTw_dOL_AczpCHrfQ2cFn6wsOKDqG6m4yDrFQ==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DUNQFvLcJ3pbfms...
https://sync.outbrain.com/cookie-sync?p=smart&uid=3390273293420345663&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING

0
291 B

26ms
21ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=smart&uid=3390273293420345663&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: db18a7c07680351f203a85741333496e
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=smart&uid=3390273293420345663&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
date: Mon, 21 Mar 2022 16:57:01 GMT
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&redir=true
https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-bzpvM51E2uEI6QZL.mUmAhNlA_Ar6Cv3ZLi4pyo-~A&gdpr=0&gdpr_consent=

0
323 B

21ms
20ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-bzpvM51E2uEI6QZL.mUmAhNlA_Ar6Cv3ZLi4pyo-~A&gdpr=0&gdpr_consent=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: f66b89b5828958e97513242bf16c4fa5
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-bzpvM51E2uEI6QZL.mUmAhNlA_Ar6Cv3ZLi4pyo-~A&gdpr=0&gdpr_consent=
date: Mon, 21 Mar 2022 16:57:01 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 c.gif
c.bing.com/ Frame D8B3 42 B
668 B 80ms
33ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?red3=MSOB_pd&uid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:01 GMT
etag: "84ab6ebff3ad81:0"
last-modified: Fri, 18 Mar 2022 19:39:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7FADB6EF8B784FD1B58CC3963E2A4364 Ref B: YTO01EDGE0708 Ref C: 2022-03-21T16:57:01Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzom...
https://sync.outbrain.com/cookie-sync?p=synacor&uid=73C70720B17E414EBA9A6CCF2B5B3126&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh

0
306 B

34ms
32ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=synacor&uid=73C70720B17E414EBA9A6CCF2B5B3126&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: f7347fb396de35206ee2ae1dbc46c1d1
Content-Length: 0

Redirect headers

date: Mon, 21 Mar 2022 16:57:01 GMT
via: 1.1 varnish
server: nginx
age: 0
location: https://sync.outbrain.com/cookie-sync?p=synacor&uid=73C70720B17E414EBA9A6CCF2B5B3126&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: text/plain
access-control-allow-origin: https://widgets.outbrain.com/
access-control-allow-credentials: true
x-varnish: 643037664
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%26uid%3D%7BUSER_I...
https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=a9122b11-185f-4512-bdc8-c77fbd651c1e

0
145 B

19ms
18ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=a9122b11-185f-4512-bdc8-c77fbd651c1e
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: 14b797c5b26c481423f6d05ef0026e79
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=a9122b11-185f-4512-bdc8-c77fbd651c1e
date: Mon, 21 Mar 2022 16:57:01 GMT
content-length: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/html; charset=utf-8

GET
H2 200 sync-iframe
cs-server-s2s.yellowblue.io/ Frame D8B3 0
0 85ms
25ms Image
text/html 3.228.240.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Drise%26uid%3D%5BpartnerId%5D%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.240.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-240-60.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame D8B3
Redirect Chain

https://id.rlcdn.com/711945.gif?cparams=obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh

0
145 B

26ms
19ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: c5ddacacf912fefb7c93f85acccd5066
Content-Length: 0

Redirect headers

date: Mon, 21 Mar 2022 16:57:01 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159753/4709/1/ Frame 3E48 254 KB
79 KB 83ms
16ms Script
text/javascript 23.52.161.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159753/4709/1/pwt.js
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-161-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c56fe8e86248dab9f5bd11df391c35cf45ac349aadd3b2a1df79091f4c103e90

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 11:25:08 GMT
server: Apache/2.2.15 (CentOS)
etag: "1521081-3f9b9-5c544ed0518c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=70742
accept-ranges: bytes
content-type: text/javascript
content-length: 80621
expires: Tue, 22 Mar 2022 12:36:03 GMT

GET
H2 200 ProfilesEngineServlet Show response
api.intentiq.com/profiles_engine/ 15 B
827 B 93ms
19ms XHR
text/html 52.85.61.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=755298539&pt=17&dpn=1&fbp=2503514546
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-53.ewr53.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 30adcceef958c38a02a02125fb5794f73e88cd388a62ac554c5d406cab2dd431

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
via: 1.1 6f9ef5ae165c9835aa6935d9fb7e2072.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
pragma: no-cache
server: Apache-Coyote/1.1
access-control-max-age: 3600
access-control-allow-methods: POST, GET
content-type: text/html
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id: 3Nd8XP8dtChlTKHBfXSzA4n2OANtlKQFm5-bGiVEW8z8lSzm78YYUA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 13A6
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D56%26pid%3D5b59760c073ef46a2e6b8f13%26key%...
https://sync.aniview.com/cookiesyncendpoint?auid=1647881820919-953919478774-005576-007-004715&biddername=56&pid=5b59760c073ef46a2e6b8f13&key=5728f9d2-ac1a-4fc8-9df7-5885e20740dc

0
238 B

24ms
23ms

Document
text/plain

18.208.85.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1647881820919-953919478774-005576-007-004715&biddername=56&pid=5b59760c073ef46a2e6b8f13&key=5728f9d2-ac1a-4fc8-9df7-5885e20740dc
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.85.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-85-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
content-length: 0

Redirect headers

location: https://sync.aniview.com/cookiesyncendpoint?auid=1647881820919-953919478774-005576-007-004715&biddername=56&pid=5b59760c073ef46a2e6b8f13&key=5728f9d2-ac1a-4fc8-9df7-5885e20740dc
content-length: 0
date: Mon, 21 Mar 2022 16:57:01 GMT
server: _

GET
H/1.1 204
No Content rmpssp
sync.1rx.io/usersync2/ Frame 8DC1 0
0 109ms
24ms Document
text/plain 199.127.204.142
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.1rx.io/usersync2/rmpssp?sub=Vidcrunch&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D200%26key%3D%5BRX_UUID%5D
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

Server: Tengine
Date: Mon, 21 Mar 2022 16:57:01 GMT
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame A715
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D22%26key%3D%7BPUB_USE...
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D22%26key%3D%7BP...
https://sync.aniview.com/cookiesyncendpoint?auid=1647881820919-953919478774-005576-007-004715&biddername=22&key=e2e42166-effd-4d09-8b05-6fd62b8fb307

0
239 B

96ms
24ms

Document
text/plain

18.208.85.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1647881820919-953919478774-005576-007-004715&biddername=22&key=e2e42166-effd-4d09-8b05-6fd62b8fb307
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.85.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-85-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
content-length: 0

Redirect headers

date: Mon, 21 Mar 2022 16:57:01 GMT
content-type: text/plain
content-length: 0
location: https://sync.aniview.com/cookiesyncendpoint?auid=1647881820919-953919478774-005576-007-004715&biddername=22&key=e2e42166-effd-4d09-8b05-6fd62b8fb307
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5267 15 KB
6 KB 66ms
15ms Document
text/html 23.52.161.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D1%26key%3D
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-161-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=32083
expires: Tue, 22 Mar 2022 01:51:44 GMT
date: Mon, 21 Mar 2022 16:57:01 GMT
vary: Accept-Encoding

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 1CE3
Redirect Chain

https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D18%26k...
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D18%26k...
https://sync.aniview.com/cookiesyncendpoint?auid=1647881820919-953919478774-005576-007-004715&biddername=18&key=82cc8b8c4d980fb73445e855

0
222 B

50ms
24ms

Document
text/plain

18.208.85.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1647881820919-953919478774-005576-007-004715&biddername=18&key=82cc8b8c4d980fb73445e855
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.85.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-85-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
content-length: 0

Redirect headers

Connection: close
Date: Mon, 21 Mar 2022 16:57:01 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1647881820919-953919478774-005576-007-004715&biddername=18&key=82cc8b8c4d980fb73445e855
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap5ewr1

GET
H/1.1 200
OK avpb4.js Show response
player.vidcrunch.com/script/6.1/ Frame 3E48 352 KB
106 KB 21ms
21ms Script
application/javascript 2600:1400:c000::172b:3a8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vidcrunch.com/script/6.1/avpb4.js
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:c000::172b:3a8a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 854a441c2debc6a2b76c243d59d6b5b5de2271eeb3c504bb51cb2f05a6736f16

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:00 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdus9hrDJl7bGIGerhVggxOltQ7mD5zsQ9WUC5vq6uKHSnk9v4CYf81MZ_OZjGSRHBaxfrc2rufsui3W1fTY0GU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 108168
Last-Modified: Tue, 15 Mar 2022 06:30:29 GMT
Server: UploadServer
ETag: "3cef7c5304a6ef97d74168fb793b7c3c"
Vary: Accept-Encoding
x-goog-hash: crc32c=hNbHAQ==, md5=PO98UwSm75fXQWj7eTt8PA==
Content-Language: en
Access-Control-Allow-Origin: *
x-goog-generation: 1647325829409155
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=300
x-goog-stored-content-length: 108168
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Mon, 21 Mar 2022 17:02:00 GMT

GET
H/1.1 200
OK avpb4a0.js Show response
player.vidcrunch.com/script/6.1/ Frame 3E48 75 KB
23 KB 88ms
41ms Script
application/javascript 2600:1400:c000::172b:3a8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vidcrunch.com/script/6.1/avpb4a0.js
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:c000::172b:3a8a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: fd9570efb472ca676cabea9a7e5807abbedf38852026d168b8f6a0bb265771ef

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdvUHRqLAVnQgqJRGMSiwtgHaosTZfPGJWCQSeUqpuZl2loguVgLQHuFFSv4oD5g7rpk8evyHJEPdVAlybtRl4s
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 22439
Last-Modified: Tue, 15 Mar 2022 06:30:33 GMT
Server: UploadServer
ETag: "e64f324b75f3a80754f10514237bd872"
Vary: Accept-Encoding
x-goog-hash: crc32c=aM7ZQA==, md5=5k8yS3XzqAdU8QUUI3vYcg==
Content-Language: en
Access-Control-Allow-Origin: *
x-goog-generation: 1647325833271318
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=300
x-goog-stored-content-length: 22439
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Mon, 21 Mar 2022 17:02:01 GMT

GET
H/1.1 200
OK avpb4a2.js Show response
player.vidcrunch.com/script/6.1/ Frame 3E48 68 KB
22 KB 66ms
19ms Script
application/javascript 2600:1400:c000::172b:3a8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vidcrunch.com/script/6.1/avpb4a2.js
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:c000::172b:3a8a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 5f1d9ebe7be7be612f7ae237a0542f6be6dbd4a56f0ccebefbdf4287a949faa3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdvrnP_YTYmkQLu4n151kHsNi1MIwh_H8qS_YJY2iz8hMn34x9lq242d00HRk6o4WJKzJ6YHJtEJt8_-vkRONI1V-r8Jfg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 21863
Last-Modified: Tue, 15 Mar 2022 06:30:41 GMT
Server: UploadServer
ETag: "80784077ce9dffbee43626a9fe1e0ca5"
Vary: Accept-Encoding
x-goog-hash: crc32c=21nalg==, md5=gHhAd86d/77kNiap/h4MpQ==
Content-Language: en
Access-Control-Allow-Origin: *
x-goog-generation: 1647325841034165
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=300
x-goog-stored-content-length: 21863
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Mon, 21 Mar 2022 17:02:01 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 26ms
25ms Image
text/plain 34.206.162.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=33840&t=1647881820&cip=149.56.153.178&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647881820919-953919478774-005576-007-004715&cha=0.7&stagid=&stplid=&d35=&d36=6.2.10&cb=78735694899&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250&&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=request&cb=1647881820976&asid=617a4eb2cb2c5300c52fe8c3%2C60c9af0fd5b7d53516584abd%2C619e234c1859e5764139cfc7%2C61b306832a905336af1b6a4a%2C60f1355d86bbbf27bc755e24%2C61e8138f6988204b2f59bad4%2C60c5a06b11731011741c82a1%2C61f12d904c844c5c31329637%2C5eeb6e73b1cd041277302207%2C6006a7a93daa6c44f97e05c9%2C60c9bd699498f81096551f59%2C6006a79aba887464ff3c1ecc&ofpr=0.8%2C%2C%2C%2C%2C0.8%2C%2C%2C1%2C1.6%2C1.2%2C1.6&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.162.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-162-204.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
236 B 101ms
35ms XHR
text/plain 18.210.129.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=413b6839656078f3b2fb0daeedb6a046_1723163184&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1647881820919-953919478774-005576-007-004715&AV_DNTCHECK=1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&AV_PUBLISHERID=5eea0864e08b0760d33128ae&AV_CHANNELID=5f212d174b419e3bf16f66ad&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gmanetwork.com&AV_DADPOS=1&AV_PLACEMENT=1&d36=6.2.10&responsive=1&sver=2&avtoken=820793&AV_WIDTH=300&AV_HEIGHT=250&AV_DNT=0&cb=7881820974&tgt=0&&AV_VI=100&AV_VID=0&d4=1&d5=0
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.129.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-129-82.compute-1.amazonaws.com
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 10 Mar 2022 03:10:21 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-KDIqFj9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-3Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=Sqht8Mx%3BIB&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&id=1&ii=4&f=0&j=&t=1647881819979&de=881364681777&cu=1647881819979&m=1120&ar=359f21c1e97-clean&iw=a1dda84&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5201&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1106%3A1106%3A0%3A993&as=1&ag=1113&an=3&gi=1&gf=1113&gg=3&ix=1113&ic=1113&ez=1&ck=1113&kw=885&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1113&bx=3&ci=1113&jz=885&dj=1&aa=1&ad=1014&cn=0&gn=1&gk=1014&gl=0&ik=1014&co=1014&cp=885&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=885&cd=6&ah=885&am=6&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=88868795%3A2921963009%3A5852356465%3A138374677129&bo=343684595&bd=21798732940&gw=gmanmidfpdisplay183413089896&zMoatOrigSlicer1=343684595&zMoatOrigSlicer2=21798732940&zMoatPT=Celebrity_Life_Article_Page&zMoatSZ=970x250&zMoatPS=ENT_Celeblife_Desktop_Leaderboard1_1&zMoatSite=GMA_Entertainment&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&iq=na&tt=na&tu=&tp=&tc=0&fs=197273&na=1124323124&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 16:57:01 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5267 2 KB
3 KB 59ms
19ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97004749&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: be1c3ab190926d545283e48db8a270e1e2423876e0a58469dcdeef411f1c544c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:56:59 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 106ms
28ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
content-length: 0
server: ATS/9.1.0.33
access-control-allow-origin: https://www.gmanetwork.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205427/0/ 0
174 B 78ms
27ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205427/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Mon, 21 Mar 2022 16:57:01 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
236 B 85ms
31ms XHR
text/plain 52.45.17.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-17-150.compute-1.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Mon, 21 Mar 2022 16:57:01 GMT
access-control-allow-credentials: true
server: SOMA
x-smt-sessionid: 1089bb41-a22f-4a40-a4ca-cee2c0d8774d
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
334 B 181ms
116ms XHR
application/json 104.94.205.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=733458&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22594cc75c18242a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2267ffdf5a71c352%22%2C%22ext%22%3A%7B%22siteID%22%3A%22733458%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B300%2C250%5D%5D%2C%22w%22%3A300%2C%22h%22%3A250%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A0.8%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22vidcrunch.com%22%2C%22sid%22%3A%225eea0864e08b0760d33128ae%22%7D%5D%2C%22ver%22%3A%221.0%22%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-205-31.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 76f99ffa99d7b07f01f3f35bee3f97fca5fc6f925ca825d7c41b77117b174369

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:01 GMT
x-ak-initial-geo: CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.178], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.gmanetwork.com
x-cs-client-geo: 19
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 19
expires: Mon, 21 Mar 2022 16:57:01 GMT

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
448 B 183ms
129ms XHR
text/plain 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
x-openrtb-version: 2.5
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Mon, 21 Mar 2022 16:57:01 GMT
access-control-allow-credentials: true
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 820 B
2 KB 122ms
61ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2210c918f5d31c573%22%3A%22eb3f4d8692b65578db80%7C%7Cf%3D1%22%7D&ref=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&s=682aa34a-0257-4200-aa38-1950ab103b30&pv=506e999d-749f-4ec8-bc62-5907de3b857a&vp=mobile&lib_name=prebid&lib_v=6.11.0&us=5&ius=1&schain=%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22vidcrunch.com%22%2C%22sid%22%3A%225eea0864e08b0760d33128ae%22%7D%5D%2C%22ver%22%3A%221.0%22%2C%22complete%22%3A1%7D&coppa=0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

a7195ebc84d2834ffb2ee85a0a8338c9e12c71071eb3c4bf60a38299028b24a2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:01 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-60
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-type: application/json
content-length: 474
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205428/0/ 0
174 B 105ms
65ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Mon, 21 Mar 2022 16:57:01 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 120_90_main_-20220317152612.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
3 KB 20ms
18ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220317152612.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1602e38939fe4063f118d10a71114a3c2af0bb98c806f099b1c65b68f43b6e6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Thu, 17 Mar 2022 07:26:14 GMT
server: AmazonS3
age: 17151
etag: "96f4ee1dc3559385423011094edb1d58"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Mon, 21 Mar 2022 12:11:11 GMT
x-amz-cf-pop: EWR52-C4
content-length: 2962
x-amz-cf-id: sTbZA7uojhTW4eRwWwthYQkEf5UU_jtDJcV8RMUzN4EnqcWlCmfmlQ==

GET
H2 200 120_90_main_-20220318172202.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 4 KB
4 KB 20ms
16ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220318172202.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d1858aa4dc092adb62881cdd8b096ad7fcb87f5eb894d2224e712f1be02692e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 09:22:16 GMT
server: AmazonS3
age: 66021
etag: "6e33f7af85b59d129d86cbcb4664990e"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Sun, 20 Mar 2022 22:36:41 GMT
x-amz-cf-pop: EWR52-C4
content-length: 3698
x-amz-cf-id: TC7aEHuQL6W1R40qoDjHW3HeROUBeckurJS2L3jKkI80wcUbpxppDg==

GET
H2 200 120_90_main_-20220318162345.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
4 KB 23ms
18ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220318162345.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f85c837f2396129897f6f2ccdf2e7c726c49cd108b312ff8dc92be23aaa6c09

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 07:06:57 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 08:23:47 GMT
server: AmazonS3
age: 35404
etag: "30629ca5842358cf3845f14f067ab904"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3566
x-amz-cf-id: UFjcoFnqqNeIJwG5KwJpqBjBXz5i3DJ73NXmPM6NxsgfkoEWYRh1Uw==

GET
H2 200 120_90_main_-20220321184912.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
4 KB 25ms
20ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220321184912.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a7e8835c3e4eb9bc250602015331fc3ccf60a25f0753e928de1fdddedcabe9e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 10:56:28 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 10:49:26 GMT
server: AmazonS3
age: 21634
etag: "289a7f86b69574d66a5e83d2819aea63"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3237
x-amz-cf-id: QdpYujdmSHiIyASpENAmiDcmJJVTzjNP6VgAOY3wHnArJ9icELoEDw==

GET
H2 200 120_90_main_-20220321175616.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
4 KB 24ms
19ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220321175616.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d48d335361c7e5e7da891e6c53ca54a667c0efe39f95d4de2e735a4ca5d13eea

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 10:00:56 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 09:56:31 GMT
server: AmazonS3
age: 24966
etag: "e9bb50bef51f09ba6ac7e5ad2e98d6ae"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3403
x-amz-cf-id: CtxQ2LkK42dFQilZHXh9ZRv2bUobe8SU8Lx8XfVxHt-UcFutGROFrQ==

GET
H2 200 120_90_main_-20220321155120.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 4 KB
4 KB 25ms
21ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220321155120.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e720eb5099252b19bc76cbb21babfc9552a8bf89382c4198a708b495d5e10674

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 07:58:03 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 07:51:22 GMT
server: AmazonS3
age: 32339
etag: "b7c47a3ee80e5c7d801d7e4b6b5c6c40"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3676
x-amz-cf-id: Fcvr6M8ZJtnNqHNsPLb4O3hbMzYHXufXE_9eWv3rp-CSdVESJDlPaQ==

GET
H2 200 120_90_March-18_-20220318183323.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 3 KB
3 KB 24ms
21ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_March-18_-20220318183323.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8cec626787aa156963551b0ba64e42f743f668b5d804da96f5f1023323b826ed

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 10:33:25 GMT
server: AmazonS3
age: 48994
etag: "1d9d653dd56f75dc22676d2261b9194b"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Mon, 21 Mar 2022 03:20:28 GMT
x-amz-cf-pop: EWR52-C4
content-length: 3115
x-amz-cf-id: UZTGryUGLh2RrVfyB5xcEH_C26O8PxoS4YiyuWnqXjOx9lMS8qEipQ==

GET
H2 200 120_90_FULL-CMS_-20220318194741.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 3 KB
4 KB 25ms
22ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_FULL-CMS_-20220318194741.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52994d98fffdda7e5e42541e392120e68b13d35bf9f1e250a5d81c222ccfddff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 11:47:43 GMT
server: AmazonS3
age: 10455
etag: "4bcfbbd8e9b68bb2372b2ae544d1badc"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Mon, 21 Mar 2022 14:02:47 GMT
x-amz-cf-pop: EWR52-C4
content-length: 3284
x-amz-cf-id: W23uCpcG6oSfOFbv4yWzPlleXmIq6l7RcByLg-qAXGEKeMTjbVU7HA==

GET
H2 200 160_90_BV_PRIMA2_031822_FULL_-20220318223346.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 4 KB
4 KB 25ms
22ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/160_90_BV_PRIMA2_031822_FULL_-20220318223346.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dee4edb32836be3b8d85f03ceb6c798b6ef8d2b375f43f470793795c7c0da23e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 14:33:48 GMT
server: AmazonS3
age: 27006
etag: "1b130679d76b3d8e5aa2e1033f235511"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Mon, 21 Mar 2022 09:26:56 GMT
x-amz-cf-pop: EWR52-C4
content-length: 3999
x-amz-cf-id: jYl6HxC7hv4k5G7mPTlTb5tU8vOaZL6V28LDfY1wZRT7GXG9mMbWRA==

GET
H2 200 120_90_PRESID_1-1_-20220321191417.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 2 KB
3 KB 24ms
21ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_PRESID_1-1_-20220321191417.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c10a991892672674ea382b3d77b4f86b77e27584aaaa5688c0dcae5ab167494

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 12:11:08 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 11:14:19 GMT
server: AmazonS3
age: 17154
etag: "c32da10e87b926d12ef01b3c00df5074"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 2303
x-amz-cf-id: VxNgx8VSp6VUGht0hz_KKM1OzgDX8WjHG2TfmGRXyasHm85DwFE06g==

GET
H2 200 120_90_CMS_-20220321182034.png
aphrodite.gmanetwork.com/entertainment/videos/images/ 26 KB
26 KB 31ms
29ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_CMS_-20220321182034.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf3553c5dcf34e4f0155cd05c476ffff193c91dd515c3c58ddb524302e344fc6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:05:28 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 10:20:36 GMT
server: AmazonS3
age: 21094
etag: "b7a8411dbcaf2dbfb1a98a4976792829"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 26602
x-amz-cf-id: wXcakpZ4e_R5eTLOrc3Kpf_Xbn1VP9liTAOBSit0owLDZWWyRTsOlA==

GET
H2 200 120_90_family-feud-teaser_cms_-20220321140710.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 4 KB
4 KB 31ms
30ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_family-feud-teaser_cms_-20220321140710.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 351e1c43ada4933f0ce798e36dcd083b67c4e94381ec95a7cd58e9152ca009da

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 06:15:33 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 06:07:12 GMT
server: AmazonS3
age: 38489
etag: "b85eca7d493f892d737ab1daec9b6321"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3661
x-amz-cf-id: K_NWhzJs9qNiJswVo1NrMaoW9lYUFZHEXhZZtWrBX_YRNkiNvlUS6Q==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8FA6 42 B
64 B 42ms
41ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn282OXhLLGw_l3IcGwKxukOzTkmKS4PI2bgAC2iTYKFF-2kJdCVh5ud6htWWV4MpJgIIY_7Xg0fdHKkLyEekgOJNFGeTLLQnnWumXJ4XW7zBgAd60&sig=Cg0ArKJSzF8QU7KBUzq0EAE&id=lidar2&mcvt=1035&p=350,1059,600,1359&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=915958108&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647881818781&rpt=1372&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-KDIqFj9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-3Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=Sqht8Mx%3BIB&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&id=1&ii=4&f=0&j=&t=1647881819979&de=881364681777&cu=1647881819979&m=1124&ar=359f21c1e97-clean&iw=a1dda84&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5201&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1106%3A1106%3A0%3A993&as=1&ag=1113&an=1113&gi=1&gf=1113&gg=1113&ix=1113&ic=1113&ez=1&ck=1113&kw=885&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1113&bx=1113&ci=1113&jz=885&dj=1&aa=1&ad=1014&cn=1014&gn=1&gk=1014&gl=1014&ik=1014&co=1014&cp=885&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=885&cd=885&ah=885&am=885&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=88868795%3A2921963009%3A5852356465%3A138374677129&bo=343684595&bd=21798732940&gw=gmanmidfpdisplay183413089896&zMoatOrigSlicer1=343684595&zMoatOrigSlicer2=21798732940&zMoatPT=Celebrity_Life_Article_Page&zMoatSZ=970x250&zMoatPS=ENT_Celeblife_Desktop_Leaderboard1_1&zMoatSite=GMA_Entertainment&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&iq=na&tt=na&tu=&tp=&tc=0&fs=197273&na=1691588883&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 16:57:01 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 2800
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4

35 B
476 B

19ms
19ms

Document
image/gif

185.167.164.51
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D1%26key%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.51 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 21 Mar 2022 16:57:01 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Mon, 21 Mar 2022 16:57:01 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 12C0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjiuXQAO2wtfkgBH&gdpr=0&gdpr_consent=&_test=YjiuXQAO2wtfkgBH
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=53e87097b3b01238&is_secure=true&networkId=17100&version=1&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGd_FWhqspSANo1yx3AAAAAAA&expiration=1647968221&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=j_YcddihGi-U904rgPICfoHxGHiU_Ewr3_LWlG8Y
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

24ms
23ms

Document
text/plain

8.28.7.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 21 Mar 2022 16:57:01 GMT

Redirect headers

server: nginx
date: Mon, 21 Mar 2022 16:57:01 GMT
x-lat: 10:0:433
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame A2F7
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:08f46238-ae5d-4800-8e4f-69c1c3fe0652&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7062367194f01237&is_secure=true&networkId=17100&version=1&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGeKc8t_amcAN9muX3AAAAAAA&expiration=1647968221&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=j_YcddihGi-U904rgPICfoHxGHiU_Ewr3_LWlG8Y
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

25ms
24ms

Document
text/plain

8.28.7.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 21 Mar 2022 16:57:01 GMT

Redirect headers

server: nginx
date: Mon, 21 Mar 2022 07:54:00 GMT
x-lat: va2pug003:0:541
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

GET
H/1.1

200
OK

sn.ashx Show response
pmp.mxptint.net/ Frame 0CA1
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCVUpFN0VjVjBBQURWWVNiYTlXUQ&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABUJE7EcV0AADVYSba9WQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sy...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7924081689231374706
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABUJE7EcV0AADVYSba9WQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7924081689231374706%26bee_sync_partners%3Dsyn%252Cpm%26...
https://match.prod.bidr.io/cookie-sync?userid=7924081689231374706&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABUJE7EcV0AADVYSba9WQ&pid=55...
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABUJE7EcV0AADVYSba9WQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7924081689231374706%26bee_sync_partners%3Dpm%26bee_sy...
https://match.prod.bidr.io/cookie-sync?userid=7924081689231374706&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABUJE7EcV0AADVYSba9WQ
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_ED17150B_4A6A29CA&r=https://pmp.mxptint.net/sn.ashx?ak=1
https://pmp.mxptint.net/sn.ashx?ak=1

43 B
266 B

55ms
54ms

Document
image/gif

4.78.226.233
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://pmp.mxptint.net/sn.ashx?ak=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

4.78.226.233 San Francisco, United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=-330868622; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Cache-Control: no-cache
Pragma: no-cache
Content-Type: image/gif
Expires: -1
Date: Mon, 21 Mar 2022 16:57:01 GMT
Content-Length: 43
Strict-Transport-Security: max-age=-330868622; includeSubDomains

Redirect headers

server: nginx
date: Mon, 21 Mar 2022 16:57:02 GMT
x-lat: njrpug016:0:665
location: https://pmp.mxptint.net/sn.ashx?ak=1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

GET
H2 200 cookiesyncendpoint Show response
sync.aniview.com/ Frame 84EC 0
240 B 24ms
24ms Document
text/plain 18.208.85.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1647881820919-953919478774-005576-007-004715&biddername=1&key=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.85.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-85-173.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
content-length: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5267
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b0YMFHSRSpq26vHxErHo1A%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

20ms
18ms

Image
text/html

23.52.161.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D1%26key%3D
Protocol: H2
Server: 23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-161-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=32083
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Tue, 22 Mar 2022 01:51:44 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 5267
Redirect Chain

https://idsync.rlcdn.com/420486.gif?partner_uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHR1IMVVlIEpQZKN4vzLVQ0&google_cver=1

42 B
60 B

50ms
47ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHR1IMVVlIEpQZKN4vzLVQ0&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D1%26key%3D
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:57:01 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHR1IMVVlIEpQZKN4vzLVQ0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 5267
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=50146238-ae5d-4700-98eb-30796b35639b

0
260 B

65ms
22ms

Image
text/plain

104.36.115.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=50146238-ae5d-4700-98eb-30796b35639b
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D1%26key%3D
Protocol: H2
Server: 104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Server: MT3 4267 dd20a5c master iad-pixel-x19 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=50146238-ae5d-4700-98eb-30796b35639b
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 21 Mar 2022 16:57:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 5267
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkY0NjBDMTQtNzQ5MS00QTlBLUI2RUEtRjFGMTEyQjFFOEQ0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%2...
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4

0
311 B

51ms
29ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D1%26key%3D
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: a8e76c82c52401a24cddfc4e0b59e2b7
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4
date: Mon, 21 Mar 2022 16:57:00 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 5267
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIQfyOx4JJL4_YT3BqbsHGg&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%2...
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4

0
311 B

24ms
21ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D1%26key%3D
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: fe5f1d76d40753b2de6dbcca86f0e6e0
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4
date: Mon, 21 Mar 2022 16:57:00 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 5267
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:9502D91020DB4D37BFA09D9CCB38475C
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=eda3e7b6-a937-11ec-99ba-f57c117b80eb&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=

0
47 B

84ms
24ms

Image
text/plain

107.22.0.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D1%26key%3D
Protocol: H2
Server: 107.22.0.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-0-74.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
content-length: 0
content-type: text/plain

Redirect headers

location: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
date: Mon, 21 Mar 2022 16:57:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 95
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 5267
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6942632792172556660&gdpr=0&gdpr_consent=&us_privacy=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DUNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh%2...
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4

0
311 B

23ms
20ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D1%26key%3D
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:01 GMT
Cache-Control: no-cache
X-TraceId: 67e00702464d2b0128b242967dc2974a
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=UNQFvLcJ3pbfmsSmmMgBlod0g_oRUaUvaQ8ZZ-gkhYBzomW3t0ipjykbuUZxm8fh&uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4
date: Mon, 21 Mar 2022 16:57:01 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 5267
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=735904f1-e50d-418d-88c3-0192d4f4b2df
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=69a47549bfc71236&is_secure=true&networkId=17100&version=1&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGeQIvu7pvmwNHErEoAAAAAAA&expiration=1647968221&nuid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
217 B

23ms
23ms

Image
text/plain

8.28.7.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D1%26key%3D
Protocol: H2
Server: 8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Mon, 21 Mar 2022 16:57:01 GMT
cache-control: no-store, no-cache, private
x-lat: njrpug007:0:562
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 6F460C14-7491-4A9A-B6EA-F1F112B1E8D4
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5267 43 B
988 B 82ms
31ms Image
image/gif 2600:1f18:4e9:5a01:178d:ea3b:65f9:d878
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/6F460C14-7491-4A9A-B6EA-F1F112B1E8D4?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a01:178d:ea3b:65f9:d878 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 5267
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-iFG7SbxE2uWotdaiYHE7wPlsmQLRwYY-~A&gdpr=0&gdpr_consent=

0
128 B

20ms
19ms

Image
text/plain

104.36.115.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-iFG7SbxE2uWotdaiYHE7wPlsmQLRwYY-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D1%26key%3D
Protocol: H2
Server: 104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:00 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-iFG7SbxE2uWotdaiYHE7wPlsmQLRwYY-~A&gdpr=0&gdpr_consent=
date: Mon, 21 Mar 2022 16:57:01 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-KDIqFj9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-3Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=Sqht8Mx%3BIB&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&id=1&ii=4&f=0&j=&t=1647881819979&de=881364681777&cu=1647881819979&m=1126&ar=359f21c1e97-clean&iw=a1dda84&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5201&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1106%3A1106%3A0%3A993&as=1&ag=1113&an=1113&gi=1&gf=1113&gg=1113&ix=1113&ic=1113&ez=1&ck=1113&kw=885&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1113&bx=1113&ci=1113&jz=885&dj=1&aa=1&ad=1014&cn=1014&gn=1&gk=1014&gl=1014&ik=1014&co=1014&cp=885&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=885&cd=885&ah=885&am=885&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=88868795%3A2921963009%3A5852356465%3A138374677129&bo=343684595&bd=21798732940&gw=gmanmidfpdisplay183413089896&zMoatOrigSlicer1=343684595&zMoatOrigSlicer2=21798732940&zMoatPT=Celebrity_Life_Article_Page&zMoatSZ=970x250&zMoatPS=ENT_Celeblife_Desktop_Leaderboard1_1&zMoatSite=GMA_Entertainment&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&iq=na&tt=na&tu=&tp=&tc=0&fs=197273&na=162872526&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 16:57:01 GMT

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 3 KB
2 KB 112ms
49ms Script
text/javascript 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=03502911162810965012211048926262242865228198661711170001297063126106&nc=0&tsf=0&tsfmi=&pv=0&cb=1647881821402&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=437199853&at=&bid=e30%3D&di=W1siZWYiLDc2Ml0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsMlwiLFwidlwiOlwiZ29vZ2xlIGluYy4g%0D%0AKGdvb2dsZSlcIixcInJcIjpcImFuZ2xlIChnb29nbGUsIHZ1bGthbiAxLjIuMCAoc3dpZnRzaGFk%0D%0AZXIgZGV2aWNlIChzdWJ6ZXJvKSAoMHgwMDAwYzBkZSkpLCBzd2lmdHNoYWRlciBkcml2ZXItNS4w%0D%0ALjApXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMy4wMCAob3BlbmdsIGVzIGdsc2wgZXMgMy4w%0D%0AIGNocm9taXVtKVwiLFwiZ3ZlclwiOlwid2ViZ2wgMi4wIChvcGVuZ2wgZXMgMy4wIGNocm9taXVt%0D%0AKVwiLFwiZ3ZlblwiOlwid2Via2l0XCIsXCJiZW5cIjoxMCxcIndnbFwiOjEsXCJncmVuXCI6XCJ3%0D%0AZWJraXQgd2ViZ2xcIixcInNlZlwiOjE3NTUyMzM3NTUsXCJzZWNcIjpcIlwifSJdLFstMSwiLSJd%0D%0ALFstMiwiOCxlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpMODZMMjNBQ0dVaEJJ%0D%0Ad0lTU0VFQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3MHV4cUZ4Il0sWy0z%0D%0ALCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2ll%0D%0AaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYs%0D%0AIntcIndcIjpbXCIwXCIsXCJjaHJvbWVcIixcIiRcIixcImpRdWVyeVwiLFwiRU5WSVJPTk1FTlRc%0D%0AIixcIklTX0RVUExJQ0FURVwiLFwiQkFTRV9VUkxcIixcIlNJVEVfTkFNRVwiLFwiU0lURV9VUkxc%0D%0AIixcIkVOVF9SRVNcIixcIlNZTkNfQVNTRVRTX1VSTFwiLFwiUkVTT1VSQ0VfVVJMXCIsXCJTSVRF%0D%0AX1NFR01FTlRfMVwiLFwiU0lURV9TRUdNRU5UXzJcIixcIlNJVEVfU0VHTUVOVF8zXCIsXCJTSVRF%0D%0AX1NFR01FTlRfNFwiLFwiU0lURV9TRUdNRU5UXzVcIixcIklOVEVSTkFUSU9OQUxfVVJMXCIsXCJI%0D%0AQURFU19DT05URU5UXCIsXCJORVRXT1JLX1VSTFwiLFwiRU5UX0RBVEFfVVJMMVwiLFwiRU5UX0RB%0D%0AVEFfVVJMMlwiLFwiUzNfRU5EUE9JTlRcIixcIlMzX1NPVVJDRVwiLFwiUzNfTUVESUFcIixcIkVO%0D%0AVlwiLFwiU0VSVklDRVNfSUdNQVwiLFwiQkFTRV9GT0xERVJcIixcIkpTX0NPT0tJRV9FWFBJUllc%0D%0AIixcIlNVQl9GT0xERVJcIixcIkNPTlRFTlRfSURcIixcIkNPTlRFTlRfS0VZV09SRFwiLFwiUEFH%0D%0ARV9UWVBFXCIsXCJDQVRFR09SWVwiLFwiQ0FURUdPUllfTEFCRUxcIixcIldJREdFVFwiLFwiQ09O%0D%0AVEVOVF9UWVBFXCIsXCJFTlRfREFUQV9VUkxcIixcIlNFUlZFUl9USU1FXCIsXCJERlBfS0VZV09S%0D%0ARFNcIixcIk1FVEFfS0VZV09SRFNcIixcIkRGUF9DT0RFXCIsXCJQVUJMSVNIX0RBVEVcIixcIlBP%0D%0AU1RfREFURVwiLFwiU0VPX1RJVExFXCIsXCJBVVRIT1JcIixcIkZCX0lEXCIsXCJHT09HTEVfQU5B%0D%0ATFlUSUNTXCIsXCJHT09HTEVfQU5BTFlUSUNTX0VOVFwiLFwiR0E0X0lEX0VOVFwiXSxcIm5cIjpb%0D%0AXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwi%0D%0Ae1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcImtleXdvcmRzXCIsXCJvZzp0aXRs%0D%0AZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6ZGVzY3Jp%0D%0AcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCJ7XCJvXCI6MC4wMzczNTYz%0D%0AMjE4MzkwODA0Nn0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAs%0D%0AMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAw%0D%0ALDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIzNDc1MzYw%0D%0AMDUuMTY0Nzg4MTgxNyJdLFstMjEsIlVaUVdHOGhTIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFst%0D%0AMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6NjQwMDAwMDAsXCJ1%0D%0AamhzXCI6NDIxMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCw5LjQsMCxcIjRn%0D%0AXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyJdLFstMjksIntcInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAs%0D%0AMiwwLDIsMCwwLDIsMiwyLDIsMF19Il0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxb%0D%0ALTMyLCIyIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY0Nzg4MTgyMTM5MCwwXSJdLFst%0D%0AMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiaSwtMSwt%0D%0AMSw1MCwwLDEsMCwzNiw0Miw4MzcsMjcsMCwxMTA1LjUsMTEwNS41LDU3NjksNTc2OSJdLFstMzks%0D%0AIltcIjIwMDMwMTA3XCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGws%0D%0AbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3%0D%0AMjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMCJdLFstNDQsIjAsMCww%0D%0ALDUiXSxbLTQ1LCItIl0sWy00NiwiMCJdLFstNDcsIkV0Yy9Vbmtub3duLGVuLVVTLGxhdG4sZ3Jl%0D%0AZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbImJuY2giLDcxXV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A237%2C%22y%22%3A4135%2C%22w%22%3A770%2C%22h%22%3A557%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=gCwqV7Wutn&sdd=%7B%7D&pto=5783
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: c31e388f4a14c705a3c219f6eaac3d4dbdd8d69a5a00215ace717e8007f0f856

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:01 GMT
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 1646
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 26ms
25ms Image
text/plain 34.206.162.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=33840&t=1647881820&cip=149.56.153.178&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647881820919-953919478774-005576-007-004715&cha=0.7&stagid=&stplid=&d35=&d36=6.2.10&cb=78735694899&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250&&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=bid&cb=1647881821465&asid=60c9af0fd5b7d53516584abd%2C619e234c1859e5764139cfc7%2C61b306832a905336af1b6a4a%2C60f1355d86bbbf27bc755e24%2C60c5a06b11731011741c82a1%2C61f12d904c844c5c31329637&ofpr=%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.162.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-162-204.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
DATA 200
OK truncated
/ Frame 8FA6 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8FA6 492 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3E48 371 KB
124 KB 91ms
40ms Script
text/javascript 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7522915bcb350be6f3157b1692458fdf8d6d728c2c09a8d0754c50101078e8c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126233
x-xss-protection: 0
expires: Mon, 21 Mar 2022 16:57:01 GMT

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
79 B 25ms
25ms Image
image/gif 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136ee9cf3deb4f889c9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163345714393d30164f578afe6d0e34748b54f88bd39e821da61c45085052aae2d05f91e46042dcb5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c0250616e96567ac940a61efc89825d957bd1fad811bc551c8c96dd82a77c3d835d277c6dabaa58bbae6192bf57bbfbaab2b0537be8763c1bc41e1134e50d65f0b8dd8c38681eb923bce6a88de93a349cd5c5513a2377d97c0c61b2087e972f900e0c51c9023f879144f02cd65eb5f879cff2bbcd6688752a798ccd527d6195178e812115c7d4579d1b96ea44c98cd8a2be89969eb973ccc81e2f27288bcf112677986ee5e54d0a1125409f0ebaf38f17dd9f554eee329b563f86ed24e854a83b57b9f4f65b1b3c63f6b22245b7f16034ceebede399054e2060a5e76baed1886c64948aba79cfee32e8bfff8eed2adbdfb4a532eb912d7f5063091496607c5210163669d78b37519cbf7c2618c7cd42083b72fccbb1184780a243c1f7a139ddcf9dd3c7f49871b4395cfc4bdb0c83e198ce3af7784bc0269c4c0402e63f88dcb1370a52d81438d59b67ddd4799bb4cbde476bbc5dfc0920320aab52771c136b487b0e6&cb=1647881821562&cri=gCwqV7Wutn
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:01 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 43
content-type: image/gif

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A53F 590 KB
192 KB 47ms
19ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420908
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 3E48 44 KB
17 KB 88ms
42ms Script
text/javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Mar 2022 16:57:01 GMT

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D8A5 590 KB
192 KB 33ms
22ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420908
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 209A 590 KB
192 KB 37ms
37ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420908
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 99EC 590 KB
192 KB 38ms
37ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420908
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 493F 590 KB
192 KB 38ms
38ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420908
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3E48 107 B
122 B 73ms
46ms Script
application/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4862 37 KB
13 KB 67ms
39ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A35A 37 KB
13 KB 46ms
25ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1EEB 37 KB
13 KB 32ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1A2B 37 KB
13 KB 34ms
34ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 12A7 37 KB
13 KB 23ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 1ECF 3 KB
2 KB 80ms
20ms Document
text/html 23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/avpb4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 21 Mar 2022 16:57:02 GMT
Content-Length: 1388
Connection: keep-alive

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=7e002fc4-96ab-4ac8-8032-4369055275d8&google_hm=N2UwMDJmYzQtOTZhYi00YWM4LTgwMzItNDM2OTA1NTI3NWQ4
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEE-1faDMrMqaJvSyct_Hdpk&google_cver=1&ssp=sonobi&bsw_param=7e002fc4-96ab-4ac8-8032-4369055275d8
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=7e002fc4-96ab-4ac8-8032-4369055275d8

49 B
864 B

23ms
23ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=7e002fc4-96ab-4ac8-8032-4369055275d8

Requested by

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:02 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=7e002fc4-96ab-4ac8-8032-4369055275d8
Date: Mon, 21 Mar 2022 16:57:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=968625778134367006

49 B
933 B

91ms
23ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=968625778134367006

Requested by

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:02 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-15
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=968625778134367006
Date: Mon, 21 Mar 2022 16:57:02 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=dbc9632d-7a64-4725-810b-286dacfe61cb&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ckhlZEJZOTFnQTFDZmhldUItaXFsQQ&gdpr=&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMYj8BW7wL5lVA8Dsm952yM&google_cver=1
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=tADkUwpjEYPD

49 B
840 B

25ms
24ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=pp&nuid=tADkUwpjEYPD

Requested by

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:02 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-15
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-CA
location: https://sync.go.sonobi.com/us.gif?nw=pp&nuid=tADkUwpjEYPD
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-5799967b4-kmkgx
expires: -1

GET
H2

200

ProfilesEngineServlet
api.intentiq.com/profiles_engine/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=f79d8a858b&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us.gif?nw=td&nuid=735904f1-e50d-418d-88c3-0192d4f4b2df&pubid=f79d8a858b
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=dbc9632d-7a64-4725-810b-286dacfe61cb
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=dbc9632d-7a64-4725-810b-286dacfe61cb&ckls=true&ci=dAlS00MmLc&nc=false&trid=-6490...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D570392714%26rnd%3D-1...
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=570392714&rnd=-1547960371&pcid=6F460C14-7491-4A9A-B6EA-F1F112B1E8D4
https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%3B1402230080%26rnd%3D1580074992&pcid=$UID
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714;1402230080&rnd=1580074992&pcid=8459286220222525158
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D570392...
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=570392714;1402230080;1709765917&rnd=-1943433346&pcid=d8b35993-de9b-41ee-89de-ab9491d54401
https://ce.lijit.com/merge?pid=8101&3pid=dAlS00MmLc&location=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D570392714%3B14022...
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=570392714;1402230080;1709765917;1486637409&rnd=-1068323789&pcid=82cc8b8c4d980fb73445e855
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D570392714%3B140...
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182&rnd=-994324750&pcid=ed6c4ecd-a937-11ec-8e58-17530a...
https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D570392714%3B1402230080%...
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182;1072441116&rnd=-944616107&pcid=08f46238-ae5d-4800-...
https://sync.1rx.io/usersync/intentiq/0?dspret=1&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%26mi%3D10%26csh%3D570392714%3B1402230080%...
https://sync.targeting.unrulymedia.com/csync/RX-2319feac-c3e8-4f3e-bebe-bd60cfd9bc21-005?redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D541745869%2...
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=541745869&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182;1072441116;1678944572&rnd=282449813&pcid=RX-2319fea...

43 B
1 KB

40ms
39ms

Image
image/gif

52.85.61.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=541745869&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182;1072441116;1678944572&rnd=282449813&pcid=RX-2319feac-c3e8-4f3e-bebe-bd60cfd9bc21-005
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Server: 52.85.61.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-53.ewr53.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:03 GMT
via: 1.1 6f9ef5ae165c9835aa6935d9fb7e2072.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
x-amz-cf-id: gWqEKSlYiRx0sGpikU18SRthElWk9pVHQwow5KU1883IOubWouIzGQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 21 Mar 2022 16:57:03 GMT
Server: Tengine
ETag: RX2319feacc3e84f3ebebebd60cfd9bc21005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=541745869&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182;1072441116;1678944572&rnd=282449813&pcid=RX-2319feac-c3e8-4f3e-bebe-bd60cfd9bc21-005
Connection: keep-alive
Content-Type: text/html

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=08f46238-ae5d-4800-8e4f-69c1c3fe0652

49 B
951 B

106ms
25ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=08f46238-ae5d-4800-8e4f-69c1c3fe0652

Requested by

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:02 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 21 Mar 2022 16:57:02 GMT
Server: MT3 4267 dd20a5c master iad-pixel-x5 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=08f46238-ae5d-4800-8e4f-69c1c3fe0652
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 21 Mar 2022 16:57:01 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
18ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=3&kq=1&lo=4&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fimasdk.googleapis.com%2Fjs%2Fcore%2Fbridge3.505.0_en.html%23goog_545821488&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-KDIqFj9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-3Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=Sqht8Mx%3BIB&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=150&w=300&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&id=1&ii=4&f=0&j=&t=1647881819902&de=398096358040&cu=1647881819902&m=2348&ar=359f21c1e97-clean&iw=a1dda84&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5200&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1106%3A1106%3A0%3A993&as=0&ag=189&an=0&gf=189&gg=0&ix=189&ic=189&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=189&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=377&cd=0&ah=377&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4914438385%3A2739195827%3A5471012876%3A138322335932&bo=343684595&bd=346094075&gw=gmanmidfpdisplay183413089896&zMoatOrigSlicer1=343684595&zMoatOrigSlicer2=346094075&zMoatPT=Celebrity_Life_Article_Page&zMoatSZ=300x250&zMoatPS=ENT_Celeblife_Desktop_Mrec1_1&zMoatSite=GMA_Entertainment&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&iq=na&tt=na&tu=&tp=&tc=0&fs=197273&na=695125146&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 16:57:02 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 8FA6 43 B
260 B 21ms
20ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&d=GMANMI_DFP_DISPLAY1%3A343684595%3A346094075%3A-&de=262645046815&t=1647881819128&i=MOAT_FEATHER_DEBUG1&gw=gmanmidfpdisplay183413089896&cm=1&ac=1&f=0&bq=0&ar=359f21c1e97-clean&iw=2add9d8&dMoatOQs=moatClientLevel1%3D4914438385%26moatClientLevel2%3D2739195827%26moatClientLevel3%3D5471012876%26moatClientLevel4%3D138322335932%26moatClientSlicer1%3D343684595%26moatClientSlicer2%3D346094075%26zMoatSZ%3D300x250%26zMoatPS%3DENT_Celeblife_Desktop_Mrec1_1%26zMoatPT%3DCelebrity_Life_Article_Page%26zMoatMMV%3D%26zMoatSite%3DGMA_Entertainment%26zMoatMData%3D%26zMoatMGV%3D%26zMoatMSafety%3D&fq=0&sy=0&gh=0&wb=0&g=2&tc=1&id=1&na=295544577&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 16:57:02 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame A53F 156 B
523 B 314ms
313ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_8&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2954870967810559&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3922806848&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dlt=1647881820245&idt=1966&dt=1647881822430&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=1525500855152509&ged=ve4_td2_tt0_pd2_la2000_er350.1059.504.1359_vi0.0.1200.1600_vp100_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D8A5 156 B
185 B 441ms
441ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_6&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3118828376430789&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=1996794275&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dlt=1647881820245&idt=1990&dt=1647881822437&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=3363636015971245&ged=ve4_td2_tt0_pd2_la2000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 3E4A 1 KB
3 KB 38ms
38ms Document
text/html 23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 331934e48e853a6b4c922e42222716feadd81ec14d8966402e8e2233ee6a373b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|230|39|241|196|188|111|64
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Mon, 21 Mar 2022 16:57:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:02 GMT
Content-Length: 1478
Connection: keep-alive

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 209A 156 B
185 B 475ms
475ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4039572571852409&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=4048354652&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881822445&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=2556736152449168&ged=ve4_td2_tt0_pd2_la2000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 99EC 156 B
185 B 466ms
466ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3183319832646828&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3215857442&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881822451&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=2160460231465023&ged=ve4_td2_tt0_pd2_la2000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 493F 156 B
185 B 308ms
307ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_250&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=778341559055274&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3614242065&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881822458&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=4122570710148670&ged=ve4_td2_tt0_pd2_la2000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3E4A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjiuXXCUXecuuj.3Gj32GgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGO4CUTpcacgBWOOSMWRyrg&google_cver=1&google_hm=2

43 B
1016 B

27ms
27ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGO4CUTpcacgBWOOSMWRyrg&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 21 Mar 2022 16:57:02 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGO4CUTpcacgBWOOSMWRyrg&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 3E4A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YjiuXXCUXecuuj-3Gj32GgAAABEAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIzhCb-pNu7WguymFfMJjL8&google_cver=1

43 B
315 B

24ms
24ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIzhCb-pNu7WguymFfMJjL8&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 21 Mar 2022 16:57:02 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIzhCb-pNu7WguymFfMJjL8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3E4A
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=735904f1-e50d-418d-88c3-0192d4f4b2df&expiration=1650473822&gdpr=0&gdpr_consent=

43 B
1006 B

101ms
47ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=735904f1-e50d-418d-88c3-0192d4f4b2df&expiration=1650473822&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 21 Mar 2022 16:57:02 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:02 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=735904f1-e50d-418d-88c3-0192d4f4b2df&expiration=1650473822&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 3E4A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YjiuXXCUXecuuj-3Gj32GgAAABEAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YjiuXXCUXecuuj-3Gj32GgAAABEAAAAB&dcc=t

43 B
932 B

49ms
49ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YjiuXXCUXecuuj-3Gj32GgAAABEAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:02 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: D9HEEWE1WVWG7F7Y1C74
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:02 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 108F5VF13SXS4SZZKPK4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YjiuXXCUXecuuj-3Gj32GgAAABEAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3E4A
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030002_6238ae5e822d0&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030002_6238ae5e822d0

43 B
992 B

110ms
55ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030002_6238ae5e822d0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 21 Mar 2022 16:57:02 GMT

Redirect headers

date: Mon, 21 Mar 2022 16:57:02 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030002_6238ae5e822d0
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2 200 CookieIndex
rtb.adentifi.com/ Frame 3E4A 0
46 B 25ms
23ms Image
text/plain 107.22.0.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.0.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-0-74.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:02 GMT
content-length: 0
content-type: text/plain

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3E4A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5148532162807273423&expiration=1649091422

43 B
989 B

141ms
87ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5148532162807273423&expiration=1649091422
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 21 Mar 2022 16:57:02 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:02 GMT
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5148532162807273423&expiration=1649091422
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3E4A
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=e3579f9f-1a7c-45fe-b240-388ee016dae2-6238ae5e-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=e3579f9f-1a7c-45fe-b240-388ee016dae2-6238ae5e-4341&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=e3579f9f-1a7c-45fe-b240-388ee016dae2-6238ae5e-4341&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_i...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=e3579f9f-1a7c-45fe-b240-388ee016dae2-6238ae5e-4341&expiration=1650473822

43 B
1 KB

28ms
27ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=e3579f9f-1a7c-45fe-b240-388ee016dae2-6238ae5e-4341&expiration=1650473822
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 21 Mar 2022 16:57:02 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=e3579f9f-1a7c-45fe-b240-388ee016dae2-6238ae5e-4341&expiration=1650473822
date: Mon, 21 Mar 2022 16:57:02 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3E4A 43 B
425 B 22ms
21ms Image
image/gif 23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YjiuXXCUXecuuj.3Gj32GgAA%26017
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:02 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1205
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 21 Mar 2022 17:17:07 GMT

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E600 590 KB
192 KB 20ms
19ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420909
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3E48 107 B
122 B 39ms
39ms Script
application/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 87ms
39ms XHR
text/plain 34.206.162.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=33840&t=1647881820&cip=149.56.153.178&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647881820919-953919478774-005576-007-004715&cha=0.7&stagid=&stplid=&d35=&d36=6.2.10&cb=78735694899&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.162.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-162-204.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 21 Mar 2022 16:57:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 04D3 37 KB
13 KB 22ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E600 156 B
142 B 438ms
437ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_150&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=361689168687740&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=4179348324&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881823121&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=1647271253709818&ged=ve4_td3_tt1_pd3_la3000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts1_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 293ms
97ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gmanetwork.com%2F&domain=www.gmanetwork.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://www.gmanetwork.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1567
date: Mon, 21 Mar 2022 16:57:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gmanetwork.com%2F&domain=www.gmanetwork.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=h4-q3XwxUzhtcDF0K3RDajVNRmRNMWFqWE5aUW1pYkNvOGRYL05PdFczZlpQZ0dtSXZiSnFoMDFpMmIxVGpZT08vR01YUnJFVkZ4RHd1ckR1RHpVVVVvVno0OXVXYTA3OXVtL2FqdnJ2b1pjOFZnSWJNaEZ6bG9LT0diSm...

358 B
619 B

73ms
25ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=h4-q3XwxUzhtcDF0K3RDajVNRmRNMWFqWE5aUW1pYkNvOGRYL05PdFczZlpQZ0dtSXZiSnFoMDFpMmIxVGpZT08vR01YUnJFVkZ4RHd1ckR1RHpVVVVvVno0OXVXYTA3OXVtL2FqdnJ2b1pjOFZnSWJNaEZ6bG9LT0diSmhaeWl5QW1yVC9CaEJKeUptQkFVUG44SThCaVVFaE9MU0JaYlZqdURkMVVFWkxKdGlSVGM0MXJkQytQM01LVVpyRVY1THNGVllVRzBON29PZUJqYjEzS2p0RmcwVW16ZXVUL1RuR1NaVzA4dHdqVGcvRS9KZGVLS1FRYnAyVE5wSGJLV2l3YmRhfA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

7abddcd0a89de2f1f0af7c76a84ea1bb589cc3cf9f8b45b315e9512cea240c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:03 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3095
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:03 GMT
location: https://mug.criteo.com/sid?cpp=h4-q3XwxUzhtcDF0K3RDajVNRmRNMWFqWE5aUW1pYkNvOGRYL05PdFczZlpQZ0dtSXZiSnFoMDFpMmIxVGpZT08vR01YUnJFVkZ4RHd1ckR1RHpVVVVvVno0OXVXYTA3OXVtL2FqdnJ2b1pjOFZnSWJNaEZ6bG9LT0diSmhaeWl5QW1yVC9CaEJKeUptQkFVUG44SThCaVVFaE9MU0JaYlZqdURkMVVFWkxKdGlSVGM0MXJkQytQM01LVVpyRVY1THNGVllVRzBON29PZUJqYjEzS2p0RmcwVW16ZXVUL1RuR1NaVzA4dHdqVGcvRS9KZGVLS1FRYnAyVE5wSGJLV2l3YmRhfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1737
content-length: 509
expires: 0

GET
H2 200 prompt-logo.png
aphrodite.gmanetwork.com/assets/webpush/ 5 KB
5 KB 24ms
24ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/assets/webpush/prompt-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9746212474b3d7068f2fa58a4f960adeb2ca9cd5ef52b7ba2aacd444585b5e4c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 23:27:55 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Thu, 08 Nov 2018 10:57:04 GMT
server: AmazonS3
age: 235749
etag: "5603be90b5c6d91b957098a445fe2c1f"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 4975
x-amz-cf-id: b25-7WHkgGsuKx1cJRFmIfV-fo8zRdOy-thKxsKFZ-s_bOmsNEtAWg==
x-amz-meta-s3b-last-modified: 20181003T123553Z

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 47ms
46ms XHR
application/json 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031501&st=env

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cb373026d7cd5430ad2c60bc7613f0a9ba7c0112d04a231853f2c7c90c65306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10648
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 81ms
45ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:57:03 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 5267 0
260 B 87ms
28ms Script
text/plain 8.28.7.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=160993&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647881820919-953919478774-005576-007-004715%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:03 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8FCC 13 KB
5 KB 27ms
21ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Mar 2022 16:43:25 GMT
expires: Tue, 21 Mar 2023 16:43:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 818
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6264 783 B
535 B 42ms
40ms Document
text/html 2607:f8b0:4006:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6151990e8f8cfdccc6f7cde96a3818b704ba308567d3df93044985bbe949a4d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4nk9BEZqwrjTqAEQIJObwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 21 Mar 2022 16:57:03 GMT
date: Mon, 21 Mar 2022 16:57:03 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-4nk9BEZqwrjTqAEQIJObwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FCC 35 KB
14 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 231104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13819
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 00:45:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6264 0
0 59ms
59ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031501&jk=2333231219155970&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 25ms
25ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 21 Mar 2022 16:57:03 GMT
content-length: 0
server: ATS/9.1.0.33
access-control-allow-origin: https://www.gmanetwork.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 24ms
24ms Image
text/plain 34.206.162.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=33840&t=1647881820&cip=149.56.153.178&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647881820919-953919478774-005576-007-004715&cha=0.7&stagid=&stplid=&d35=&d36=6.2.10&cb=78735694899&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250&&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=request&cb=1647881823590&asid=617a4eb2cb2c5300c52fe8c3%2C60c9af0fd5b7d53516584abd%2C619e234c1859e5764139cfc7%2C61b306832a905336af1b6a4a%2C60f1355d86bbbf27bc755e24%2C61e8138f6988204b2f59bad4%2C60c5a06b11731011741c82a1%2C61f12d904c844c5c31329637%2C5eeb6e73b1cd041277302207%2C6006a7a93daa6c44f97e05c9%2C60c9bd699498f81096551f59%2C6006a79aba887464ff3c1ecc&ofpr=0.8%2C%2C%2C%2C%2C0.8%2C%2C%2C1%2C1.6%2C1.2%2C1.6&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.162.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-162-204.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
235 B 570ms
569ms XHR
text/plain 18.210.129.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=413b6839656078f3b2fb0daeedb6a046_1723163184&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1647881820919-953919478774-005576-007-004715&AV_DNTCHECK=1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&AV_PUBLISHERID=5eea0864e08b0760d33128ae&AV_CHANNELID=5f212d174b419e3bf16f66ad&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gmanetwork.com&AV_DADPOS=1&AV_PLACEMENT=1&d36=6.2.10&responsive=1&sver=2&avtoken=820793&AV_WIDTH=300&AV_HEIGHT=250&AV_DNT=0&cb=7881823588&tgt=0&&AV_VI=100&AV_VID=0&d4=2&d5=2
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.129.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-129-82.compute-1.amazonaws.com
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:04 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 10 Mar 2022 03:10:24 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
335 B 120ms
120ms XHR
application/json 104.94.205.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=733458&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22144391ffab82cf7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22154d42626215539%22%2C%22ext%22%3A%7B%22siteID%22%3A%22733458%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B300%2C250%5D%5D%2C%22w%22%3A300%2C%22h%22%3A250%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A0.8%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22vidcrunch.com%22%2C%22sid%22%3A%225eea0864e08b0760d33128ae%22%7D%5D%2C%22ver%22%3A%221.0%22%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-205-31.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e902b57cfc3413085b592f76e56292a4a3a748712491e930b95b1f3aa36cef6f

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:03 GMT
x-ak-initial-geo: CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.178], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.gmanetwork.com
x-cs-client-geo: 19
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 19
expires: Mon, 21 Mar 2022 16:57:03 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205428/0/ 0
174 B 55ms
55ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Mon, 21 Mar 2022 16:57:03 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
293 B 126ms
125ms XHR
text/plain 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
x-openrtb-version: 2.5
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Mon, 21 Mar 2022 16:57:03 GMT
access-control-allow-credentials: true
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

POST
H2 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
236 B 27ms
27ms XHR
text/plain 52.45.17.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-17-150.compute-1.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Mon, 21 Mar 2022 16:57:03 GMT
access-control-allow-credentials: true
server: SOMA
x-smt-sessionid: 326340a4-bea6-41f3-b7dd-28fafe103bb8
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 829 B
3 KB 140ms
83ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222393ec47a4d097b%22%3A%22eb3f4d8692b65578db80%7C%7Cf%3D1%22%7D&ref=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&s=22149117-ed2b-44d8-b541-0f738fae252f&pv=506e999d-749f-4ec8-bc62-5907de3b857a&vp=mobile&lib_name=prebid&lib_v=6.11.0&us=5&ius=1&schain=%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22vidcrunch.com%22%2C%22sid%22%3A%225eea0864e08b0760d33128ae%22%7D%5D%2C%22ver%22%3A%221.0%22%2C%22complete%22%3A1%7D&coppa=0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

0c1d7ef76c75385325aa94ca310e48773954e433593c22c5bafe85cafb45ddfd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:03 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-60
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-type: application/json
content-length: 492
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205427/0/ 0
174 B 144ms
144ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205427/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Mon, 21 Mar 2022 16:57:03 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8FCC 0
9 B 20ms
20ms Image
text/plain 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CGSj6Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 74ms
24ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1272
date: Mon, 21 Mar 2022 16:57:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031501&jk=2333231219155970&bg=!qaqlqu7NAAba2mK92to7ACkAdvg8WmxDC1f9swVhDBactqns5uSjwZsw8G2lAJwNMtv-fxy5ObCrwQIAAACqUgAAAAJoAQeZAuui6hXemxY3dDUUeYztw_WoExURoEvc_LTQVY8gWffkiSKUgZzJkSXQt0sZka8gHmjFqJNZKL2VPSuR7AzvxPG62XJajZrL-nJl82JTEaehsBBv3cIQFKQfZq3gepbQJJNr1LGMcunSQJ0amjdHPVQtxmQNjvyytJbkXp3yIpYQiwPGOjGrY67bk5G5tBVNdNRQm9uHLidXw4AQoBPrK1WR83PHmsw0bmtYS_KHqnbUwdaKIyIKo0F3sz3UC4bcuStBM7ycuVbYVRaFSO-zB510o-ftusDj8747Y-gvSVRgml6oDO8VOzG_uLSiccBwut56GhO-yz4kzIQsJrmc3Dh1T5-SFNp2NWJVRFRBz7nTaH9xtyF_-fsTkzZ1egdTrW-mSH6R5iJE0P6XYoIuoEWkgqws-ZxCoFwumn2bu_FMQH3XSkC7gu2B4mdWdPEUpn_yoEOzoe44EA7H99S1lVXT_xK6-QQe2V9PDYp9l7uO2h91l8_923eKZUU2ip-teDaJZg92oPLeNNbU2IMiB0nKYAyIKFgrNuBRxSjmefu7akcNgMdgEcvg8vFF8li_Q-3L12avkLda-Da--fdEQdzJX8SssjpJcHVIWOyHImNfH6Ml-clGEE36cBdOh8pMXPiT6T3cXkNvoVYi7A3F9OMSII2mL3q-thiHNlXjE0VqAo-j5syzrafLsLpVNnLxHYeWF2MwdI9SLqjtQ_mq_5uAia7IO3E530yCLG_QHcgKUR2VXzsVi84tnptq5DZSoMFvAPA2W2fjGANuCskLG94xP1n1khjSk8Cp4-SNUeHWpvvyyYLBkQOGu8EqljOQ9R_JII7uNaQGNIAVeLJCfgbG6prT-AQGOyUgYqU0Kf4VmzIYDhUO3gox0TOOGA8jutWtt8nGWzp-SithCTzYxLrxskBoZHiP3Suxm_SBUAfMl8Yz6n8oTIkyEz9YLESIILVOD_f-1nrGI2udxO1j9OrVIl7BZdfo-8IT-IE

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 34ms
34ms Image
text/plain 34.206.162.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=33840&t=1647881820&cip=149.56.153.178&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647881820919-953919478774-005576-007-004715&cha=0.7&stagid=&stplid=&d35=&d36=6.2.10&cb=78735694899&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250&&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=bid&cb=1647881824170&asid=60c9af0fd5b7d53516584abd%2C619e234c1859e5764139cfc7%2C61b306832a905336af1b6a4a%2C60f1355d86bbbf27bc755e24%2C60c5a06b11731011741c82a1%2C61f12d904c844c5c31329637&ofpr=%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.162.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-162-204.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 index.html Show response
ws.sharethis.com/secure/ Frame 1078 7 KB
2 KB 18ms
17ms Document
text/html 2600:9000:21dd:e200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure/index.html

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:e200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

342c75c322642d566dee32013f0b67792777b521227e8948f30eaa46518b1bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

content-type: text/html
content-length: 2090
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 18:42:03 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Mon, 21 Mar 2022 02:59:44 GMT
etag: W/"61e1c3fb-1ade"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 15b896d254f935ae71226074f7ea14b6.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-amz-cf-id: y_5nMdincInM2GwgTDqWG0JBYWhmMDSN3Bk2WItFGcx11VzUHpWi_A==
age: 50240

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8DFA 590 KB
192 KB 24ms
21ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3E48 107 B
122 B 39ms
38ms Script
application/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:57:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6F71 590 KB
192 KB 21ms
19ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 335E 590 KB
192 KB 22ms
21ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 04DA 590 KB
192 KB 22ms
19ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 041E 590 KB
192 KB 20ms
20ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0E3B 37 KB
13 KB 19ms
18ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 164E 37 KB
13 KB 19ms
18ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2414 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 50B7 37 KB
13 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DCC1 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H2 200 st.11f7946d377d9e3c2cb7836521807fe8.js Show response
ws.sharethis.com/secure/js/ Frame 1078 87 KB
23 KB 21ms
20ms Script
application/javascript 2600:9000:21dd:e200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure/js/st.11f7946d377d9e3c2cb7836521807fe8.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:e200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

369914445b6366d34f5a761a942d8a2c2db2e71fb66a7470fca8d7eb037fad73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ws.sharethis.com/secure/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 02:03:34 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 12495210
x-cache: Hit from cloudfront
content-length: 23524
server: nginx/1.20.1
etag: W/"6179dc46-15de6"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 15b896d254f935ae71226074f7ea14b6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C2
x-robots-tag: noindex, nofollow
x-amz-cf-id: wb4C2g0N4ey47fCXOTdHxZyucqa-TGlhWnAdqBajDzoj0aBoiOFcKA==
expires: Fri, 28 Oct 2022 02:03:34 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8DFA 156 B
142 B 324ms
324ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_8&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3924341980919842&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=965939686&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881824962&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=1696397809466787&ged=ve4_td5_tt3_pd5_la5000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts2_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 5f212d9d5440c96fb49c4d53.mp4
cdn.vidcrunch.com/ Frame 8FA6 905 KB
907 KB 20ms
19ms Media
video/mp4 8.252.31.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/5f212d9d5440c96fb49c4d53.mp4?channelId=5f212d174b419e3bf16f66ad&cb=1647881820111
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.252.31.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddbe969f1832cfcea8aa428b46505db55e341f5f380de107d703727ccff327b8

Request headers

Referer: https://www.gmanetwork.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=229376-

Response headers

date: Mon, 21 Mar 2022 16:57:04 GMT
last-modified: Thu, 10 Mar 2022 13:29:42 GMT
server: AmazonS3
age: 962783
etag: "892c855684d8f00b62c151ee5bb70f1a"
x-amz-id-2: CLztmZ5Rddkqel8gYK2qTEH/2MsmljWrsY5DUqMyN39YWgNT+6KdMbHWKRgWO1cUi1hdfHNkqh0=
content-type: video/mp4
Content-Range: bytes 229376-1156511/1156512
cache-control: max-age=5184000
Content-Length: 927136
access-control-allow-origin: *
x-amz-request-id: E5NQRRCVZRN86JWV
x-cdn: Lumen
expires: Mon, 09 May 2022 13:30:50 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6F71 156 B
142 B 456ms
456ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_6&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3626926575756651&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2918382769&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881824969&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=4445521664301941&ged=ve4_td5_tt3_pd5_la5000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 120_90_main_-20220317152612.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
3 KB 19ms
18ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220317152612.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1602e38939fe4063f118d10a71114a3c2af0bb98c806f099b1c65b68f43b6e6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Thu, 17 Mar 2022 07:26:14 GMT
server: AmazonS3
age: 17154
etag: "96f4ee1dc3559385423011094edb1d58"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Mon, 21 Mar 2022 12:11:11 GMT
x-amz-cf-pop: EWR52-C4
content-length: 2962
x-amz-cf-id: mD-rjx6gJ-QMrYpDtnNgRzWfnqiX3iV1Q_tu7Oqdh_JgHpRq60IIpw==

GET
H2 200 120_90_main_-20220318172202.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 4 KB
4 KB 20ms
19ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220318172202.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d1858aa4dc092adb62881cdd8b096ad7fcb87f5eb894d2224e712f1be02692e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 09:22:16 GMT
server: AmazonS3
age: 66024
etag: "6e33f7af85b59d129d86cbcb4664990e"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Sun, 20 Mar 2022 22:36:41 GMT
x-amz-cf-pop: EWR52-C4
content-length: 3698
x-amz-cf-id: pzI8aNqEkw7061WUiGwBEdzLOZX0DnXbaDQAcaWVSw885ZwD6oLsJQ==

GET
H2 200 120_90_main_-20220318162345.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
4 KB 22ms
21ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220318162345.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f85c837f2396129897f6f2ccdf2e7c726c49cd108b312ff8dc92be23aaa6c09

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 07:06:57 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 08:23:47 GMT
server: AmazonS3
age: 35407
etag: "30629ca5842358cf3845f14f067ab904"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3566
x-amz-cf-id: XAoMwgu_5PQ5P8V7jwxCdTUTYEUMGdKGSXsc51sMU2N6te6eA5EYtA==

GET
H2 200 120_90_main_-20220321184912.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
4 KB 22ms
22ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220321184912.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a7e8835c3e4eb9bc250602015331fc3ccf60a25f0753e928de1fdddedcabe9e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 10:56:28 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 10:49:26 GMT
server: AmazonS3
age: 21637
etag: "289a7f86b69574d66a5e83d2819aea63"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3237
x-amz-cf-id: SteP7DO7bt4aYO7u0-p9D-d7dOZENA2eq-q6sDEAy7nazV1KMdtUcw==

GET
H2 200 120_90_main_-20220321175616.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
4 KB 29ms
26ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220321175616.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d48d335361c7e5e7da891e6c53ca54a667c0efe39f95d4de2e735a4ca5d13eea

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 10:00:56 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 09:56:31 GMT
server: AmazonS3
age: 24970
etag: "e9bb50bef51f09ba6ac7e5ad2e98d6ae"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3403
x-amz-cf-id: R4VnALTrTu6tHhtJI2Tt3govSKhweU3wyHY2WhYKWloiscf44MWV6g==

GET
H2 200 120_90_main_-20220321155120.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 4 KB
4 KB 27ms
21ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220321155120.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e720eb5099252b19bc76cbb21babfc9552a8bf89382c4198a708b495d5e10674

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 07:58:03 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 07:51:22 GMT
server: AmazonS3
age: 32343
etag: "b7c47a3ee80e5c7d801d7e4b6b5c6c40"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3676
x-amz-cf-id: _wot6RSI8a4tQXmp0clzz4Sdjf_S6S0N9ZyPK7tqlE_y5q7DgqQgBw==

GET
H2 200 120_90_March-18_-20220318183323.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 3 KB
3 KB 24ms
18ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_March-18_-20220318183323.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8cec626787aa156963551b0ba64e42f743f668b5d804da96f5f1023323b826ed

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 10:33:25 GMT
server: AmazonS3
age: 48998
etag: "1d9d653dd56f75dc22676d2261b9194b"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Mon, 21 Mar 2022 03:20:28 GMT
x-amz-cf-pop: EWR52-C4
content-length: 3115
x-amz-cf-id: 1dbLzsTlbhF7rt1wv4t7VRO-nVe9eIgEeHunHg0IvdrJANde7mc2nw==

GET
H2 200 120_90_FULL-CMS_-20220318194741.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 3 KB
4 KB 22ms
18ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_FULL-CMS_-20220318194741.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52994d98fffdda7e5e42541e392120e68b13d35bf9f1e250a5d81c222ccfddff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 11:47:43 GMT
server: AmazonS3
age: 10459
etag: "4bcfbbd8e9b68bb2372b2ae544d1badc"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Mon, 21 Mar 2022 14:02:47 GMT
x-amz-cf-pop: EWR52-C4
content-length: 3284
x-amz-cf-id: ZRCZdYedMUgM1S6Ru1wkXnLEK1OtQDoJ8Oq4yRDpHSuQ1qhWyPXKSA==

GET
H2 200 160_90_BV_PRIMA2_031822_FULL_-20220318223346.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 4 KB
4 KB 22ms
19ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/160_90_BV_PRIMA2_031822_FULL_-20220318223346.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dee4edb32836be3b8d85f03ceb6c798b6ef8d2b375f43f470793795c7c0da23e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 14:33:48 GMT
server: AmazonS3
age: 27010
etag: "1b130679d76b3d8e5aa2e1033f235511"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Mon, 21 Mar 2022 09:26:56 GMT
x-amz-cf-pop: EWR52-C4
content-length: 3999
x-amz-cf-id: KU6H9EhueJ5XAnNEU1IWx1gYOonbGDymorALFfgg3WFTEUctMubWWw==

GET
H2 200 120_90_PRESID_1-1_-20220321191417.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 2 KB
3 KB 24ms
21ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_PRESID_1-1_-20220321191417.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c10a991892672674ea382b3d77b4f86b77e27584aaaa5688c0dcae5ab167494

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 12:11:08 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 11:14:19 GMT
server: AmazonS3
age: 17158
etag: "c32da10e87b926d12ef01b3c00df5074"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 2303
x-amz-cf-id: PVGZIBUEM2JrwHtFes3tjVJu86b7h8Iso4XKtVpFgrEV-QRFhcwMfA==

GET
H2 200 120_90_CMS_-20220321182034.png
aphrodite.gmanetwork.com/entertainment/videos/images/ 26 KB
26 KB 30ms
27ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_CMS_-20220321182034.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf3553c5dcf34e4f0155cd05c476ffff193c91dd515c3c58ddb524302e344fc6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:05:28 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 10:20:36 GMT
server: AmazonS3
age: 21098
etag: "b7a8411dbcaf2dbfb1a98a4976792829"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 26602
x-amz-cf-id: bVamDoyx86drOZ3gGj1AAF5gFO8Rj7l1jdgLxr4gRfSY4_rVBrSY3g==

GET
H2 200 120_90_family-feud-teaser_cms_-20220321140710.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 4 KB
4 KB 30ms
28ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_family-feud-teaser_cms_-20220321140710.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 351e1c43ada4933f0ce798e36dcd083b67c4e94381ec95a7cd58e9152ca009da

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 06:15:33 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 06:07:12 GMT
server: AmazonS3
age: 38493
etag: "b85eca7d493f892d737ab1daec9b6321"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3661
x-amz-cf-id: b47_YQV8vS9II9SVKJFL_sCo437o77Nls2jSahu6qVDqCotLJt1uag==

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 335E 156 B
142 B 462ms
461ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1038603830282680&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3885195076&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881825000&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=8481246386841&ged=ve4_td5_tt3_pd5_la5000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 04DA 156 B
142 B 412ms
411ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3825766972676341&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=1489693486&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881825008&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=3851958820534219&ged=ve4_td5_tt3_pd5_la5000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 041E 156 B
142 B 394ms
390ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_250&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1574774667465534&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=77214615&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881825013&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=153897635009846&ged=ve4_td5_tt3_pd5_la5000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
19ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=21&q=0&yco=0&yt=0&xco=0&xt=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=3&kq=1&lo=4&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-KDIqFj9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-3Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=Sqht8Mx%3BIB&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=150&w=300&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&id=1&ii=4&f=0&j=&t=1647881819902&de=398096358040&cu=1647881819902&m=5125&ar=359f21c1e97-clean&iw=a1dda84&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5200&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1106%3A1106%3A7609%3A993&as=0&ag=753&an=189&gf=753&gg=189&ix=753&ic=753&ez=1&aj=1&pg=100&pf=100&ib=0&cc=0&bw=753&bx=189&dj=1&aa=0&ad=417&cn=0&gk=417&gl=0&ik=417&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2925&cd=377&ah=2925&am=377&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4914438385%3A2739195827%3A5471012876%3A138322335932&bo=343684595&bd=346094075&gw=gmanmidfpdisplay183413089896&zMoatOrigSlicer1=343684595&zMoatOrigSlicer2=346094075&zMoatPT=Celebrity_Life_Article_Page&zMoatSZ=300x250&zMoatPS=ENT_Celeblife_Desktop_Mrec1_1&zMoatSite=GMA_Entertainment&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&iq=na&tt=na&tu=&tp=&tc=0&fs=197273&na=1135144978&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:05 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 16:57:05 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 23.52.163.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=3&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-KDIqFj9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&rs=1-PnpNn7leOfQ59g%3D%3D&sc=1&os=1-3Q%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=Sqht8Mx%3BIB&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&id=1&ii=4&f=0&j=&t=1647881819979&de=881364681777&cu=1647881819979&m=5054&ar=359f21c1e97-clean&iw=a1dda84&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5200&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1106%3A1106%3A7609%3A993&as=1&ag=5047&an=1113&gi=1&gf=5047&gg=1113&ix=5047&ic=5047&ez=1&ck=1113&kw=885&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5047&bx=1113&ci=1113&jz=885&dj=1&aa=1&ad=4948&cn=1014&gn=1&gk=4948&gl=1014&ik=4948&co=1014&cp=885&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4813&cd=885&ah=4813&am=885&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=88868795%3A2921963009%3A5852356465%3A138374677129&bo=343684595&bd=21798732940&gw=gmanmidfpdisplay183413089896&zMoatOrigSlicer1=343684595&zMoatOrigSlicer2=21798732940&zMoatPT=Celebrity_Life_Article_Page&zMoatSZ=970x250&zMoatPS=ENT_Celeblife_Desktop_Leaderboard1_1&zMoatSite=GMA_Entertainment&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&iq=na&tt=na&tu=&tp=&tc=0&fs=197273&na=1544017464&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-163-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:05 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 21 Mar 2022 16:57:05 GMT

GET
H2 200 120_90_main_-20220317152612.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
3 KB 18ms
17ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220317152612.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1602e38939fe4063f118d10a71114a3c2af0bb98c806f099b1c65b68f43b6e6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Thu, 17 Mar 2022 07:26:14 GMT
server: AmazonS3
age: 17155
etag: "96f4ee1dc3559385423011094edb1d58"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Mon, 21 Mar 2022 12:11:11 GMT
x-amz-cf-pop: EWR52-C4
content-length: 2962
x-amz-cf-id: x_8XMNw1FegmkVFN89kbc-4wD4c5hmBfb0t3P5zVYK8yXqrvL4Wohg==

GET
H2 200 120_90_main_-20220318172202.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 4 KB
4 KB 18ms
17ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220318172202.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d1858aa4dc092adb62881cdd8b096ad7fcb87f5eb894d2224e712f1be02692e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 09:22:16 GMT
server: AmazonS3
age: 66025
etag: "6e33f7af85b59d129d86cbcb4664990e"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Sun, 20 Mar 2022 22:36:41 GMT
x-amz-cf-pop: EWR52-C4
content-length: 3698
x-amz-cf-id: _bfD5HNrfEETqGQDXxDQT2qVavirNt-tnAgKK1VOSv4oe9ycOHA6fg==

GET
H2 200 120_90_main_-20220318162345.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
4 KB 18ms
17ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220318162345.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f85c837f2396129897f6f2ccdf2e7c726c49cd108b312ff8dc92be23aaa6c09

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 07:06:57 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 08:23:47 GMT
server: AmazonS3
age: 35408
etag: "30629ca5842358cf3845f14f067ab904"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3566
x-amz-cf-id: lYGh0HpAwChakMsG__GnYH9D2gId6DdgbgB6INMBqMIbwVfnuu6_zg==

GET
H2 200 120_90_main_-20220321184912.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
4 KB 19ms
17ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220321184912.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a7e8835c3e4eb9bc250602015331fc3ccf60a25f0753e928de1fdddedcabe9e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 10:56:28 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 10:49:26 GMT
server: AmazonS3
age: 21637
etag: "289a7f86b69574d66a5e83d2819aea63"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3237
x-amz-cf-id: vkTf9qMkAsAfAebXs6k6GygQ4QrYnRBW7Ks87rAgcZzNBzA2aTgm8g==

GET
H2 200 120_90_March-18_-20220318183323.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 3 KB
3 KB 19ms
16ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_March-18_-20220318183323.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8cec626787aa156963551b0ba64e42f743f668b5d804da96f5f1023323b826ed

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 10:33:25 GMT
server: AmazonS3
age: 48998
etag: "1d9d653dd56f75dc22676d2261b9194b"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Mon, 21 Mar 2022 03:20:28 GMT
x-amz-cf-pop: EWR52-C4
content-length: 3115
x-amz-cf-id: E9kkFNfA0xVwZd5rRomdIW1otrTc79Bx3j97--8nyBtNAVpJwl0dXg==

GET
H2 200 120_90_FULL-CMS_-20220318194741.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 3 KB
4 KB 19ms
17ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_FULL-CMS_-20220318194741.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52994d98fffdda7e5e42541e392120e68b13d35bf9f1e250a5d81c222ccfddff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 11:47:43 GMT
server: AmazonS3
age: 10459
etag: "4bcfbbd8e9b68bb2372b2ae544d1badc"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Mon, 21 Mar 2022 14:02:47 GMT
x-amz-cf-pop: EWR52-C4
content-length: 3284
x-amz-cf-id: rtS-rJOx1b__Hm5KbpN1II6NAzg4bO2WHajWbR1XOc9FhvlQpcXBaQ==

GET
H2 200 160_90_BV_PRIMA2_031822_FULL_-20220318223346.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 4 KB
4 KB 19ms
17ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/160_90_BV_PRIMA2_031822_FULL_-20220318223346.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dee4edb32836be3b8d85f03ceb6c798b6ef8d2b375f43f470793795c7c0da23e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 14:33:48 GMT
server: AmazonS3
age: 27010
etag: "1b130679d76b3d8e5aa2e1033f235511"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Mon, 21 Mar 2022 09:26:56 GMT
x-amz-cf-pop: EWR52-C4
content-length: 3999
x-amz-cf-id: MMvVhIzCggj4WW4N1fbOy1sDQce_6tw9l4UCogwAyKaYqlFi4KYkxw==

GET
H2 200 120_90_main_-20220321155120.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 4 KB
4 KB 20ms
16ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220321155120.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e720eb5099252b19bc76cbb21babfc9552a8bf89382c4198a708b495d5e10674

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 07:58:03 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 07:51:22 GMT
server: AmazonS3
age: 32343
etag: "b7c47a3ee80e5c7d801d7e4b6b5c6c40"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3676
x-amz-cf-id: Ne1lyhJNbAayjuKhX-7SqF_wcXsWclRaHU9lVX9OVcFac3WCbD9npA==

GET
H2 200 120_90_main_-20220321175616.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
4 KB 22ms
16ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220321175616.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d48d335361c7e5e7da891e6c53ca54a667c0efe39f95d4de2e735a4ca5d13eea

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 10:00:56 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 09:56:31 GMT
server: AmazonS3
age: 24970
etag: "e9bb50bef51f09ba6ac7e5ad2e98d6ae"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3403
x-amz-cf-id: T3Lv59EZKlNjRbTRve5pZ_sAtjjZd1sS9hjtXiXFFHjigqiyuDb2gQ==

GET
H2 200 120_90_PRESID_1-1_-20220321191417.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 2 KB
3 KB 22ms
17ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_PRESID_1-1_-20220321191417.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c10a991892672674ea382b3d77b4f86b77e27584aaaa5688c0dcae5ab167494

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 12:11:08 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 11:14:19 GMT
server: AmazonS3
age: 17158
etag: "c32da10e87b926d12ef01b3c00df5074"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 2303
x-amz-cf-id: w1m6fSCHwTS-_2IEOrCb0eRXiq6LB7gsmiD0v3oTWOysh0RGifBQSg==

GET
H2 200 120_90_CMS_-20220321182034.png
aphrodite.gmanetwork.com/entertainment/videos/images/ 26 KB
26 KB 22ms
17ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_CMS_-20220321182034.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf3553c5dcf34e4f0155cd05c476ffff193c91dd515c3c58ddb524302e344fc6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:05:28 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 10:20:36 GMT
server: AmazonS3
age: 21098
etag: "b7a8411dbcaf2dbfb1a98a4976792829"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 26602
x-amz-cf-id: 0h8ArHuKPEKbuXHE8mHGr6FnQ0YK33cYOS4I6zKFuXl634cE_0lMow==

GET
H2 200 120_90_family-feud-teaser_cms_-20220321140710.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 4 KB
4 KB 21ms
18ms Image
image/png 2600:9000:2120:2800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_family-feud-teaser_cms_-20220321140710.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 351e1c43ada4933f0ce798e36dcd083b67c4e94381ec95a7cd58e9152ca009da

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 06:15:33 GMT
via: 1.1 3e448edaccfd5c4d221d2d5f4ccf7622.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 06:07:12 GMT
server: AmazonS3
age: 38493
etag: "b85eca7d493f892d737ab1daec9b6321"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3661
x-amz-cf-id: dF_Mc78yd2HpXnBldPGo7ySuIhvCr6QdPUBrVBkVPxwQ7sKL-ZKGHg==

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 27ms
27ms XHR
text/plain 34.206.162.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=33840&t=1647881820&cip=149.56.153.178&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647881820919-953919478774-005576-007-004715&cha=0.7&stagid=&stplid=&d35=&d36=6.2.10&cb=78735694899&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.162.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-162-204.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 21 Mar 2022 16:57:05 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0679 590 KB
192 KB 20ms
19ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420912
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3E48 107 B
122 B 40ms
39ms Script
application/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4246 37 KB
13 KB 22ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0679 156 B
142 B 441ms
441ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_150&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=618861760528819&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3651058258&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881825607&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=4251939836447986&ged=ve4_td6_tt4_pd6_la6000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts1_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 25ms
25ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 21 Mar 2022 16:57:06 GMT
content-length: 0
server: ATS/9.1.0.33
access-control-allow-origin: https://www.gmanetwork.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 25ms
24ms Image
text/plain 34.206.162.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=33840&t=1647881820&cip=149.56.153.178&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647881820919-953919478774-005576-007-004715&cha=0.7&stagid=&stplid=&d35=&d36=6.2.10&cb=78735694899&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250&&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=request&cb=1647881826066&asid=617a4eb2cb2c5300c52fe8c3%2C60c9af0fd5b7d53516584abd%2C619e234c1859e5764139cfc7%2C61b306832a905336af1b6a4a%2C60f1355d86bbbf27bc755e24%2C61e8138f6988204b2f59bad4%2C60c5a06b11731011741c82a1%2C61f12d904c844c5c31329637%2C6006a7a93daa6c44f97e05c9%2C5eeb6e73b1cd041277302207%2C60c9bd699498f81096551f59%2C6006a79aba887464ff3c1ecc&ofpr=0.8%2C%2C%2C%2C%2C0.8%2C%2C%2C1.6%2C1%2C1.2%2C1.6&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.162.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-162-204.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:06 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
235 B 44ms
44ms XHR
text/plain 18.210.129.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=413b6839656078f3b2fb0daeedb6a046_1723163184&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1647881820919-953919478774-005576-007-004715&AV_DNTCHECK=1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&AV_PUBLISHERID=5eea0864e08b0760d33128ae&AV_CHANNELID=5f212d174b419e3bf16f66ad&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gmanetwork.com&AV_DADPOS=1&AV_PLACEMENT=1&d36=6.2.10&responsive=1&sver=2&avtoken=820793&AV_WIDTH=300&AV_HEIGHT=250&AV_DNT=0&cb=7881826065&tgt=0&&AV_VI=100&AV_VID=0&d4=3&d5=5
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.129.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-129-82.compute-1.amazonaws.com
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:06 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 10 Mar 2022 03:10:26 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205428/0/ 0
174 B 38ms
38ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Mon, 21 Mar 2022 16:57:06 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205427/0/ 0
174 B 33ms
32ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205427/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Mon, 21 Mar 2022 16:57:06 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
293 B 116ms
115ms XHR
text/plain 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
x-openrtb-version: 2.5
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Mon, 21 Mar 2022 16:57:06 GMT
access-control-allow-credentials: true
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
335 B 155ms
155ms XHR
application/json 104.94.205.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=733458&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2232ef630d24469dd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2233a033a3d7fd812%22%2C%22ext%22%3A%7B%22siteID%22%3A%22733458%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B300%2C250%5D%5D%2C%22w%22%3A300%2C%22h%22%3A250%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A0.8%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22vidcrunch.com%22%2C%22sid%22%3A%225eea0864e08b0760d33128ae%22%7D%5D%2C%22ver%22%3A%221.0%22%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-205-31.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ed1f899b187ee351a7ff37a95bdce7389e34079bccc38791f2ba72fc85a6b21a

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:06 GMT
x-ak-initial-geo: CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.178], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.gmanetwork.com
x-cs-client-geo: 19
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 19
expires: Mon, 21 Mar 2022 16:57:06 GMT

POST
H2 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
236 B 27ms
26ms XHR
text/plain 52.45.17.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-17-150.compute-1.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Mon, 21 Mar 2022 16:57:06 GMT
access-control-allow-credentials: true
server: SOMA
x-smt-sessionid: 8f6d9c97-3998-48a0-88bb-eaa460e34339
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 265 B
2 KB 115ms
69ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22378632601d58be4%22%3A%22eb3f4d8692b65578db80%7C%7Cf%3D1%22%7D&ref=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&s=878ee527-3f64-4f22-9f0f-f8db4c4aa29b&pv=506e999d-749f-4ec8-bc62-5907de3b857a&vp=mobile&lib_name=prebid&lib_v=6.11.0&us=5&ius=1&schain=%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22vidcrunch.com%22%2C%22sid%22%3A%225eea0864e08b0760d33128ae%22%7D%5D%2C%22ver%22%3A%221.0%22%2C%22complete%22%3A1%7D&coppa=0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

0de1c587cf04160461604378c508abda4d7215bd29bd06aac34d84c6ceac70d6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:06 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-60
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-type: application/json
content-length: 244
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 24ms
24ms Image
text/plain 34.206.162.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=33840&t=1647881820&cip=149.56.153.178&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647881820919-953919478774-005576-007-004715&cha=0.7&stagid=&stplid=&d35=&d36=6.2.10&cb=78735694899&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250&&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=bid&cb=1647881826237&asid=60c9af0fd5b7d53516584abd%2C619e234c1859e5764139cfc7%2C61b306832a905336af1b6a4a%2C60f1355d86bbbf27bc755e24%2C60c5a06b11731011741c82a1%2C61f12d904c844c5c31329637&ofpr=%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.162.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-162-204.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:06 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 76D5 590 KB
192 KB 20ms
20ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3E48 107 B
122 B 50ms
49ms Script
application/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D884 37 KB
13 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 33E1 590 KB
192 KB 19ms
19ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C007 590 KB
192 KB 20ms
19ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8C18 590 KB
192 KB 20ms
20ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 69B0 590 KB
192 KB 19ms
19ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 522C 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4248 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0CF7 37 KB
13 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7171 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 76D5 156 B
142 B 450ms
449ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_8&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4439823407222829&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2918382769&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881826977&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=2609191328890221&ged=ve4_td7_tt5_pd7_la7000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts1_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 33E1 156 B
142 B 425ms
424ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_6&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=902326403892546&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3885195076&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881826994&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=4201916284618944&ged=ve4_td7_tt5_pd7_la7000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C007 156 B
142 B 374ms
373ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3510237896984115&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=1489693486&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881827005&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=958737051597696&ged=ve4_td7_tt5_pd7_la7000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8C18 156 B
142 B 304ms
304ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3047364963652278&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=77214615&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881827015&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=4354839524871917&ged=ve4_td7_tt5_pd7_la7000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 69B0 156 B
142 B 406ms
405ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_250&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=839986752195560&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3651058258&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881827026&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=1383721786391249&ged=ve4_td7_tt5_pd7_la7000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 27ms
26ms XHR
text/plain 34.206.162.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=33840&t=1647881820&cip=149.56.153.178&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647881820919-953919478774-005576-007-004715&cha=0.7&stagid=&stplid=&d35=&d36=6.2.10&cb=78735694899&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.162.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-162-204.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 21 Mar 2022 16:57:07 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D0AE 590 KB
192 KB 20ms
19ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420914
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3E48 107 B
122 B 40ms
39ms Script
application/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 51BD 37 KB
13 KB 24ms
20ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D0AE 156 B
142 B 379ms
378ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_150&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=66890941224048&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3651058258&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881827619&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=3791782093099241&ged=ve4_td8_tt6_pd8_la8000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts1_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 26ms
25ms Preflight 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 21 Mar 2022 16:57:08 GMT
content-length: 0
server: ATS/9.1.0.33
access-control-allow-origin: https://www.gmanetwork.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 28ms
27ms Image
text/plain 34.206.162.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=33840&t=1647881820&cip=149.56.153.178&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647881820919-953919478774-005576-007-004715&cha=0.7&stagid=&stplid=&d35=&d36=6.2.10&cb=78735694899&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250&&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=request&cb=1647881828015&asid=617a4eb2cb2c5300c52fe8c3%2C60c9af0fd5b7d53516584abd%2C619e234c1859e5764139cfc7%2C61b306832a905336af1b6a4a%2C60f1355d86bbbf27bc755e24%2C61e8138f6988204b2f59bad4%2C61f12d904c844c5c31329637%2C60c5a06b11731011741c82a1%2C5eeb6e73b1cd041277302207%2C6006a7a93daa6c44f97e05c9%2C60c9bd699498f81096551f59%2C6006a79aba887464ff3c1ecc&ofpr=0.8%2C%2C%2C%2C%2C0.8%2C%2C%2C1%2C1.6%2C1.2%2C1.6&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.162.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-162-204.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
235 B 60ms
60ms XHR
text/plain 18.210.129.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=413b6839656078f3b2fb0daeedb6a046_1723163184&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1647881820919-953919478774-005576-007-004715&AV_DNTCHECK=1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&AV_PUBLISHERID=5eea0864e08b0760d33128ae&AV_CHANNELID=5f212d174b419e3bf16f66ad&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gmanetwork.com&AV_DADPOS=1&AV_PLACEMENT=1&d36=6.2.10&responsive=1&sver=2&avtoken=820793&AV_WIDTH=300&AV_HEIGHT=250&AV_DNT=0&cb=7881828014&tgt=0&&AV_VI=100&AV_VID=0&d4=4&d5=7
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.129.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-129-82.compute-1.amazonaws.com
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:08 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 10 Mar 2022 03:10:28 GMT

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 265 B
2 KB 58ms
58ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2239d0ff178e4a57c%22%3A%22eb3f4d8692b65578db80%7C%7Cf%3D1%22%7D&ref=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&s=d72255b1-9efa-4354-ab9e-5164552d1e52&pv=506e999d-749f-4ec8-bc62-5907de3b857a&vp=mobile&lib_name=prebid&lib_v=6.11.0&us=5&ius=1&schain=%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22vidcrunch.com%22%2C%22sid%22%3A%225eea0864e08b0760d33128ae%22%7D%5D%2C%22ver%22%3A%221.0%22%2C%22complete%22%3A1%7D&coppa=0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

0747ea5732e6b6b5fcc4759cfc0899009a050520bbdd743208577fb813c1d0db

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:08 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-60
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-type: application/json
content-length: 246
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
293 B 84ms
83ms XHR
text/plain 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
x-openrtb-version: 2.5
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Mon, 21 Mar 2022 16:57:08 GMT
access-control-allow-credentials: true
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205427/0/ 0
174 B 27ms
27ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205427/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Mon, 21 Mar 2022 16:57:08 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
236 B 27ms
27ms XHR
text/plain 52.45.17.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-17-150.compute-1.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Mon, 21 Mar 2022 16:57:08 GMT
access-control-allow-credentials: true
server: SOMA
x-smt-sessionid: cd983890-e13d-4c72-93ba-5bfa9e6bc933
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205428/0/ 0
174 B 28ms
27ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Mon, 21 Mar 2022 16:57:08 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
335 B 177ms
176ms XHR
application/json 104.94.205.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=733458&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2248fd41945410ef3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249df6a3a9180d3f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22733458%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B300%2C250%5D%5D%2C%22w%22%3A300%2C%22h%22%3A250%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A0.8%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22vidcrunch.com%22%2C%22sid%22%3A%225eea0864e08b0760d33128ae%22%7D%5D%2C%22ver%22%3A%221.0%22%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-205-31.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 42c8ccc6358e4d1636a325a5405a8fa86e598407ff911ff5f2097b12d745efe1

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:08 GMT
x-ak-initial-geo: CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.178], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.gmanetwork.com
x-cs-client-geo: 19
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 19
expires: Mon, 21 Mar 2022 16:57:08 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 25ms
24ms Image
text/plain 34.206.162.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=33840&t=1647881820&cip=149.56.153.178&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647881820919-953919478774-005576-007-004715&cha=0.7&stagid=&stplid=&d35=&d36=6.2.10&cb=78735694899&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250&&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=bid&cb=1647881828221&asid=60c9af0fd5b7d53516584abd%2C619e234c1859e5764139cfc7%2C61b306832a905336af1b6a4a%2C60f1355d86bbbf27bc755e24%2C61f12d904c844c5c31329637%2C60c5a06b11731011741c82a1&ofpr=%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.162.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-162-204.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5FAE 590 KB
192 KB 31ms
31ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3E48 107 B
122 B 39ms
38ms Script
application/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 42EA 590 KB
192 KB 21ms
19ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 38B1 590 KB
192 KB 22ms
19ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame DE6E 590 KB
192 KB 20ms
19ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 958D 590 KB
192 KB 20ms
20ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3CFC 37 KB
13 KB 22ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 503F 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 229C 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H/1.1

200
OK

adnxs
sync.sharethis.com/ Frame B444
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.sharethis.com%2Fadnxs%3Fuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://sync.sharethis.com/adnxs?uid=8459286220222525158&gdpr=0&gdpr_consent=

42 B
297 B

36ms
36ms

Image
image/gif

13.59.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/adnxs?uid=8459286220222525158&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

13.59.214.99 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

49.246.178.107.bc.googleusercontent.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Mon, 21 Mar 2022 16:57:08 GMT
Content-Length: 42
Stid: ZHAABWI4rlsAAAAIGjlcAw==
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 21 Mar 2022 16:57:08 GMT
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: cc450179-1cc6-4953-9ca4-961c4ea5c124
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.sharethis.com/adnxs?uid=8459286220222525158&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame B444
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2326&gdpr=0&gdpr_consent=&partner_device_id=ZHAABWI4rlsAAAAIGjlcAw%3D%3D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2c213d02-d0eb-46e8-83a8-211dec9f9486%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=735904f1-e50d-418d-88c3-0192d4f4b2df&ttd_puid=2c213d02-d0eb-46e8-83a8-211dec9f9486%2C

95 B
430 B

41ms
40ms

Image
image/png

107.178.246.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=735904f1-e50d-418d-88c3-0192d4f4b2df&ttd_puid=2c213d02-d0eb-46e8-83a8-211dec9f9486%2C

Protocol

Server

107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:08 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:57:08 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=735904f1-e50d-418d-88c3-0192d4f4b2df&ttd_puid=2c213d02-d0eb-46e8-83a8-211dec9f9486%2C
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 353

GET
H/1.1

200

3.gif
id5-sync.com/c/121/3/0/ Frame B444
Redirect Chain

https://id5-sync.com/s/121/2.gif?puid=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/121/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/121/2/1/2.gif?puid=8459286220222525158&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOJUDtRQ3K-Op_M03T4WbPEgk1XT8Y9jDI_pyHqQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F121%2F3%2F0%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/121/3/0/3.gif?puid=08f46238-ae5d-4800-8e4f-69c1c3fe0652&gdpr=0&gdpr_consent=

43 B
1 KB

98ms
97ms

Image
image/gif

54.36.109.183
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/121/3/0/3.gif?puid=08f46238-ae5d-4800-8e4f-69c1c3fe0652&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

54.36.109.183 , France, ASN16276 (OVH, FR),

Reverse DNS

p08.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:09 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Date: Mon, 21 Mar 2022 16:57:09 GMT
Server: MT3 4267 dd20a5c master iad-pixel-x4 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://id5-sync.com/c/121/3/0/3.gif?puid=08f46238-ae5d-4800-8e4f-69c1c3fe0652&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 21 Mar 2022 16:57:08 GMT

GET
H/1.1

200
OK

52233
i6.liadm.com/s/ Frame B444
Redirect Chain

https://aa.agkn.com/adscores/r.pixel?sid=9212270798&puid=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&gdpr=0&gdpr_consent=
https://i.liadm.com/s/52233?bidder_id=100905&bidder_uuid=205020204097010366541
https://i.liadm.com/s/52233?bidder_id=100905&bidder_uuid=205020204097010366541&_li_chk=true&previous_uuid=5c85c2c172c24f20a0d73baaf2412958
https://i6.liadm.com/s/52233?bidder_id=100905&bidder_uuid=205020204097010366541

43 B
419 B

75ms
24ms

Image
image/gif

2600:1f18:444a:4602:9c05:7f25:f6a5:7205

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/52233?bidder_id=100905&bidder_uuid=205020204097010366541

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:9c05:7f25:f6a5:7205 -, , ASN (),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:09 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/52233?bidder_id=100905&bidder_uuid=205020204097010366541
Date: Mon, 21 Mar 2022 16:57:08 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

33141
tags.bluekai.com/site/ Frame B444
Redirect Chain

https://pixel.onaudience.com/?partner=138&gdpr=0&gdpr_consent=&mapped=ZHAABWI4rlsAAAAIGjlcAw%3D%3D
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=2ed87245b9b3dfa3fc2a2dbfbf275d45&gdpr=0
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=18aeb857f3ec25f2

62 B
583 B

92ms
91ms

Image
image/gif

184.85.195.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=18aeb857f3ec25f2
Protocol: HTTP/1.1
Server: 184.85.195.135 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-85-195-135.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 16:57:09 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=18aeb857f3ec25f2
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame B444
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

37ms
36ms

Image
image/gif

13.59.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Protocol

HTTP/1.1

Server

13.59.214.99 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Mon, 21 Mar 2022 16:57:08 GMT
Content-Length: 42
Stid: ZHAABWI4rlsAAAAIGjlcAw==
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Date: Mon, 21 Mar 2022 16:57:08 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

adobe
sync.sharethis.com/ Frame B444
Redirect Chain

https://dpm.demdex.net/ibs:dpid=600901&dpuuid=ZHAABWI4rlsAAAAIGjlcAw%3D%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.sharethis.com%2Fadobe%3Fuid%3D%24%7BDD_UUID%7D%26_rand%3D1647881828556
https://sync.sharethis.com/adobe?uid=19690418951726238072852260621404612550&_rand=1647881828556

42 B
297 B

36ms
36ms

Image
image/gif

13.59.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/adobe?uid=19690418951726238072852260621404612550&_rand=1647881828556

Protocol

HTTP/1.1

Server

13.59.214.99 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Mon, 21 Mar 2022 16:57:08 GMT
Content-Length: 42
Stid: ZHAABWI4rlsAAAAIGjlcAw==
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-usw2-1-v027-0256bf906.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: JEK6OvAQRQU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.sharethis.com/adobe?uid=19690418951726238072852260621404612550&_rand=1647881828556
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0491 37 KB
13 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CE5A 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 5FAE 156 B
142 B 250ms
249ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_8&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1685317282744057&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3651058258&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881829238&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=179206119272833&ged=ve4_td9_tt7_pd9_la9000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts1_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 42EA 156 B
142 B 362ms
361ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_6&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2153105858949768&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3409139524&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881829249&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=469019346054750&ged=ve4_td9_tt7_pd9_la9000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 38B1 156 B
142 B 436ms
434ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=23905769058980&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=1377227870&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881829260&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=1778794729109892&ged=ve4_td9_tt7_pd9_la9000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DE6E 156 B
142 B 390ms
389ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=466307406032558&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2553163485&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881829270&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=4235870109253993&ged=ve4_td9_tt7_pd9_la9000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 958D 156 B
142 B 297ms
296ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_250&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3480100802066168&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2855324650&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881829280&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=3475857920750880&ged=ve4_td9_tt7_pd9_la9000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 16:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 26ms
26ms XHR
text/plain 34.206.162.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=33840&t=1647881820&cip=149.56.153.178&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647881820919-953919478774-005576-007-004715&cha=0.7&stagid=&stplid=&d35=&d36=6.2.10&cb=78735694899&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.162.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-162-204.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 21 Mar 2022 16:57:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C0CA 590 KB
192 KB 21ms
20ms Document
text/html 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:01:53 GMT
expires: Thu, 16 Mar 2023 20:01:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 19:55:55 GMT
content-type: text/html
age: 420916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3E48 107 B
122 B 41ms
40ms Script
application/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 16:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1482 37 KB
13 KB 22ms
19ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Mar 2022 16:59:35 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C0CA 156 B
142 B 411ms
411ms XHR
text/xml 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_150&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3484279421348103&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3651058258&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=5E505E0E-28F4-4E9B-999D-B11863A5FA05&nel=0&eid=44737473%2C44758374&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647881829985&cookie=ID%3Df9763bec6493fc4a-22e7b35fefd1002c%3AT%3D1647881817%3AS%3DALNI_Ma6WxE_KKIEAyyowiEYLeQyLD5uPA&scor=3945938790189577&ged=ve4_td10_tt8_pd10_la10000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts1_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS