www.gmanetwork.com Open in urlscan Pro
54.230.162.91 Public Scan

URL: https://twitter.com/gmanetwork

URL: https://instagram.com/gmanetwork

URL: https://youtube.com/gmanetwork

URL: http://facebook.com/gmanetwork

URL: http://twitter.com/gmanetwork

URL: http://instagram.com/gmanetwork

URL: http://youtube.com/gmanetwork

URL: http://careers.gmanetwork.com/
Title: Careers

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lnk.ozy.com/click/gb01-2ik8sk-x5ng6e-ftyolgz6/ HTTP 302
https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 131

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1647613912663.38693&hostname=www.gmanetwork.com&location=%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&title=How%20and%20where%20did%20the%20Oktoberfest%20originate%3F%20%7C%20GMA%20Entertainment&sop=false&description=Why%20is%20it%20celebrated%20in%20October%3F%20You%20may%20ask.%20Find%20out%20HERE%3A HTTP 301
https://l.sharethis.com/sc?event=pview&version=buttons.js&lang=en&sessionID=1647613912663.38693&hostname=www.gmanetwork.com&location=%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&title=How%20and%20where%20did%20the%20Oktoberfest%20originate%3F%20%7C%20GMA%20Entertainment&sop=false&description=Why%20is%20it%20celebrated%20in%20October%3F%20You%20may%20ask.%20Find%20out%20HERE%3A&samesite=None

Request Chain 150

https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssFlbcze_pRvtklKiur36GNN-LmPQqkGbUB4V_5hX1Ua5UV9BtEuSf7hvCrvq8QL4qB6NyEhxMi-9DTj0e_6OwPEg0HUZ-YWQm9n9kin8zeJ3jOe1c6_Zw7FudypN1bRLTX5mOPnUD0eiynv1oo_vtcbR8gkzdL1K1wemKz5Xq2h-UuY4GAV5QSvvSIuqsEecFlacN2HT6SSPzUpTsAupSQcYmJeVQNRKh17mbstYrzdEoRfjJorIq_hQX_aMG5RkIqlQozJo6IdGu3ZD5hZX5JLnLbMzos8nbT-_uMjz0K8qzSTylbK97ulyChBirZMCjLLU7UJ2hxyWk&sai=AMfl-YSBVRi8AviM-MMBwpuD-QuUS0XvAJ86maH8hBMtcVOrjbKESY67BBNX6BPbL8aN-3dqLqaW3zGT-g6q_KvIfNPdP_wBzD8zffve-BMNbfOM4fqXUcqigR0HC1_jYC1E&sig=Cg0ArKJSzABlmx4d_cl6EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js HTTP 302
https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js

Request Chain 161

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 188

https://idsync.rlcdn.com/420046.gif?partner_uid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQEhPT3M0UDcxWEhGcDRuQ3Y0V1FEc0NadWV2WW1uTjVCcTVqelBVX3lUeEJXYmhFSXpvVk1nbUFLTXhmcDRmaVMQABoNCNqv0pEGEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=6547a7002bcf01f20f639737947ea2af7494b2188f53d2c317137056cb882d5c791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2NTQ3YTcwMDJiY2YwMWYyMGY2Mzk3Mzc5NDdlYTJhZjc0OTRiMjE4OGY1M2QyYzMxNzEzNzA1NmNiODgyZDVjNzkxNDI2YjU0MTdkY2UyMRAAGgwI2q_SkQYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2NTQ3YTcwMDJiY2YwMWYyMGY2Mzk3Mzc5NDdlYTJhZjc0OTRiMjE4OGY1M2QyYzMxNzEzNzA1NmNiODgyZDVjNzkxNDI2YjU0MTdkY2UyMRAAGgwI2q_SkQYSBAgCEABCAEoA&google_gid=CAESEAQ9hnj5MMy36tumSXQOe2o&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=df6fe177-892b-4dc9-b7fd-3b494c164dc5

Request Chain 190

https://b1sync.zemanta.com/usersync/outbrain/?puid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&s=2&us_privacy=1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=7njEWzLJ9MvebDLMaMLC&gdpr=0&us_privacy=1---

Request Chain 191

https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dappnexus%26uid%3D%24UID%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS HTTP 302
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=3963323398845382505&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS

Request Chain 192

https://dpm.demdex.net/ibs:dpid=133726&dpuuid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&gdpr=0&gdpr_pd=1&gdpr_consent=

Request Chain 194

https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://sync.outbrain.com/cookie-sync?p=ttd&uid=60aef7da-d3ee-450f-9043-2b25dc5ed8ad

Request Chain 197

https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS HTTP 302
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=ff6a1422-97f5-4e8f-8d22-9a5441b0e269

Request Chain 198

https://x.bidswitch.net/sync?ssp=outbrain&user_id=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=outbrain&bsw_custom_parameter=28336e19-f04a-42ba-a8e3-32940fcbf9f4 HTTP 302
https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=4db720f8-f2c1-4d3f-a7af-9066333eca2d&ssp=outbrain&bsw_param=28336e19-f04a-42ba-a8e3-32940fcbf9f4 HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=28336e19-f04a-42ba-a8e3-32940fcbf9f4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKBnfdBxlAdQ3roDOTmXYBc&google_cver=1 HTTP 302
https://sofia.trustx.org/sync?tp_id=1&tp_uid=28336e19-f04a-42ba-a8e3-32940fcbf9f4&ssp_custom_data= HTTP 302
https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=28336e19-f04a-42ba-a8e3-32940fcbf9f4&ssp_custom_data=

Request Chain 201

https://dsp.adfarm1.adition.com/cookie/?ssp=25 HTTP 302
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7076447877075237008

Request Chain 202

https://ps.eyeota.net/match?bid=1mpn7m0&uid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS HTTP 302
https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS

Request Chain 204

https://creativecdn.com/cm-notify?pi=outbrain HTTP 302
https://creativecdn.com/cm-notify?pi=outbrain&tc=1 HTTP 302
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=sHId1ieHY03i2hYsLy5F&pi=outbrain&tc=1

Request Chain 205

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268 HTTP 302
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L0WIS8MA-1D-APDF

Request Chain 208

https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS HTTP 302
https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&xl8blockcheck=1 HTTP 302
https://idsync.rlcdn.com/397416.gif?partner_uid=ba003d8a2caa47b4e68eea8a765591d4 HTTP 307
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=c329367f-ce73-4f31-a378-805130525f46

Request Chain 209

https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&s=193091&C=1 HTTP 302
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS

Request Chain 210

https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&__user_check__=1&sync_id=2869106f-a6c8-11ec-8552-1c1b615a0503 HTTP 302
https://sync.outbrain.com/cookie-sync?p=spotx&uid=28690ff1-a6c8-11ec-8552-1c1b615a0503&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS

Request Chain 211

https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS%2526uid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS%2526uid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkFDOEU5RDYtQURCRi00NzU1LUIwRjQtQTlBQTcxQjAyQzJD&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS%26uid%3DFAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C HTTP 302
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&uid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C

Request Chain 212

https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS%26uid%3D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS%26uid%3D HTTP 302
https://sync.outbrain.com/cookie-sync?p=openx&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&uid=26fe601e-7cda-44ad-9f6e-520fb172f9b5

Request Chain 213

https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP28783839-a6c8-11ec-8ca3-0e9024a78271 HTTP 302
https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP28783839-a6c8-11ec-8ca3-0e9024a78271&verify=true HTTP 302
https://sync.outbrain.com/cookie-sync?p=oath&uid=UP28783839-a6c8-11ec-8ca3-0e9024a78271

Request Chain 214

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS%0A HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS%0A&b64_redirect=aHR0cHM6Ly9zeW5jLm91dGJyYWluLmNvbS9jb29raWUtc3luYz9wPWVteCZ1aWQ9JEVNWFVJRCZvYlVpZD1IT09zNFA3MVhIRnA0bkN2NFdRRHNDWnVldlltbk41QnE1anpQVV95VHhCV2JoRUl6b1ZNZ21BS014ZnA0ZmlTCg==

Request Chain 215

https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS HTTP 302
https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS HTTP 302
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=ab2217ff-d085-4027-96d0-a1e95c63339e&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS

Request Chain 216

https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%24%7BUSER%7D%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&zcc=1&cb=1647613914585 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=885891271 HTTP 302
https://sync.1rx.io/usersync/tradedesk/0a5af0c9-0c57-49a6-993a-f55dc5b2e711 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b0a481a5-940b-4179-b52d-708c6a52647f-005?redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3DRX-b0a481a5-940b-4179-b52d-708c6a52647f-005%26obUid%3D%24D HTTP 302
https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-b0a481a5-940b-4179-b52d-708c6a52647f-005&obUid=$D

Request Chain 218

https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS%26gdpr%3D$GDPR_APPLIES%26gdpr_consent%3D$CONSNT_STRING HTTP 302
https://sync.outbrain.com/cookie-sync?p=smart&uid=7657049583729428286&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING

Request Chain 219

https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-TFnfEixE2uH42bZ5M6KObsa9ySGTwXEEk2esim8-~A&gdpr=0&gdpr_consent=

Request Chain 221

https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS HTTP 307
https://sync.outbrain.com/cookie-sync?p=synacor&uid=E801134CDB7A4163B1FBF08B82384B89&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS

Request Chain 222

https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS%26uid%3D%7BUSER_ID%7D HTTP 302
https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&uid=e3bc8aed-d5a0-4f8b-9d0c-f6bd11a6c54f

Request Chain 224

https://id.rlcdn.com/711945.gif?cparams=obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS HTTP 307
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS

Request Chain 228

https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync.sharethis.com/int/lotame?uid=ccbe94808fa408f00a2256f57b85293d&gdpr=0&gdpr_consent=

Request Chain 229

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=0a5af0c9-0c57-49a6-993a-f55dc5b2e711&gdpr=0&gdpr_consent=

Request Chain 230

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2ac-qROTY4YvvVp5U2pDGBvruo8Se-6I-ew5sRRxQyAM&gdpr=0&gdpr_consent=

Request Chain 231

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3625877832821899277 HTTP 307
https://ml314.com/csync.ashx?fp=6aa36b25864125fd5b03669b3a5d5ff79c5741208ea311f461a37ad3271b6acdf4cb09cee1a4f8eb&person_id=3625877832821899277&eid=50082

Request Chain 232

https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&_rand=1647613914030 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&_rand=1647613914030&_expected_cookie=abe5777416ec8c9642d374ae2d981dbb HTTP 302
https://sync.sharethis.com/drawbridge?uid=abe5777416ec8c9642d374ae2d981dbb

Request Chain 235

https://idsync.rlcdn.com/711123.html?partner_uid=7fa6c323-ab70-4dee-80a8-f4978dc45754 HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=6547a7002bcf01f20f639737947ea2af7494b2188f53d2c317137056cb882d5c791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2NTQ3YTcwMDJiY2YwMWYyMGY2Mzk3Mzc5NDdlYTJhZjc0OTRiMjE4OGY1M2QyYzMxNzEzNzA1NmNiODgyZDVjNzkxNDI2YjU0MTdkY2UyMRAAGgwI2q_SkQYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2NTQ3YTcwMDJiY2YwMWYyMGY2Mzk3Mzc5NDdlYTJhZjc0OTRiMjE4OGY1M2QyYzMxNzEzNzA1NmNiODgyZDVjNzkxNDI2YjU0MTdkY2UyMRAAGgwI2q_SkQYSBAgCEABCAEoA&google_gid=CAESEAQ9hnj5MMy36tumSXQOe2o&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=06fea937-4e0c-4fc2-84e4-f8f064f69cdf

Request Chain 281

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1647613914073-944497590674-005932-010-006390&biddername=22&key=ab2217ff-d085-4027-96d0-a1e95c63339e

Request Chain 283

https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D18%26key%3D%24UID HTTP 307
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D18%26key%3D%24UID&sovrn_retry=true HTTP 307
https://sync.aniview.com/cookiesyncendpoint?auid=1647613914073-944497590674-005932-010-006390&biddername=18&key=2723a4761fb760d58d3672c9

Request Chain 302

https://c1.adform.net/serving/cookie/match?party=14&cid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C

Request Chain 303

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YjSX2wABx7NfAwA- HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjSX2wABx7NfAwA-&gdpr=0&gdpr_consent=&_test=YjSX2wABx7NfAwA-

Request Chain 304

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0b696234-97db-4f00-a083-8220846437ea&gdpr=0&gdpr_consent=

Request Chain 305

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEU2lFN0VhVEFBQURJbmlMbjE2QQ&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADSiE7EaTAAADIniLn16A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7657049583729428286 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADSiE7EaTAAADIniLn16A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7657049583729428286%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
https://match.prod.bidr.io/cookie-sync?userid=7657049583729428286&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADSiE7EaTAAADIniLn16A&pid=558502&do=add HTTP 303
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADSiE7EaTAAADIniLn16A&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7657049583729428286%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 307
https://match.prod.bidr.io/cookie-sync?userid=7657049583729428286&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADSiE7EaTAAADIniLn16A

Request Chain 307

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-sjp1q2_R1Ww9KmqcbAsLA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 308

https://idsync.rlcdn.com/420486.gif?partner_uid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C HTTP 307
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=c329367f-ce73-4f31-a378-805130525f46

Request Chain 309

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1c9e6234-97db-4f00-9fba-d330956747e1

Request Chain 310

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHdmPG8EN-r5NX3giTgN42Y&google_cver=1

Request Chain 311

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:EEB88CDD63424B968D1B7A629B2300F6

Request Chain 312

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7529550527526254281&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 313

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0a5af0c9-0c57-49a6-993a-f55dc5b2e711

Request Chain 315

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-14iHNuBE2uVLgtOJJltqx044Uz3cKcY-~A&gdpr=0&gdpr_consent=

Request Chain 316

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3963323398845382505&gdpr=0&gdpr_consent=

Request Chain 337

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=58816f58-2d20-4ad5-9d49-7cb5d9673ff9&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ZTJoVm1zY1U4d0dvU1FsRWFySEt2UQ&gdpr=&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEHLybnwTi__jBhmU_l8KjeA&google_cver=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=8cckDbCdaDqj

Request Chain 338

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=f79d8a858b&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us.gif?nw=td&nuid=0a5af0c9-0c57-49a6-993a-f55dc5b2e711&pubid=f79d8a858b HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=58816f58-2d20-4ad5-9d49-7cb5d9673ff9 HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=58816f58-2d20-4ad5-9d49-7cb5d9673ff9&ckls=true&ci=PzJVJALCOj&nc=false&trid=1418615634 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D570392714%26rnd%3D1110151257%26pcid%3D%23PMUID HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=72fdc2909d041202&is_secure=true&networkId=17100&version=1&nuid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGZdLpNSzLdQNodip7AAAAAAA&expiration=1647700316&nuid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=SxWn8EQQ8PxQRqb8REG58B8SoPRQQfemGEENF7my HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=570392714&rnd=1110151257&pcid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%3B1402230080%26rnd%3D-1480014151&pcid=$UID HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714;1402230080&rnd=-1480014151&pcid=3963323398845382505 HTTP 302
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%26rnd%3D-629170180%26pcid%3D HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=570392714;1402230080;1709765917&rnd=-629170180&pcid=614aafa9-4f72-41a2-b864-9681e5817d8b HTTP 302
https://ce.lijit.com/merge?pid=8101&3pid=PzJVJALCOj&location=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%26rnd%3D1647388477%26pcid%3D%5BSOVRNID%5D HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=570392714;1402230080;1709765917;1486637409&rnd=1647388477&pcid=2723a4761fb760d58d3672c9 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D570392714%3B1402230080%3B1709765917%3B1486637409%3B396218182%26rnd%3D1989196616%26pcid%3D%24SPOTX_USER_ID HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182&rnd=1989196616&pcid=28690ff1-a6c8-11ec-8552-1c1b615a0503

Request Chain 339

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050710537140539

Request Chain 340

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dsonobi%26bsw_param%3D28336e19-f04a-42ba-a8e3-32940fcbf9f4%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=f8d88e95ec4b4d88a2588f0fded79144&ssp=sonobi&bsw_param=28336e19-f04a-42ba-a8e3-32940fcbf9f4&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=28336e19-f04a-42ba-a8e3-32940fcbf9f4

Request Chain 341

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=1c9e6234-97db-4f00-9fba-d330956747e1

Request Chain 353

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPDk9jfbTFMsPXiBHpc7nng&google_cver=1

Request Chain 354

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB&dcc=t

Request Chain 355

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0a5af0c9-0c57-49a6-993a-f55dc5b2e711&expiration=1650205916&gdpr=0&gdpr_consent=

Request Chain 356

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjSX2nH7TP6LsH08QceQ3wAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEHCfUI0alhQwmDJXde0pOg&google_cver=1

Request Chain 357

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7009003161603226719&uid=Q7009003161603226719&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7009003161603226719

Request Chain 358

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB

Request Chain 359

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://stags.bluekai.com/site/23178?id=7njEWzLJ9MvebDLMaMLC&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2N3ONJCVO6SMJI4U25TFMJCEYTLBJVGEG HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2N3ONJCVO6SMJI4U25TFMJCEYTLBJVGEG HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=7njEWzLJ9MvebDLMaMLC

Request Chain 360

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7529550527526254281

Request Chain 368

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gmanetwork.com%2F&domain=www.gmanetwork.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=AyHGj3xoVGljM0hnT05EdlhCZ1VtQ2ZEZm1CVDhjamRrYURLQXJ3emtGZTZwb1d4QTIxdFpjVWZ0R3BhV2IzN054UXk0QWsrZDB0dm1VSklMbzlSb2tTZHA1TUxHWFdwRktIeHNTSENZM3BrVE1UT3RaRVhZQ1QyTHEvbVJjOGNmRkhKdWsxZ2Y1NTdGTmsyRHNnYVFuMDQrTjNwK21SUitMZ2wvZWF2WXdrdlByOEZlNFI4bGVHQVdNNHRzVmhtenVCMy81UU91d1h6amJ2cGgxNldTQThaQUMzYk8rekxzK0JtaS9Wc0FldnBlWHBJPXw&cppv=2

Request Chain 482

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.sharethis.com%2Fadnxs%3Fuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync.sharethis.com/adnxs?uid=3963323398845382505&gdpr=0&gdpr_consent=

Request Chain 483

https://pixel.tapad.com/idsync/ex/receive?partner_id=2326&gdpr=0&gdpr_consent=&partner_device_id=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2326&gdpr=0&gdpr_consent=&partner_device_id=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=27c02b2a-5e72-4526-86d7-90fccde5848e%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0a5af0c9-0c57-49a6-993a-f55dc5b2e711&ttd_puid=27c02b2a-5e72-4526-86d7-90fccde5848e%2C

Request Chain 484

https://id5-sync.com/s/121/2.gif?puid=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/121/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/121/2/1/2.gif?puid=3963323398845382505&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO1mQJeNaj9clK-_u7qDQO2MezNoBxdoDV89C0-g&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F121%2F3%2F0%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/121/3/0/3.gif?puid=1c9e6234-97db-4f00-9fba-d330956747e1&gdpr=0&gdpr_consent=

Request Chain 485

https://aa.agkn.com/adscores/r.pixel?sid=9212270798&puid=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://i.liadm.com/s/52233?bidder_id=100905&bidder_uuid=214250604094262529743 HTTP 303
https://i.liadm.com/s/52233?bidder_id=100905&bidder_uuid=214250604094262529743&_li_chk=true&previous_uuid=00988a001cd641a290c9abab219537cd HTTP 303
https://i6.liadm.com/s/52233?bidder_id=100905&bidder_uuid=214250604094262529743

Request Chain 486

https://pixel.onaudience.com/?partner=138&gdpr=0&gdpr_consent=&mapped=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ba003d8a2caa47b4e68eea8a765591d4&gdpr=0 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=9c4750a062fdab31

Request Chain 487

https://tags.bluekai.com/site/59574?id=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 488

https://dpm.demdex.net/ibs:dpid=600901&dpuuid=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.sharethis.com%2Fadobe%3Fuid%3D%24%7BDD_UUID%7D%26_rand%3D1647613922192 HTTP 302
https://sync.sharethis.com/adobe?uid=21203634011106379221682371585778724831&_rand=1647613922192

573 HTTP transactions
-26 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request story Show response
www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/
Redirect Chain

http://lnk.ozy.com/click/gb01-2ik8sk-x5ng6e-ftyolgz6/
https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Cam...

278 KB
62 KB

4368ms
3777ms

Document
text/html

54.230.162.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.162.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-162-91.ewr53.r.cloudfront.net
Software: eqmod_httpd v1.0 (author: mon sarmiento) /
Resource Hash: adada4a530b7c718d59a9a11a7af75b20e6ab96c694c09a56d4d9b512c1ebfb5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

content-type: text/html; charset=UTF-8
content-length: 62772
date: Fri, 18 Mar 2022 14:31:47 GMT
expires: Sat, 01 Jan 2000 00:00:01 GMT
last-modified: Fri, 18 Mar 2022 14:31:47 GMT
content-encoding: gzip
server: eqmod_httpd v1.0 (author: mon sarmiento)
access-control-allow-origin: www.gmanetwork.com
access-control-allow-methods: POST, OPTIONS, GET, PUT
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With
p3p: CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
access-control-max-age: 1
cache-control: max-age=120, public
etag: "1647642707"
x-elapsed-time: 189876 microseconds
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-amz-cf-id: TmvhuC1ZYH4_iE67FjS91h3MXc9bZCBMLFkyNL1HhvcyU8qefB_qbw==

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Server: TRK03
Refresh: 0; URL=https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Date: Fri, 18 Mar 2022 14:31:45 GMT
Content-Length: 354

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 85ms
34ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-242242-18

Requested by

Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1aa353f234fd0b3221c21317acc989f6206278ed212c2feb3b5c1a86569ab6bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36820
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Mar 2022 14:31:50 GMT

GET
H2 200 global.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/build/globals/ 37 KB
11 KB 465ms
22ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/build/globals/global.js?v=1.1.0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a997e51d14e5ea6a8fc9dc34795effe7378744fdd0e2e9f4a662bdd24a918de3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 14 Mar 2022 01:50:10 GMT
server: AmazonS3
age: 93
etag: W/"d65b5bf97ec2364c52687c373353061b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:41 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: cOFxl3D_h6doQ-KJ2WwB7nA7uup4KlPbzk3rmDilfVDKVzK9qV5pZQ==

GET
H/1.1 200
OK prod-global-179580.js Show response
rtbcdn.andbeyond.media/ 369 KB
32 KB 114ms
26ms Script
text/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 081156d8defb477ebf1b704f4c794558a0546c87457deb762aa66f0e768ed994

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Mar 2022 11:44:19 GMT
ETag: "1646394259"
X-HW: 1647613910.dop204.dc2.t,1647613910.cds061.dc2.shn,1647613910.dop204.dc2.t,1647613910.cds102.dc2.c
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2422
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 32157

GET
H2 200 css
fonts.googleapis.com/ 107 KB
3 KB 94ms
45ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:300,300i,400,400i|Open+Sans:300,300i,400,400i,600,600i,700,700i|Oswald:300,400,700|Raleway:300,300i,400,400i,600,600i,700,700i|Roboto+Condensed:300,300i,400,400i,700,700i|PT+Sans:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700i|Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i|Lato:100,100i,300,300i,400,400i,700,700i,900,900i&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bd8ea974efa55ff4eeb0779b5bd2421f0332dd5321b3a80cd23ee91fbb763cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 14:31:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 14:31:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 14:31:50 GMT

GET
H2 200 global.css
aphrodite.gmanetwork.com/assets/revamp/css/build/common/ 32 KB
7 KB 467ms
25ms Stylesheet
text/css 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/common/global.css?v=1.1.0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99451ad1bc00b65d3a192c63bda692dae96879484b114c2723ebc18db1511622

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 08:32:12 GMT
server: AmazonS3
age: 48
etag: W/"b354d4b64f953bfed12030971e65fe50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:31:11 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: QU2xX-7LCGYSkNqBwI_jGaOrAOyOYubfffMjk65x356n0bvEbpGHkA==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
994 B 84ms
35ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a63484b282b9e1d81890300e37264bc39cec82bb6847ba9a0e2c62374720b566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 14:31:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 14:31:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 14:31:50 GMT

GET
H2 200 deliveraw.nmi Show response
ads.allaccess.com.ph/ 505 B
692 B 1303ms
253ms Script
text/plain 52.77.123.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.allaccess.com.ph/deliveraw.nmi?sid=0015&zoneid=1058&synad=|oktoberfest|origin|history|munich|bavaria|germany|wedding|kinglouisi|princess|theresevonsachsenhildburghausen|theresienwiese|theresesfields|wiesn|tradition|totalbeerconsumed|annually|evolution|celebration|festivities|trivia|lifestyle|hobbiesandinterests|
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.123.164 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-123-164.ap-southeast-1.compute.amazonaws.com
Software: Kannel/1.4.1 /
Resource Hash: 3274a12902cd1a0c5aea8fa16ec943eab10db3c0706f4f1e4609ca4c7bb96ba6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:51 GMT
content-encoding: gzip
server: Kannel/1.4.1
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, must-revalidate
content-type: text/plain
content-length: 310

GET
H2 200 fb_audience_pixel.js Show response
aphrodite.gmanetwork.com/assets/revamp/third_party/ 611 B
971 B 440ms
21ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/fb_audience_pixel.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d14f346f2ab7021ce99a1458c7320640b3ed4913db6a88752ad15f0364b77a0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Mon, 20 Apr 2020 03:36:10 GMT
server: AmazonS3
age: 69
etag: "47fd4cc3f8f248fffb737b68408e0808"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:42 GMT
x-amz-cf-pop: EWR52-C4
content-length: 611
x-amz-cf-id: yh05Em0uzI39M0A0GfpSGCuHNIOHn86_dSNn2zoWRbolcQPKyJJpCQ==

GET
H2 200 twitter_audience_pixel.js Show response
aphrodite.gmanetwork.com/assets/revamp/third_party/ 434 B
795 B 440ms
22ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/twitter_audience_pixel.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31e2714fd3bb87dc67c70acf6804d3d31243955fb1c2f8f4a871edcb75d474b3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Mon, 20 Apr 2020 03:36:10 GMT
server: AmazonS3
age: 48
etag: "6ee8814f59df2ecef41d78bdd3ff7de0"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:31:11 GMT
x-amz-cf-pop: EWR52-C4
content-length: 434
x-amz-cf-id: KiqigJiPWNCaRLgwjU0jHdzNXY-2Q4FtR2HCWeTNQiQrXZHOVBKIzg==

GET
H2 200 alexa.js Show response
aphrodite.gmanetwork.com/assets/revamp/third_party/ 356 B
716 B 441ms
23ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/alexa.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8ec5620545c02b163f380bae1719491f6e5d4d865524537d7e8b94f340d1c19

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Mon, 20 Apr 2020 03:36:10 GMT
server: AmazonS3
age: 32
etag: "6bf8c350ad65697c9b3959785c6d61ed"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:31:21 GMT
x-amz-cf-pop: EWR52-C4
content-length: 356
x-amz-cf-id: JfADnmfLLiXdb_pW9NdbVsGFS4QPDiyDPDix5Ss-odimNIH2yyyCag==

GET
H2 200 xaxis.js Show response
aphrodite.gmanetwork.com/assets/revamp/third_party/ 300 B
659 B 448ms
29ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/xaxis.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6063b35596283782986e2315b130ca796ac2a849b66f4f24def9e86af3ea2123

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Mon, 20 Apr 2020 03:36:10 GMT
server: AmazonS3
age: 23
etag: "13d49fc09adb198deecd06ec9fcd42cc"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:31:50 GMT
x-amz-cf-pop: EWR52-C4
content-length: 300
x-amz-cf-id: 5gQCyuB1gm1CPbyKkOnmQvYFr7Lmd-Q_4j4z0ia8qA9lroXLwlnOBQ==

GET
H2 200 dfp.js Show response
aphrodite.gmanetwork.com/assets/revamp/third_party/ 449 B
809 B 31ms
27ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/dfp.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a5d822ac21615139bee0a798ebe51aacd3faaf72e145964ad28e8bc81a19791

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Mon, 20 Apr 2020 03:36:10 GMT
server: AmazonS3
age: 59
etag: "30edd6d5a26d18f6d4e0592d0da067d5"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:51 GMT
x-amz-cf-pop: EWR52-C4
content-length: 449
x-amz-cf-id: V3bQb9iEUxWSwN-eS-sREmXXdnOp-0-b3sfhCW1yCQnjMNuecpLZvg==

GET
H2 200 moment.min.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 46 KB
16 KB 31ms
28ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/moment.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07cd52486d776b2f3fae36135d7333afde4b870601b545e8fb1c1f76e2e5e00f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 68
etag: W/"64c72390d60a3d38239fb1c9427384b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:42 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: UBxHN_2WEwtgaZUDwkjXT41GrBxZYEo9O27HyPYDBHTlplrzReO-kQ==

GET
H2 200 jquery.dotdotdot.min.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 6 KB
3 KB 54ms
51ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/jquery.dotdotdot.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8fe1b7c00540dee47863f395ae080b221e47857a6b430cc810e60051a9ed852

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 48
etag: W/"ff84fd60796a03ea6c707a5f9d890edd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:31:11 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: Og9wnf8tUjUg_S5Vsq1i-QTe65pPjYNyrN031CYJ33ZXPlX24V-fbg==

GET
H2 200 isotope.pkgd.min.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 33 KB
10 KB 54ms
51ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/isotope.pkgd.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0a513e151eab27b1fe80031f424b9af7219ce4c81b221174a0bd0e973171a9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 69
etag: W/"4a53a5630b4912cd536531a7b95ee703"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:42 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: 51WkbD7j4Ed5w9ygBLMULbJsooJnWl1aHNyxoQU5noKXsrb_clJjkQ==

GET
H2 200 owl.carousel.min.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 39 KB
11 KB 31ms
28ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/owl.carousel.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a57842d654007cffb9883aeb5340bb3eeddbf14883b0c9e0eb7acbc52fc98ae6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 68
etag: W/"407174a8263b2768e43ce96e1d31a3ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:43 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: dmcj2L3ipYWUhliic9cERnPKAYEiISWaQ4W_o8ztxr8J1Pb6sNy0Tg==

GET
H2 200 imagesloaded.pkgd.min.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 5 KB
2 KB 32ms
28ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/imagesloaded.pkgd.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64e85a9d9b39ab58a81d17212b33c8da4470fb691817ceaf2a49249792caf6de

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 68
etag: W/"8a141f3c1f1e8706e00093b22e2df23c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:43 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: Ayg3FsjDIst_c-O5Os6TlrI3SBTkmnYrLrDPy6XqljR1olp25DiK2g==

GET
H2 200 lazyload.min.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 3 KB
2 KB 32ms
29ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/lazyload.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3e57462ac92c91e04c38ba9e8320c7e46feaa9f0c36b5b31aa5cbf5b2cb1663

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 69
etag: W/"035b5efa7311b88645eb9332366a05ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:42 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: cj_sj4MMd7VCumgwdCNjOWdqHtEI_TECh7p4Cn962QEYvV4UgMwZAQ==

GET
H2 200 dropkick.2.1.9.min.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/ 17 KB
6 KB 58ms
55ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/dropkick.2.1.9.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b817e06a793c479743836d6df14c3779d83b6d47bf5e9bda17fabe40d34c3e29

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 10 Oct 2019 12:34:12 GMT
server: AmazonS3
age: 7
etag: W/"7229ed9bd5cfc5a13888a2b6c4064ac8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:31:50 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: cE6FTDX8mkC8jhsMPEJxeZPfjrGuGyJkxQXO2FnH679L3Dzci8o2oQ==

GET
H2 200 js.cookie.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 2 KB
1 KB 32ms
29ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/js.cookie.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e327064ee5d9487aca2d6f653c9968a48ea6c417a4782c4513ff94140335bd2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 88
etag: W/"0518b2d1f4a953e0ac736ff724ce490d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:51 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: eiDOKd6Mrcw8VrR7aJvBNaqzLVwrZjYf2InbNpvdzgGD4oOnJjHHKQ==

GET
H2 200 jquery.validate.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 23 KB
8 KB 33ms
29ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/jquery.validate.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f90c8378906ccce3bdc8feb67309c093e47a06d146821fc3b1f6f2b6a341b635

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 88
etag: W/"64083b4fafa91bbbe1b257f4787db104"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:51 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: cdWLYPj1e-QTfreIZZshksA3NHty7cYpzt2bzFbcRUjx3ReQ7yv1Gg==

GET
H2 200 jquery.webui-popover.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 17 KB
6 KB 32ms
29ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/jquery.webui-popover.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b93b2a7697e6683b18e83e797d6809eba592fc5603205f6f1bd7d851c0d2c39

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 88
etag: W/"2ed09c7af072a98b77a41640b49f5e85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:52 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: GsPARowpSoUugypqR7OjzDQADjW6rR876rfB-XahcUD5iHud2cKqRg==

GET
H2 200 datepicker.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 17 KB
6 KB 33ms
30ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/datepicker.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efd6654d1532784a176f6d7c32bc66684a269528a5358c3d8e2838b1ec186a66

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 88
etag: W/"9459cdf667a55950a6a8255011169d3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:51 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: l1Pp0gmTtHcKobOwAd4A1ckSi6nQDAU-2-0FdQ2nMi9sky_MZ5GF4g==

GET
H2 200 pwstrength-bootstrap.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 12 KB
4 KB 33ms
30ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/pwstrength-bootstrap.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a82876df90dd9dce6546d543aa44fbf65fa1d136a3d10062c8339ebeb08f7a5f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 88
etag: W/"e60e65ed966db0cdf7014288e6d3b6ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:51 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: 2S5RLqFdJFBhnxnNIFnZZO2SuccOIJjy5zJt1etUkNNDMHOgdB1KoQ==

GET
H2 200 perfect-scrollbar.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/libs/min/ 24 KB
7 KB 56ms
53ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/libs/min/perfect-scrollbar.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34149146801b604104c038f1afa8b9db20f7223cb8039f6338ab8dc4e980a2ae

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
age: 88
etag: W/"134411abb405e10986ee2356349a1592"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:51 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: BaDCb42SdbUHp2kFKbG8uZQ-mb1ZMsTuct2l6ylPWEDkgPelXe2RSQ==

GET
H2 200 sso.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/build/globals/ 56 KB
13 KB 33ms
30ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/build/globals/sso.js?v=1.1.0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caf4e4ec996ecb2b60b89a824c946ce67e8958d74f07f1866424e9cd57d82570

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 18 May 2021 09:54:11 GMT
server: AmazonS3
age: 88
etag: W/"38b5d9b5a3a641c0bf760b54c555ebc3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:51 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: iSkNoZwcctcBcc1Z4q1rlD1EeQDRt66S8BIv4DLi4ta3hOhV5g--iA==

GET
H2 200 common.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/build/globals/ 17 KB
6 KB 33ms
30ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/build/globals/common.js?v=1.1.0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4ea62723bea1f1b6ed2a3ad95b145a5c8637c250ddd29872e1d7b02f7f743b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 05:32:09 GMT
server: AmazonS3
age: 48
etag: W/"76f51941b9dd2f03a47ae05afa14d70a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:31:11 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: wNRH_SJsBH-o6b5g5x1dqPqoiU-7b4jM8L-NvtXMHAoNmM7_LgEYdw==

GET
H2 200 celebritylife_article.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/build/ 247 KB
59 KB 520ms
518ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/build/celebritylife_article.js?v=1.1.0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 120bac2869645587aef020360ad43e98ebef7becf887984406b47627f6749ffd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 14 Mar 2022 01:50:09 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
etag: W/"692ae466dc9d173bb77c00f94fb91b57"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:31:52 GMT
x-amz-cf-id: kSP5Z4Z8v_B471fQaTPXSOg7oaNRMPljs_genqAksLaUQ0yPayrSxw==

GET
H2 200 modernizr-2.8.3.min.js Show response
aphrodite.gmanetwork.com/assets/revamp/libs/ 14 KB
6 KB 509ms
507ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/libs/modernizr-2.8.3.min.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d487f8f89772d53e7f3f57569abdd5b090439e3d9bbc1a6b084b27a6fb6ee9b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 03:36:09 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
etag: W/"a33f2da92180afd81cc38edfdbc08945"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:31:52 GMT
x-amz-cf-id: B1huqotPVNj5PnAC8QBloPd9S_1cNqf_ZLsvZX5_VpPnzbNyV7SoWA==

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/5.5.4/ 34 KB
13 KB 70ms
20ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.4/firebase-app.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9061f372e65347081ccc226f73a3c961fdf266629e5f4490cea8fa4fb8637582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 12:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12419
x-xss-protection: 0
last-modified: Thu, 11 Oct 2018 22:40:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 12:11:57 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/5.5.4/ 35 KB
10 KB 74ms
25ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.4/firebase-messaging.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e87c14a38296bdf92c4f9a1cd41ad9077a3cbe2d33d51eb4fb54f4706c9ebe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10045
x-xss-protection: 0
last-modified: Thu, 11 Oct 2018 22:40:30 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 19:44:50 GMT

GET
H2 200 ent_webpush.js Show response
aphrodite.gmanetwork.com/assets/revamp/js/build/sw/ 37 KB
12 KB 33ms
31ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/js/build/sw/ent_webpush.js?v=1.1.0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72ffa8d7f17574be83584954d4195ef712e44d1bddb7b401fb27c6b8525a9bc1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 06:50:09 GMT
server: AmazonS3
age: 88
etag: W/"750a8c3167328fb5f02c1abad060b898"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:51 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: _L9x3UaG4cLnR7jwiT17XnB8-6WEsFe8MTrulpDd_xEMufJvkkhyYQ==

GET
H2 200 fb_sdk.js Show response
aphrodite.gmanetwork.com/assets/revamp/third_party/ 436 B
797 B 58ms
56ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/fb_sdk.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ef4f2c2fa38f88e1aeaea7043fc0b3331efdc18d3fe7fbe9843d1b2b473b238

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Mon, 20 Apr 2020 03:36:10 GMT
server: AmazonS3
age: 69
etag: "8a6da5f25792b4d4a59f85f7d6bb7da2"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:42 GMT
x-amz-cf-pop: EWR52-C4
content-length: 436
x-amz-cf-id: LKFvqmmiFy6Dvjkp8ENTGn14UQDvkRQ8ANYJZiYWXf9ID20gohM2Ug==

GET
H2 200 quantcast.js Show response
aphrodite.gmanetwork.com/assets/revamp/third_party/ 555 B
913 B 58ms
55ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/quantcast.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a23bb9735adef0d14b41b552116f24a195b12d47029a6725305e921c5410ebf

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Thu, 04 Nov 2021 07:00:10 GMT
server: AmazonS3
age: 93
etag: "9d9ea6cf6cba460f511a5b81a18c3c6d"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:25 GMT
x-amz-cf-pop: EWR52-C4
content-length: 555
x-amz-cf-id: p5XpLOpwkYV9zi_G74dsfQy5WEe-j7sqxr021h1ZKs9D22rwI-BUsw==

GET
H2 200 abm.js Show response
serving.stat-rock.com/player/ 310 KB
98 KB 293ms
96ms Script
application/javascript 199.101.133.2
WZCOM-

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/player/abm.js
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.101.133.2 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software: nginx /
Resource Hash: 486acaeac912171619ad0b625813096a8379b38901b822e450ed7aeef1a1390e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:50 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 09:47:09 GMT
server: nginx
etag: W/"61f1189d-4d83b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 80ms
35ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83c71160810ac6a9b45bb3500c7a6658cef4f77281db23d6c8de80c19af26554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27855
x-xss-protection: 0
server: sffe
etag: "1161 / 394 of 1000 / last-modified: 1647601738"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 18 Mar 2022 14:31:50 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 59ms
20ms Script
application/javascript 143.204.137.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-137-197.ewr52.r.cloudfront.net
Software: Server /
Resource Hash: 43935402f95c6e02452551eed170ad4ce21cd71f18dedc5efddd21ed1deca984

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: PkzOLZU8S17VIVcnoP84wAEiDGtgTmz9
content-encoding: gzip
etag: 0e4876665018a306b1c42fb415cdf907
age: 54798
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0JKD2BER2C5C05JE10R9
date: Thu, 17 Mar 2022 23:18:33 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0d3bc0372b2119705524079214a98b3e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: qmsEe2ZVV0-ArsGu8VIyhD0tbaEegKLDuCzbXc3ch3USkwiVhOEQKQ==

GET
H/1.1 200
OK impstats.php Show response
prebid.andbeyond.media/ 68 B
297 B 1284ms
266ms XHR
text/html 3.0.172.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.andbeyond.media/impstats.php?aff=179580&type=pv
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.0.172.163 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-172-163.ap-southeast-1.compute.amazonaws.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d33dbc2542009ce4f15b633143b18578d9b5cfbddda30c555860d40ddce3d8db

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 18 Mar 2022 14:31:51 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
X-Powered-By: PHP/5.3.3
Content-Length: 68
Content-Type: text/html; charset=UTF-8

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
744 B 20ms
19ms XHR
application/json 143.204.137.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.gmanetwork.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-137-197.ewr52.r.cloudfront.net
Software: Server /
Resource Hash: 17c1a65dfc520d641ac19f90acbbb439bd737a4e0bfbbffad3733203abe9280e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:47:33 GMT
via: 1.1 0d3bc0372b2119705524079214a98b3e.cloudfront.net (CloudFront)
server: Server
age: 2656
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.gmanetwork.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C2
content-length: 385
x-amz-cf-id: Nxm0z4DR361xtGH-LW16x6vbG4hT0l-mKq953i1xlwhV8ccOf41F8w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 57ms
19ms XHR
application/javascript 143.204.137.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-137-197.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:24:20 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 43651
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
via: 1.1 70afbe31994f2c69bf2f10f0b46f4736.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: EWR52-C2
content-type: application/javascript
x-amz-cf-id: zQhAhN4jVexvdsiQqPzNEnHbYm_DO09aonANQ0FrEMxaeydmDXk4Kw==

GET
H2 200 pubads_impl_2022031401.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
124 KB 77ms
19ms Script
text/javascript 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 11:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9988
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126502
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Mar 2023 11:45:22 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 490 B
839 B 92ms
42ms XHR
application/json 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gmanetwork.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

cafe /

Resource Hash

c70d45d2ab747d75e22938e1b29534b531fd0bd9ba654bec1c31e907bf9baf73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0
expires: Fri, 18 Mar 2022 14:31:50 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 40 KB
11 KB 40ms
18ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.122.0/26
date: Fri, 18 Mar 2022 14:06:53 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: bhs
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 11181
x-request-id: 694880885

POST
H/1.1 200 984.json Show response
id5-sync.com/g/v2/ 2 KB
2 KB 815ms
98ms XHR
application/json 51.75.146.199
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/984.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.75.146.199 , France, ASN16276 (OVH, FR),

Reverse DNS

p12.id5-sync.com

Software

Resource Hash

e918872ab51dbb1bff2d1b503671b18bc54a0bcb428734e92eb450241babb715

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 18 Mar 2022 14:31:50 GMT
Vary: Origin
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 515ms
16ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/fb_audience_pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: QFj8T7etuSlW0tNlrcFVf2dTh4yBTYFqpbm1qxRFlKt2dYR47UjV6Pgp5Kg8oI/IV5kKeDyomvaNffP0H+CPtQ==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 18 Mar 2022 14:31:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 21 KB
8 KB 522ms
22ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/twitter_audience_pixel.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6cdcafba32d043d9ba06bf8a7b24a87ab163c1a75101215ac7d0124efe13d0bb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:51 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 16:45:46 GMT
etag: "910942680416e503ddd9abfdd94a0332+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 7433
x-served-by: cache-iad-kiad7000088-IAD

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
5 KB 515ms
19ms Script
application/javascript 99.84.125.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/alexa.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-78.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 07:14:49 GMT
Via: 1.1 fe01b0d08a6c82e83617785283fae2da.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 6938223
ETag: "d89453438fbf10dcf4c13265c40d5160"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: EWR52-C3
Accept-Ranges: bytes
Content-Length: 4255
X-Amz-Cf-Id: ybjLMkbczpFxWkKVzAxnqbn28HACb3aja6vLKpb048T_5I75EWbeBQ==

GET
H/1.1 200
OK tagr_lib_learn_ph_v3.js Show response
static-tagr.gd1.mookie1.com/s1/ 4 KB
1 KB 528ms
34ms Script
application/javascript 23.10.84.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tagr.gd1.mookie1.com/s1/tagr_lib_learn_ph_v3.js?tagid=V2_153300&id=GMA
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/xaxis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.10.84.219 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-10-84-219.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5ddadabbf40d5ed6cc3b3735f87451e0a5ec1782cec93f338005566ad060fbc6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2016 05:35:34 GMT
Server: nginx
ETag: "579999a6-1153"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1217

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 467ms
18ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242242-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6269
date: Fri, 18 Mar 2022 12:47:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 18 Mar 2022 14:47:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 170 KB
63 KB 35ms
34ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B4FW0S5GFB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242242-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c7032daf8802fafa4deeb4ec779fe289f4b25cd662da35fbc69384882191e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64294
x-xss-protection: 0
expires: Fri, 18 Mar 2022 14:31:51 GMT

GET
H2 200 query Show response
global.cloud.netacuity.com/webservice/ 573 B
695 B 328ms
23ms XHR
application/json 3.222.137.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://global.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.137.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-137-209.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: fdd2e052f1295e9758fa6dfa2bce14afeb2528085ec75b0b84a8695c69379511

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 18 Mar 2022 14:31:51 GMT
server: nginx/1.20.0
content-length: 573
content-type: application/json;charset=UTF-8

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 69ms
21ms Font
font/woff2 2607:f8b0:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:300,300i,400,400i|Open+Sans:300,300i,400,400i,600,600i,700,700i|Oswald:300,400,700|Raleway:300,300i,400,400i,600,600i,700,700i|Roboto+Condensed:300,300i,400,400i,700,700i|PT+Sans:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700i|Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i|Lato:100,100i,300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:46:05 GMT
x-content-type-options: nosniff
age: 229546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:46:05 GMT

GET
H2 200 fontello.woff2
aphrodite.gmanetwork.com/assets/revamp/fonts/icons/ 14 KB
15 KB 67ms
30ms Font
binary/octet-stream 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/fonts/icons/fontello.woff2
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/common/global.css?v=1.1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10906b8c7ee290918a54bb5510854a38d276b9419e7f91d3781b7af6aeeaebfb

Request headers

Referer: https://aphrodite.gmanetwork.com/assets/revamp/css/build/common/global.css?v=1.1.0
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 4d3ba36f3ff7e0b1faca1055e53c9914.cloudfront.net (CloudFront)
etag: "f7d914c20b6df8faac5c74ee903a3f9b"
age: 14
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 14692
last-modified: Thu, 10 Oct 2019 12:34:10 GMT
server: AmazonS3
date: Fri, 18 Mar 2022 14:31:51 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=120,public
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: 2ViC5K9Yu9ot4D-JZuZLDt2pYwqWWb83q_1_j0YbX2upOLE37ECHOA==

GET
H2 200 fontello.woff2
aphrodite.gmanetwork.com/assets/revamp/fonts/sso-icons/ 4 KB
4 KB 39ms
34ms Font
binary/octet-stream 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/fonts/sso-icons/fontello.woff2
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 653e5e6042494570b92735cd368e62434b9df3deeae84d5f7389436c38b097ff

Request headers

Referer: https://www.gmanetwork.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 4d3ba36f3ff7e0b1faca1055e53c9914.cloudfront.net (CloudFront)
etag: "4409b201d85647b927059b61fb987f74"
age: 23
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 3872
last-modified: Thu, 10 Oct 2019 12:34:10 GMT
server: AmazonS3
date: Fri, 18 Mar 2022 14:31:51 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=120,public
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: qKlHSxrxQyaHPCgyLcE4iKErHwWEk0eRPK-wYMgFbcfmLTs5RoLExg==

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v19/ 34 KB
34 KB 62ms
48ms Font
font/woff2 2607:f8b0:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v19/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:35:35 GMT
x-content-type-options: nosniff
age: 154576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:56:27 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:35:35 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 90ms
41ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/js/build/celebritylife_article.js?v=1.1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3221651103697de1efb29b38ac3a8611476981904f54a123a5ff44a2da5b905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Fri, 18 Mar 2022 14:31:51 GMT

GET
H2 200 81377.gz Show response
data.igma.tv/entertainment/773/entertainment/articles/ 6 KB
3 KB 358ms
266ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/773/entertainment/articles/81377.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63519f1fdb980cfecbda5250879ac1c8a2d10cfe550827822d36d2b1297b0c7e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
x-amz-cf-pop: EWR52-C3
x-cache: RefreshHit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2686
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 08 Oct 2021 01:52:33 GMT
server: AmazonS3
etag: "ca29714cc0120473e23dd19c26063e53"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-id: t64PqaTYG38WYdhUQ-OgrwlvYcYeF06BCVq4nmPQYwm5zptXJ7xbwQ==

GET
H2 200 gma-header-logo.svg
aphrodite.gmanetwork.com/ 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/gma-header-logo.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4265686660c12d10f6954d8dec60884933d680f10dd79a4ff7a76c016d62f39a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 07:47:19 GMT
server: AmazonS3
age: 58779
etag: W/"6070135b0880a0cca74ba0fc1221e24f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
date: Thu, 17 Mar 2022 22:12:13 GMT
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: Sn_bGa5LKoXVgSFiCv1lnyMbh7e6_tC6dAzd7BX6-iTMtKRxSSn5Vw==
x-amz-meta-s3b-last-modified: 20200403T073750Z

GET
H2 200 gma_white.png
aphrodite.gmanetwork.com/assets/revamp/img/ 1 KB
2 KB 19ms
19ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/img/gma_white.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8095e046d436d9957b442dad9827d0289469e91f12cd94f68ffc90198e3b4f31

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Z1a4KR1IgQCUibmGiK2ThFq69ie8hdZd
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Thu, 01 Feb 2018 07:44:52 GMT
server: AmazonS3
age: 119
etag: "e8749bb5058882d51032084665c54c4f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=180
date: Fri, 18 Mar 2022 14:30:52 GMT
x-amz-cf-pop: EWR52-C4
content-length: 1428
x-amz-cf-id: FCrRulh_QxM7ckC2v3xB4v6MyAAcGuWZmr3s-n9_LDcAZpVurNieYA==
x-amz-meta-s3b-last-modified: 20180201T034941Z

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 38ms
18ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/fb_sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

071c4df91fbafd898b4f21c2e151b2a554b03657eb941c510a26f484c6fd4ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: S4IxtXHO4LxqeRPceytwWw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: KNB8vRtmTbCzkIRxrHEKYYJ5QS/v0ZS4s5FatJsuTYtMLrs269m0Z5Y0lGup6IYoFWuvmY5l2C5g4tCcFWR/7A==
x-fb-content-md5: ef7adb623756c1d6face76da3e52d586
x-frame-options: DENY
date: Fri, 18 Mar 2022 14:31:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "8a17f8ce152129d0becdd22d5b0d5bc3"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 18 Mar 2022 14:37:27 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 118ms
25ms Script
application/javascript 2620:116:800b:21:2d66:77a6:9085:a5fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:51 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 25 Mar 2022 14:31:51 GMT

GET
H2 404 custom_fab.gz Show response
data.igma.tv/entertainment/widgets/ 563 B
994 B 422ms
359ms XHR
text/html 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/custom_fab.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c987ea35812877cde1181bb4fea553fa9085f72c6b238081cc2ed632a34e9550

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:51 GMT
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: EWR52-C3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-cache: Error from cloudfront
content-length: 563
x-amz-cf-id: KAPQU2vNGsSIfvGgQk3e-jZTAQbry8bhfDaSuyF_M9NUfVM2TK3vBA==

GET
H/1.1 200
OK Script Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 42 KB
16 KB 475ms
218ms Script
application/x-javascript 104.209.192.206
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.209.192.206 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b28fe5e58b0d07d2f4a506f83fa4da41608a7584d47e663cd8c929d6791a0f02

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:51 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Last-Modified: Fri, 18 Mar 2022 14:31:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: public, max-age=3600
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 16141
Expires: Fri, 18 Mar 2022 15:31:52 GMT

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 8 KB
4 KB 58ms
11ms Script
application/javascript 34.107.231.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

9a59c5e5bf506c979d9baf8521375edc46c510007ea428f877717bdf90a81528

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:33:21 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sun, 11 Jul 2021 15:29:14 GMT
server: nginx
age: 3510
etag: W/"91f36cb612bb5287d05f3c7044927cbe"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3532

GET
H/1.1 200
OK prebid-custom.js Show response
rtbpass-us.andbeyond.media/ 580 KB
175 KB 124ms
25ms Script
text/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-179580.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 1f1906c22a08101fd8defd614fc194bf5f0c9f36d14aeffad9fb605cfb7c465a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 05:50:27 GMT
Server: AmazonS3
x-amz-request-id: HKJVCS94SVVZ1F2P
ETag: "ca4ada549f38629ea61d78739a245516"
X-HW: 1647613911.dop077.dc2.t,1647613911.cds208.dc2.shn,1647613911.dop077.dc2.t,1647613911.cds164.dc2.c
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=28912988
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 178791
x-amz-id-2: ijQdFGHvi22JBbb3rr9XCeeMP/bFX3AJqo0MoFugyfZwfHRNYvA5URZwH72tm2SGzvKcIWo91RI=

POST
H2 204 collect
analytics.google.com/g/ 0
350 B 80ms
33ms Ping
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-B4FW0S5GFB&gtm=2oe3e0&_p=1237499824&sr=1600x1200&_gaz=1&ul=en-us&cid=1788617992.1647613912&_s=1&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=How%20and%20where%20did%20the%20Oktoberfest%20originate%3F&sid=1647613911&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.audience_interest=Celebrities&ep.author=Racquel%20Quieta&ep.publish_date=October%208%2C%202021
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4FW0S5GFB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
350 B 83ms
32ms Ping
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B4FW0S5GFB&cid=1788617992.1647613912&gtm=2oe3e0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4FW0S5GFB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 85ms
39ms Image
image/gif 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B4FW0S5GFB&cid=1788617992.1647613912&gtm=2oe3e0&aip=1&z=1194643656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403 8.gif
id5-sync.com/i/984/ 79 B
79 B 97ms
97ms Image
text/html 51.75.146.199
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/984/8.gif?id5id=ID5*-EbdD3RqmTh0rWWJ6PVr-wo6nphlvabA03gQlVHeJLoLct746kw-9NP2b5kTy_TbC3PfVJ1pxC_j79QxE1aacwt0bI9ov7lFS7Z1lj2Jq0YLdT6_gu2imzqLyxN6rUihC3Zvt0GvMyNQ2zc1gAegUwt3tWkZ7b8n3dbzHdt_n9gLeIVtmJOG_6VLLAEWGraKC3m3CFjV7Muy3E-5DS7ZjAt62mTLQtv_HsQQvW4PmicLe1OScGDDBGOk4HvwpYUHC3xGX5nbXNrLjmej_fzdmAt9KVjjbBUNxSWpGvK6F3ULfuHC8Zqy2zTm3LtP4oxoC3_5_Z1zwFnozHzgvTNcfQuAEnRhpGcV9P3qr9IPCzoLgaNG8IzEK-gcGxL-2tG_C4I0RPrQN27ncvlHFRXL_wuDsF8N2VeMpmnqtMux41oLhDa3iZDjXxMsR739zfExC4UavH305ZSdwSqmPZGNNAuGeZa7BQ_2qqWVXyhadTELhxyxWTvLC_SzOhkwMTgTC4hsv2od86ZLeLit29FvXguJV-yUV93MIECBhmgyEU0Ligy_VqFmiJ9tifzRdUJ2C4vkpg4YeMpNkD9DS6iykAuM10l_ssqAMdQF1v-qjmsLjW2MRiMNkYyODtob8JRXC47A6fswMnYVrjOEO5fVDw&o=api&gdpr_consent=undefined&gdpr=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.75.146.199 , France, ASN16276 (OVH, FR),

Reverse DNS

p12.id5-sync.com

Software

Resource Hash

e9fe08a8107cd60b0cecb888c9c2fb73c8d101af53151428e347d62be50db83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Date: Fri, 18 Mar 2022 14:31:51 GMT
Transfer-Encoding: chunked
Content-Type: text/html;charset=utf-8

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 90ms
38ms Script
application/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 94ms
41ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
12 KB 617ms
589ms XHR
text/plain 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3823595328649609&correlator=1767169380838490&eid=31064904%2C31065485&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=344684475%2CENT_Celeblife_Desktop_Leaderboard1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=1&adks=1118826149&sfv=1-0-38&ecs=20220318&fsapi=false&prev_scp=keyword%3Doktoberfest%2Corigin%2Chistory%2Cmunich%2Cbavaria%2Cgermany%2Cwedding%2Cking%2520louis%2520i%2Cprincess%2Ctherese%2520von%2520sachsen-hildburghausen%2Ctheresienwiese%2Cthereses%2520fields%2Cwiesn%2Ctradition%2Ctotal%2520beer%2520consumed%2Cannually%2Cevolution%2Ccelebration%2Cfestivities%2Ctrivia%2Clifestyle%2Chobbies%2520and%2520interests%26ad_pt%3DCelebrity_Life_Article_Page%26ad_pos%3DENT_Celeblife_Desktop_Leaderboard1_1%26site_id%3DGMA_Entertainment&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1647613912208&lmt=1647613907&dlt=1647613910441&idt=475&biw=1600&bih=1200&adxs=315&adys=80&oid=2&ucis=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=970x0&fws=132&ohw=1600&ga_vid=1788617992.1647613912&ga_sid=1647613912&ga_hid=1237499824&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9357a247e6c513948eb57f3f82a099d4d8e228ac456f95ff8801c7208b044b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12074
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gmanetwork.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 570 B
332 B 128ms
101ms XHR
text/plain 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3823595328649609&correlator=2520757320710103&eid=31064904%2C31065485&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=344684475%2CENT_Celeblife_Desktop_Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=2935993112&sfv=1-0-38&ecs=20220318&ists=1&fsapi=false&prev_scp=ad_pt%3DCelebrity_Life_Article_Page%26ad_pos%3DENT_Celeblife_Desktop_Interstitial_1%26site_id%3DGMA_Entertainment&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1647613912220&lmt=1647613907&dlt=1647613910441&idt=475&biw=1600&bih=1200&adxs=800&adys=80&oid=2&ucis=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=0x0&fws=132&ohw=1600&ga_vid=1788617992.1647613912&ga_sid=1647613912&ga_hid=1237499824&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e079df996307a94c3eb31b71a995f4233dac3d0d9934cded75d8cdd13940804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 302
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 734ms
708ms XHR
text/plain 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3823595328649609&correlator=2134399337181396&eid=31064904%2C31065485&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=344684475%2CENT_Celeblife_Desktop_Mrec1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C250x250&ifi=3&adks=915958108&sfv=1-0-38&ecs=20220318&fsapi=false&prev_scp=keyword%3Doktoberfest%2Corigin%2Chistory%2Cmunich%2Cbavaria%2Cgermany%2Cwedding%2Cking%2520louis%2520i%2Cprincess%2Ctherese%2520von%2520sachsen-hildburghausen%2Ctheresienwiese%2Cthereses%2520fields%2Cwiesn%2Ctradition%2Ctotal%2520beer%2520consumed%2Cannually%2Cevolution%2Ccelebration%2Cfestivities%2Ctrivia%2Clifestyle%2Chobbies%2520and%2520interests%26ad_pt%3DCelebrity_Life_Article_Page%26ad_pos%3DENT_Celeblife_Desktop_Mrec1_1%26site_id%3DGMA_Entertainment&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1647613912225&lmt=1647613907&dlt=1647613910441&idt=475&biw=1600&bih=1200&adxs=1041&adys=95&oid=2&ucis=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&frm=20&vis=1&scr_x=0&scr_y=0&psz=336x0&msz=336x20&fws=132&ohw=1600&ga_vid=1788617992.1647613912&ga_sid=1647613912&ga_hid=1237499824&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-129-242-122.us-east-2.compute.amazonaws.com

Software

cafe /

Resource Hash

79fd9dbbb8a2767834c09d746ce48039d92f46353f6729fc02f72f83630b1dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9474
x-xss-protection: 0
google-lineitem-id: 5471012876
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138322335932
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
aa5480e3fa18327fed8b716028dcee0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C8DF 6 KB
4 KB 111ms
38ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aa5480e3fa18327fed8b716028dcee0b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 18 Mar 2022 14:31:52 GMT
expires: Sat, 18 Mar 2023 14:31:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 72ms
18ms Image
image/gif 13.33.60.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=How%20and%20where%20did%20the%20Oktoberfest%20originate%3F%20%7C%20GMA%20Entertainment&time=1647613912242&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&random_number=1122474144&sess_cookie=7c515df217f9d7124b1676d1f05&sess_cookie_flag=1&user_cookie=7c515df217f9d7124b1676d1f05&user_cookie_flag=1&dynamic=true&domain=gmanetwork.com&account=LssQl1aE+GW1O7&jsv=20130128&user_lang=en-US
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-3.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 06:38:40 GMT
Via: 1.1 94fb69b274bb5ab206667cb69fcc5932.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 28393
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: EWR52-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: FNv2h0C5-8aWUz-5QbCLRcBp-SfP435wr6CiCMWJmWEOYoEcRjh9xQ==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 283ms
76ms Image
text/plain 54.68.210.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.210.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-210-92.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
server: Server

GET
H3 200 1543737212511664 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 19ms
19ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1543737212511664?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a4d06bdc55409e1f8317d0f4cf63b374ec2ebb1fe76f4e3d81a049e73286d998

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89170
x-xss-protection: 0
pragma: public
x-fb-debug: g8rnXXoxmykSsGXgWI6CNy15W3UJkxD/pN6KPHP6hedbsVghCzOZ7k9oUZEZE6+HOx4M3/ZH0AvgZpTldcUPBQ==
x-frame-options: DENY
date: Fri, 18 Mar 2022 14:31:52 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 60ms
32ms XHR
text/plain 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1237499824&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=How%20and%20where%20did%20the%20Oktoberfest%20originate%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAAC~&jid=292744510&gjid=362733985&cid=1788617992.1647613912&tid=UA-242242-18&_gid=1526702973.1647613912&_r=1&gtm=2ou3e0&cd9=Celebrities&cd7=Racquel%20Quieta&cd11=October%208%2C%202021&z=658015246

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 learn
ph-gmtdmp.mookie1.com/t/v2/ 43 B
609 B 254ms
194ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ph-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_153300&src.domain=www.gmanetwork.com&src.url=%252Fentertainment%252Fcelebritylife%252Fnews%252F81377%252Fhow-and-where-did-the-oktoberfest-originate%252Fstory&src.id=GMA&src.rand=7996163738
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:52 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 related_video_source.json Show response
aphrodite.gmanetwork.com/configuration/ 63 B
575 B 17ms
17ms XHR
application/json 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/configuration/related_video_source.json
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2fdaafcf1b5f7ae36648f8e7a2c6e7cf6760b89c8a01e5b9393fe98c4afb540

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 4d3ba36f3ff7e0b1faca1055e53c9914.cloudfront.net (CloudFront)
etag: "0d995cb867ba3592c8ca4c0fe90e2098"
age: 58002
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-length: 63
last-modified: Thu, 15 Jul 2021 08:30:23 GMT
server: AmazonS3
date: Fri, 18 Mar 2022 03:28:11 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: 0pY5_-3ZthB1DdRzKsXjfWFzO6O7VmmX6yNE0HL7CJb1CgG6m_ELqA==

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 135ms
59ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.9&p_id=Twitter&p_user_id=0&txn_id=o1qzn&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=c6943757-1310-4f0d-8453-fab25a46ec93&tw_document_href=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 18
date: Fri, 18 Mar 2022 14:31:51 GMT
server: tsa_b
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e539ead5687cb60cfe2ab927d35d262e74ec44b9b1a33c1bc3537427293d40c7
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
335 B 113ms
39ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.9&p_id=Twitter&p_user_id=0&txn_id=o1qzn&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=c6943757-1310-4f0d-8453-fab25a46ec93&tw_document_href=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 5
date: Fri, 18 Mar 2022 14:31:52 GMT
server: tsa_b
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: d60bf7005e6d2c6fe2a003af6e63a4e7caf1ee4b0edeee517f378f20be10ed05
content-length: 43

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/577098c0/www-widgetapi.vflset/ 152 KB
49 KB 47ms
21ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/577098c0/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5abae6e19ed0784a432e61a5f9915cbff9a587062c7a1f2c9b4bc7ab2ea06d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:24:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50182
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:17:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Mar 2023 16:24:17 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 288 KB
82 KB 39ms
19ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=fc9454d766aebc15aff4ecf36479c9b7

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5415b7c6f3510bdcc435b0633035cf72de1f07af5b108dd079e99565062da012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.gmanetwork.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 1jEtCLdr9J3BptGSBWFBRQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84082
x-fb-rlafr: 0
x-fb-debug: Dhd+Cec4x4J/6eJa85+4bbq2PWIQS0XCvUHDK+K2NAukeSX1XDkk6YcWoEixQoNRCqzxwV0PK0UuuP4KlRgUwQ==
x-fb-content-md5: 956eef2e9ee7ea8e8db41e225e5ab2ed
x-frame-options: DENY
date: Fri, 18 Mar 2022 14:31:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "960343eb70b49270986afdea79acf5bb"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Mar 2023 14:12:51 GMT

GET
H2 200 rules-p-ernMzxMzj4rTH.js Show response
rules.quantcount.com/ 1 KB
1 KB 76ms
20ms Script
application/javascript 2600:9000:2140:6800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-ernMzxMzj4rTH.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:6800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77695b735ff222bd744719885ab7ec9fca5db071f901f86bb625f0561c9a47f1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:21:43 GMT
content-encoding: gzip
age: 689
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 21:31:35 GMT
server: AmazonS3
etag: W/"538423f6a5866c708d4e3f53d4ed407a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 1bbfa275cce73ba7a423bc907239dede.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: dToW9CmVoYHRxf25ApxhBVQBAfNZA_vrgQ1bsO4lPVtei154PEfsnA==

GET
H2 200 zd_w_s_loading.css
d99666469a0d.bitsngo.net/content/ 907 B
749 B 117ms
36ms Stylesheet
text/css 69.28.157.216
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/content/zd_w_s_loading.css?ver=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.157.216 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-28-157-216.iad.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: df2f130ebaf879966d5e5e8e8623f57a217befe98549db88445fea1e2e1a5797

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 09:55:22 GMT
server: Microsoft-IIS/10.0
age: 90292
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 470
x-llid: c01b343dc665fdf984897d4486e2a5bb
expires: Sun, 27 Mar 2022 13:27:00 GMT

GET
H2 200 jquery.tap.min.js Show response
d99666469a0d.bitsngo.net/common-scripts/ 2 KB
1 KB 117ms
37ms Script
application/x-javascript 69.28.157.216
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/common-scripts/jquery.tap.min.js
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.157.216 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-28-157-216.iad.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3d9b4c1e21f076d905f1b85a541dda587ee989d1516f1465c6c6ded005cb99a8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 09:55:20 GMT
server: Microsoft-IIS/10.0
age: 183327
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 1130
x-llid: c344ce671186414f24a9683997a33c6c
expires: Sat, 26 Mar 2022 11:36:25 GMT

GET
H2 200 zoomd.widget.loader.min.js Show response
d99666469a0d.bitsngo.net/widget-scripts/ 34 KB
12 KB 118ms
37ms Script
application/x-javascript 69.28.157.216
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/widget-scripts/zoomd.widget.loader.min.js?ver=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.157.216 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-28-157-216.iad.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a7dd680732ed5074ada10d9e20563897400b23af5ead821b6b941f9e69569588

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 12:54:12 GMT
server: Microsoft-IIS/10.0
age: 90292
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 12300
x-llid: 40a4f7b3ab21cbc032dbd163610ab1fe
expires: Sun, 27 Mar 2022 13:27:00 GMT

GET
H2 200 ga.js Show response
aphrodite.gmanetwork.com/assets/revamp/third_party/ 369 B
726 B 456ms
456ms Script
application/javascript 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/third_party/ga.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2457210e6bc9df66a39079cfae0b8f1f16a7863725b0714b5a4bc1f21c5b948d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Tue, 14 Jul 2020 09:40:07 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
etag: "e1214ed4f5406b79a0a586ad58111f73"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:31:53 GMT
content-length: 369
x-amz-cf-id: P4zO0PooDjJeiQY9IzuvC5nMCa4_Nm0jnccWZR0wxrkkOO4P0noGIQ==

GET
H2 200 buttons.js Show response
ws.sharethis.com/button/ 59 KB
17 KB 102ms
21ms Script
application/javascript 2600:9000:2120:4200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/buttons.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:4200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

7ba38c636940db54018406db91e3a02040d14fd6ce7dabf8bdb011067ba8eb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 15:29:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 255771
x-cache: Hit from cloudfront
content-length: 16739
server: nginx/1.20.1
etag: W/"61e1c3a2-ea95"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 be2bc6f826ea9bebe879d48a50a29432.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: EWR52-C4
x-robots-tag: noindex, nofollow
x-amz-cf-id: zwv3kZlA1nYj5-basRg3YiffhsIY0b0KKUsaqB4VsihNO44kGmcrzg==
expires: Fri, 18 Mar 2022 15:29:01 GMT

GET
H2 200 gmalogo-p.jpg
aphrodite.gmanetwork.com/assets/revamp/img/ 10 KB
10 KB 34ms
30ms Image
image/jpeg 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/assets/revamp/img/gmalogo-p.jpg
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/css/build/common/global.css?v=1.1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16e70fc2b149c196a4984435e17450b1d68ca078d6eb41109e5b937cf269b511

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://aphrodite.gmanetwork.com/assets/revamp/css/build/common/global.css?v=1.1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 12:34:10 GMT
server: AmazonS3
age: 59
etag: "218be9b830fb06b1c16c60da80d2a6ea"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=120,public
date: Fri, 18 Mar 2022 14:30:54 GMT
x-amz-cf-pop: EWR52-C4
content-length: 10365
x-amz-cf-id: YNf7Rus_gd7p0yNBjKeV27BtoYTMnwK8av4DmRD8rLLPiFwnIRAklA==

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v24/ 15 KB
15 KB 105ms
75ms Font
font/woff2 2607:f8b0:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v24/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:58 GMT
x-content-type-options: nosniff
age: 154854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:13:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:58 GMT

GET
H3 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v47/ 25 KB
25 KB 63ms
34ms Font
font/woff2 2607:f8b0:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v47/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e0f1d4d244fa557ae96c648168b0620a4f5ad3dbb653fc979a1b3ea0000699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 23:35:02 GMT
x-content-type-options: nosniff
age: 140210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25384
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2023 23:35:02 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 78ms
51ms Font
font/woff2 2607:f8b0:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:30:29 GMT
x-content-type-options: nosniff
age: 108083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Mar 2023 08:30:29 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 71ms
44ms Font
font/woff2 2607:f8b0:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 14:35:30 GMT
x-content-type-options: nosniff
age: 258982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 14:35:30 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 47ms
20ms Font
font/woff2 2607:f8b0:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:30:30 GMT
x-content-type-options: nosniff
age: 108082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Mar 2023 08:30:30 GMT

GET
H3 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 22 KB
22 KB 48ms
22ms Font
font/woff2 2607:f8b0:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:34:59 GMT
x-content-type-options: nosniff
age: 154613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:34:59 GMT

GET
H2 200 top_photos.gz Show response
data.igma.tv/entertainment/widgets/common/ 7 KB
3 KB 49ms
45ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/top_photos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66643da383f707f9087b2575c9975da1cc84225bb9a108ad474a49700b29cd62

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
age: 56
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2593
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:08:17 GMT
server: AmazonS3
etag: "190ae08f26afc4653607be24b3db2d98"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: V1a-kc9DcFygoM2uCgmariJ0UTwjn89_7IJGJgDgfMZP1YmSWEvVHA==

GET
H2 200 most_watched.gz Show response
data.igma.tv/entertainment/widgets/common/ 5 KB
2 KB 32ms
28ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/most_watched.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e815f83cfe7252023f1cf73718814ef52610f50411aea8fda7d99603b401e5ed

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
age: 55
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1940
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:32:34 GMT
server: AmazonS3
etag: "627f2abbc56b9f34e1bfe5459f2a6040"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: aPK-UltzbLpoevWwOpt53iBspK47YuagJYddTWvHPQ-Kh2JCf7CEEw==

GET
H2 200 top_photos.gz Show response
data.igma.tv/entertainment/widgets/common/ 7 KB
3 KB 50ms
46ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/top_photos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66643da383f707f9087b2575c9975da1cc84225bb9a108ad474a49700b29cd62

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
age: 56
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2593
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:08:17 GMT
server: AmazonS3
etag: "190ae08f26afc4653607be24b3db2d98"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: lwZhDszkNXJwRABP9yRIwR5YzW8nGp-P8R2lNDN5Mhj0n-YVIZvjnQ==

GET
H2 200 most_watched.gz Show response
data.igma.tv/entertainment/widgets/common/ 5 KB
2 KB 31ms
28ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/most_watched.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e815f83cfe7252023f1cf73718814ef52610f50411aea8fda7d99603b401e5ed

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
age: 55
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1940
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:32:34 GMT
server: AmazonS3
etag: "627f2abbc56b9f34e1bfe5459f2a6040"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: GoZEyHou8oxGEdRqNCBZqS_8iO-A61E_2NR8EzRniKR-1Xs3nyuOUQ==

GET
H2 200 latest_photos.gz Show response
data.igma.tv/entertainment/widgets/common/ 6 KB
2 KB 31ms
28ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/latest_photos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff2df3a4ec9f7a1821c549ca80940cd788a992f060e3e587e5c31726e4311463

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
age: 56
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1993
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:00:59 GMT
server: AmazonS3
etag: "0cf1fa389be83692de22b85532f6c83c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: ocdNI1mixgCV3BB8YZLqZzvh207zjzhXM2Dr4CVVCnIeDg_0bLAwDQ==

GET
H2 200 latest_videos.gz Show response
data.igma.tv/entertainment/widgets/common/ 5 KB
2 KB 59ms
56ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/latest_videos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3e21d0d4a0cb80b139732b39fc3d349afc46f1a8c29e966d729268cab1cd666

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
age: 55
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1704
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:05:11 GMT
server: AmazonS3
etag: "7559ce70cd69d8e67a280e8fec3812ad"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: u7MYeRVAX3ClO3CI7nPe2IsDuwUWSDZ-meCDfV4KJ3ZyYweRZOG_ow==

GET
H2 200 latest_photos.gz Show response
data.igma.tv/entertainment/widgets/common/ 6 KB
2 KB 33ms
30ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/latest_photos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff2df3a4ec9f7a1821c549ca80940cd788a992f060e3e587e5c31726e4311463

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
age: 56
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1993
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:00:59 GMT
server: AmazonS3
etag: "0cf1fa389be83692de22b85532f6c83c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: 5Hc9EalKrtiV8QXfe4XH2gDpdO3CRA-6BsfHYmPTecjivy4jZk2GhQ==

GET
H2 200 latest_videos.gz Show response
data.igma.tv/entertainment/widgets/common/ 5 KB
2 KB 57ms
55ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/latest_videos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3e21d0d4a0cb80b139732b39fc3d349afc46f1a8c29e966d729268cab1cd666

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
age: 55
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1704
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:05:11 GMT
server: AmazonS3
etag: "7559ce70cd69d8e67a280e8fec3812ad"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: teA6EDUk7me24TU1mI4wawkrLUSobstD9oI89_QYIwq84dGphcOpAw==

GET
H/1.1 403
Forbidden 81377.json Show response
related.gmanews.tv/15/article/773/ 243 B
788 B 599ms
498ms XHR
application/xml 99.84.42.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://related.gmanews.tv/15/article/773/81377.json
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.42.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-42-97.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba5766a48e0d65bde7a32941cd79a96718e99fee17dd2dde0bb84eb18c3fc1c1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:51 GMT
Via: 1.1 7eb1986bc2b6151cfcbcefbaa656508a.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C4
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1200
Transfer-Encoding: chunked
X-Cache: Error from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: uAIxxQp6PIsHK0NFRggPsTX7ylTseKBQXwmkmyWZylYshgkQWd3C8A==

GET
H/1.1 403
Forbidden 81377.json Show response
related.gmanews.tv/15/article/773/ 243 B
788 B 842ms
734ms XHR
application/xml 99.84.42.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://related.gmanews.tv/15/article/773/81377.json
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.42.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-42-97.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4973fff6a965d08bee0dd7f686616eedf6849682846d3e181b0963e6c50ac596

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:52 GMT
Via: 1.1 4ae93d3077949e1f1ea97bfbece1919a.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C4
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1200
Transfer-Encoding: chunked
X-Cache: Error from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: mwwCheiQjEZ67ocLlD5qNN6jltr1wzU6DK2VyDbLHSYjNjEwm2uk7g==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 197 KB
68 KB 136ms
36ms Script
application/x-javascript 23.221.200.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.221.200.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-200-229.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 12a56ab79421200733f29eb680f15a98f453da496c5311aa4a8f02c463ecaa38

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
last-modified: Mon, 14 Mar 2022 07:43:34 GMT
etag: "15-y9I9sq85OFGcSuleJgn8BozfIs4"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 6f5bca358250f0df10faf3aef0b46e7e
timing-allow-origin: *, *
content-length: 69488

GET
H2 200 latest_photos.gz Show response
data.igma.tv/entertainment/widgets/common/ 6 KB
2 KB 28ms
28ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/latest_photos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff2df3a4ec9f7a1821c549ca80940cd788a992f060e3e587e5c31726e4311463

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
age: 56
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1993
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:00:59 GMT
server: AmazonS3
etag: "0cf1fa389be83692de22b85532f6c83c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: 19DV8SAr-n4OOo-fJLl3maEo174Y6sLq3dYOB_HdKbR2nUyiXWgoJw==

GET
H2 200 latest_videos.gz Show response
data.igma.tv/entertainment/widgets/common/ 5 KB
2 KB 54ms
53ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/latest_videos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3e21d0d4a0cb80b139732b39fc3d349afc46f1a8c29e966d729268cab1cd666

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
age: 55
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1704
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:05:11 GMT
server: AmazonS3
etag: "7559ce70cd69d8e67a280e8fec3812ad"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: kDl4UZXhaa50o5T35gNSXhQRj-hpb35t3nAfjWT-i9smbOY8Cha-xg==

GET
H2 200 latest_photos.gz Show response
data.igma.tv/entertainment/widgets/common/ 6 KB
2 KB 37ms
36ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/latest_photos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff2df3a4ec9f7a1821c549ca80940cd788a992f060e3e587e5c31726e4311463

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
age: 56
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1993
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:00:59 GMT
server: AmazonS3
etag: "0cf1fa389be83692de22b85532f6c83c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: CTyGCPwF0eRLQFP7SVTWmlFrrxVGdJyq6jVwNVxUkwS_6oSRzEjRtQ==

GET
H2 200 latest_videos.gz Show response
data.igma.tv/entertainment/widgets/common/ 5 KB
2 KB 53ms
52ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/latest_videos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3e21d0d4a0cb80b139732b39fc3d349afc46f1a8c29e966d729268cab1cd666

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
age: 55
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1704
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:05:11 GMT
server: AmazonS3
etag: "7559ce70cd69d8e67a280e8fec3812ad"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: dalBYTWkavVOXSXcA8ZuyM47DBb9xPDnluCCrrVjCbNrAMYVly0SrA==

GET
H2 200 top_photos.gz Show response
data.igma.tv/entertainment/widgets/common/ 7 KB
3 KB 42ms
41ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/top_photos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66643da383f707f9087b2575c9975da1cc84225bb9a108ad474a49700b29cd62

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
age: 56
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2593
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:08:17 GMT
server: AmazonS3
etag: "190ae08f26afc4653607be24b3db2d98"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: U7_M2ynuxMAWeoqsT5f5k9QCoQMRNwEATZ5pdBQcI_gUFsv0vRKK5Q==

GET
H2 200 most_watched.gz Show response
data.igma.tv/entertainment/widgets/common/ 5 KB
2 KB 34ms
34ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/most_watched.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e815f83cfe7252023f1cf73718814ef52610f50411aea8fda7d99603b401e5ed

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
age: 55
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1940
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:32:34 GMT
server: AmazonS3
etag: "627f2abbc56b9f34e1bfe5459f2a6040"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: 9pFOyceq0zE0SgPPyMAKOUFxmiR8U46VhrKJ6RBFF0pVlwXXDNueoA==

GET
H2 200 top_photos.gz Show response
data.igma.tv/entertainment/widgets/common/ 7 KB
3 KB 40ms
39ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/top_photos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66643da383f707f9087b2575c9975da1cc84225bb9a108ad474a49700b29cd62

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
age: 56
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2593
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:08:17 GMT
server: AmazonS3
etag: "190ae08f26afc4653607be24b3db2d98"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: sDYP37wf-Pw3lJuCJvXqoybDgBn53Q2wh2YRuEfMWRZKTTla5MB-_w==

GET
H2 200 most_watched.gz Show response
data.igma.tv/entertainment/widgets/common/ 5 KB
2 KB 28ms
28ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/common/most_watched.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e815f83cfe7252023f1cf73718814ef52610f50411aea8fda7d99603b401e5ed

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: gzip
age: 55
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1940
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:32:34 GMT
server: AmazonS3
etag: "627f2abbc56b9f34e1bfe5459f2a6040"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: eZCYbN9W7qiHucFImVp6kHUExa3XhQtxrJQuovkDnYRzgS2pOP6gzw==

GET
H2 200 ent_home_trending_videos.gz Show response
data.igma.tv/entertainment/widgets/trending/ 9 KB
3 KB 267ms
266ms XHR
application/json 99.84.125.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.igma.tv/entertainment/widgets/trending/ent_home_trending_videos.gz
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-67.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4104d72b034f4d559f3dcc7764dc8d3d4cb7bf3112d2e68bc2430012b33e3df4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:53 GMT
content-encoding: gzip
x-amz-cf-pop: EWR52-C3
x-cache: RefreshHit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 2938
access-control-allow-origin: https://www.gmanetwork.com
last-modified: Fri, 18 Mar 2022 13:00:15 GMT
server: AmazonS3
etag: "f45e1d6e28a03cbe2f0cd7a58ebbe950"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-amz-cf-id: bqATUlvyEPnf5ovsnC7fxWM8H6ALiVPc10w8CAmn4DnUiTeb9euenA==

POST
H2 200 next_article_v2 Show response
www.gmanetwork.com/api/data/ 291 B
943 B 709ms
709ms XHR
application/json 54.230.162.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gmanetwork.com/api/data/next_article_v2
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.162.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-162-91.ewr53.r.cloudfront.net
Software: eqmod_httpd v1.0 (author: mon sarmiento) /
Resource Hash: adc954f599d66c9ff088d7228b3e2f7cb83ce0616806d1038425b0ab1870a0de

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
X-Requested-With: XMLHttpRequest
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 18 Mar 2022 14:31:53 GMT
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
vary: User-Agents,Accept-Encoding
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
p3p: CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
content-length: 291
server: eqmod_httpd v1.0 (author: mon sarmiento)
etag: "1647642713"
access-control-max-age: 1
access-control-allow-methods: POST, OPTIONS, GET, PUT
content-type: application/json; charset=UTF-8
access-control-allow-origin: www.gmanetwork.com
cache-control: max-age=120, public
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With
x-amz-cf-id: MfrRK5YCmFHJap36HPXPDoAzVyRSpp0hIKpaX-dHTzexKedfaMO5Sw==
x-elapsed-time: 64265 microseconds

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 60ms
33ms XHR
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-242242-18&cid=1788617992.1647613912&jid=292744510&gjid=362733985&_gid=1526702973.1647613912&_u=4CDAAUAAAAAAAC~&z=1445442725

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 18 Mar 2022 14:31:52 GMT
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ 3 KB
3 KB 99ms
18ms XHR
text/html 2600:9000:2162:4800:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:4800:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Mar 2022 13:27:07 GMT
via: 1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 12:46:04 GMT
server: AmazonS3
age: 3886
etag: "4a6c546fe449447f2a620613c0655458"
access-control-allow-methods: GET
x-amz-version-id: gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-type: text/html
content-length: 3121
x-amz-cf-id: BS6pogsdoUgWczmnLvEHGw2E-s3oqLCyF-s1sOgDgDYs9pnpOQBKHg==

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 59ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1543737212511664&ev=PageView&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&rl=&if=false&ts=1647613912523&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647613912521.693083226&it=1647613912257&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 18 Mar 2022 14:31:52 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
215 B 59ms
19ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1543737212511664&ev=ViewContent&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&rl=&if=false&ts=1647613912525&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1647613912521.693083226&it=1647613912257&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 18 Mar 2022 14:31:52 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 21ms
20ms Font
font/woff2 2607:f8b0:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:02 GMT
x-content-type-options: nosniff
age: 154910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:02 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 88ms
37ms Image
image/gif 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-242242-18&cid=1788617992.1647613912&jid=292744510&_u=4CDAAUAAAAAAAC~&z=397538216

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 64ms
37ms Image
image/gif 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-242242-18&cid=1788617992.1647613912&jid=292744510&_u=4CDAAUAAAAAAAC~&z=397538216

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gnoadscript.js Show response
images.gmanews.tv/res/js/ 35 KB
5 KB 144ms
18ms Script
application/javascript 99.84.125.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.gmanews.tv/res/js/gnoadscript.js
Requested by: Host: aphrodite.gmanetwork.com
URL: https://aphrodite.gmanetwork.com/assets/revamp/js/build/celebritylife_article.js?v=1.1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-97.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c0b89c553e4c70b21fb9eec928fa59e122860be4fa7bd6ef159b21115a6feb4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:36 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 08:39:04 GMT
server: AmazonS3
age: 88
etag: W/"8fc8ca7e762ba014eafa1cc550a4c670"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
cache-control: max-age=120
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: Tz5amxi-Qu2Xx3TRi_KlcJ33B11RpQLidF6eCyGZbIKSleOr5q-6Bw==

GET
H2 200 pixel;r=2020020494;labels=category.Entertainment%2Ckeywords.oktoberfest%2Ckeywords.origin%2Ckeywords.history%2Ckeywords.munich%2Ckeywords.bavaria%2Ckeywords.germany%2Ckeywords.wedding%2Ckeywords.ki...
pixel.quantserve.com/ 35 B
372 B 31ms
30ms Image
image/gif 2620:116:800b:21:2d66:77a6:9085:a5fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2020020494;labels=category.Entertainment%2Ckeywords.oktoberfest%2Ckeywords.origin%2Ckeywords.history%2Ckeywords.munich%2Ckeywords.bavaria%2Ckeywords.germany%2Ckeywords.wedding%2Ckeywords.king%20louis%20i%2Ckeywords.princess%2Ckeywords.therese%20von%20sachsen-hildburghausen%2Ckeywords.theresienwiese%2Ckeywords.thereses%20fields%2Ckeywords.wiesn%2Ckeywords.tradition%2Ckeywords.total%20beer%20consumed%2Ckeywords.annually%2Ckeywords.evolution%2Ckeywords.celebration%2Ckeywords.festivities%2Ckeywords.trivia%2Ckeywords.lifestyle%2Ckeywords.hobbies%20and%20interests%2Ctitle.How%20and%20where%20did%20the%20Oktoberfest%20originate%3F;rf=0;a=p-ernMzxMzj4rTH;url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1002488447-1647613912646;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=gmanetwork.com;je=0;sr=1600x1200x24;dst=0;et=1647613912646;tzo=0;ogl=title.How%20and%20where%20did%20the%20Oktoberfest%20originate%3F%2Cdescription.Why%20is%20it%20celebrated%20in%20October%3F%20You%20may%20ask%252E%20Find%20out%20HERE%3A%2Cimage.https%3A%2F%2Faphrodite%252Egmanetwork%252Ecom%2Fentertainment%2Farticles%2F900_675_Main_Image07_100%2Cimage%3Awidth.900%2Cimage%3Aheight.675%2Cimage%3Asecure_url.https%3A%2F%2Faphrodite%252Egmanetwork%252Ecom%2Fentertainment%2Farticles%2F900_675_Main_Image07_100%2Curl.https%3A%2F%2Fwww%252Egmanetwork%252Ecom%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-%2Ctype.website

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:2d66:77a6:9085:a5fa , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:52 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 uuid.min.js Show response
cdnjs.cloudflare.com/ajax/libs/node-uuid/1.4.8/ 2 KB
2 KB 65ms
37ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/node-uuid/1.4.8/uuid.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87b3e2271b71b1fefe56400637a37ef3fd2a66b84aee860973fa60b839d8262e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2965056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1095
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPxw%2BrB1lUDvEzgi17XWVLYOdOFOz%2FDwnK6o%2BLboSMo27uqgrxw2RXnpnBnMbzlHKcwbX7w6YVgdw%2BOM1KEHZPBva6ZcxebHY7adqld%2B2Wrerx8VlVKvfiOaU%2F2V%2F5RDavxH68bS3ZOhqNTgIeKmRmSX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6edeacaa6ef14bbe-YUL
expires: Wed, 08 Mar 2023 14:31:52 GMT

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 22ms
21ms Script
application/javascript 2600:9000:2120:4200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/async-buttons.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:4200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 10:45:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 99974
x-cache: Hit from cloudfront
content-length: 18813
server: nginx/1.20.1
etag: W/"61e1c3fb-16245"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 be2bc6f826ea9bebe879d48a50a29432.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: EWR52-C4
x-robots-tag: noindex, nofollow
x-amz-cf-id: gMVnEFfw6UATpAcwcKPCXXQhvW6WEhno8bzFwHoXGSmVPT1xY__JeQ==
expires: Sun, 20 Mar 2022 10:45:38 GMT

GET
H/1.1

200
OK

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1647613912663.38693&hostname=www.gmanetwork.com&location=%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-whe...
https://l.sharethis.com/sc?event=pview&version=buttons.js&lang=en&sessionID=1647613912663.38693&hostname=www.gmanetwork.com&location=%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-...

160 B
684 B

37ms
36ms

XHR
text/plain

3.129.242.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/sc?event=pview&version=buttons.js&lang=en&sessionID=1647613912663.38693&hostname=www.gmanetwork.com&location=%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&title=How%20and%20where%20did%20the%20Oktoberfest%20originate%3F%20%7C%20GMA%20Entertainment&sop=false&description=Why%20is%20it%20celebrated%20in%20October%3F%20You%20may%20ask.%20Find%20out%20HERE%3A&samesite=None

Requested by

Protocol

HTTP/1.1

Server

3.129.242.122 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

45eb847fe15cba6dfc656a4d0499718309d2724f2f680acdf59b75c3ae2084dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:53 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 160
Stid: ZG4AAmI0l9gAAAAJLZDLAw==

Redirect headers

Date: Fri, 18 Mar 2022 14:31:52 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Max-Age: 1728000
Content-Type: text/html; charset=utf-8
Location: /sc?event=pview&version=buttons.js&lang=en&sessionID=1647613912663.38693&hostname=www.gmanetwork.com&location=%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&title=How%20and%20where%20did%20the%20Oktoberfest%20originate%3F%20%7C%20GMA%20Entertainment&sop=false&description=Why%20is%20it%20celebrated%20in%20October%3F%20You%20may%20ask.%20Find%20out%20HERE%3A&samesite=None
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 871
Stid: ZG4AAmI0l9gAAAAJLZDLAw==

GET
H/1.1 200
OK d3d3LmdtYW5ldHdvcmsuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 133ms
18ms XHR
application/json 23.52.164.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmdtYW5ldHdvcmsuY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-164-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:52 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=28911
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: e908ecd49726500b63e22f5c4267d560
Content-Length: 15
Expires: Fri, 18 Mar 2022 22:33:43 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 162ms
33ms Image
image/gif 23.221.200.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=1.2265927322741175
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.221.200.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-200-229.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Sun, 17 Apr 2022 14:31:52 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 38ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=100769456682076&ev=fb_page_view&dl=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&rl=&if=false&ts=1647613912723&sw=1600&sh=1200&at=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 18 Mar 2022 14:31:52 GMT

GET
H2 200 video-play-logo.png
aphrodite.gmanetwork.com/assets/images/ 4 KB
5 KB 18ms
18ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/assets/images/video-play-logo.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cd0a40d9ad10941ea5728a680334d3e8449ce87fa0c3dbd6bcae7e491509dcb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 01:31:48 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Tue, 18 Feb 2020 10:08:13 GMT
server: AmazonS3
age: 46805
etag: "b8dbb273415508d187d017e4cbb365e6"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 4440
x-amz-cf-id: RUyobcl2YHu4-HA_j39dgEv1OOE5hC4nsNxZwNwdlwE423WT7l7UAA==
x-amz-meta-s3b-last-modified: 20200218T100519Z

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 25ms
21ms Stylesheet
text/css 2600:9000:2120:4200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/css/buttons-secure.css

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:4200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 15:49:30 GMT
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 18:42:03 GMT
server: nginx/1.20.1
age: 81742
etag: W/"61e1c3fb-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 be2bc6f826ea9bebe879d48a50a29432.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C4
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: MIa0PeGJ0KHufMVpZLST9mbt5EOEMifMqwsjxdVmk1OR4fVj0_pVlA==

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 48 KB
18 KB 68ms
20ms Script
text/javascript 143.204.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-86.ewr52.r.cloudfront.net
Software: Caddy /
Resource Hash: 55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 08:11:56 GMT
content-encoding: gzip
server: Caddy
age: 22797
etag: "bf83-flSXooGsmrmYNlxSK09toJAtNHc"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 b4396731a9663e6ea5f94926a9a70198.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: EWR52-C2
content-length: 18458
x-amz-cf-id: YRt7-SjayJSSydZzmqKnwV-cGm6bc9crFnQ2JL6wAH1moM1It2Plcg==
expires: Fri, 18 Mar 2022 20:11:56 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032203150226000/ Frame 81FC 222 KB
62 KB 72ms
21ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68764844bd09e53056e82e9914dcec3d70f299560eeef679e2ce78b8e43230f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 232485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62074
x-xss-protection: 0
server: sffe
date: Tue, 15 Mar 2022 21:57:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "485b59e91ebd1f0a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Mar 2023 21:57:08 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032203150226000/v0/ Frame 81FC 16 KB
6 KB 109ms
58ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 232485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Tue, 15 Mar 2022 21:57:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Mar 2023 21:57:08 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032203150226000/v0/ Frame 81FC 96 KB
29 KB 112ms
62ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 232485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Tue, 15 Mar 2022 21:57:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Mar 2023 21:57:08 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032203150226000/v0/ Frame 81FC 5 KB
2 KB 123ms
73ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 232485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Tue, 15 Mar 2022 21:57:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Mar 2023 21:57:08 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032203150226000/v0/ Frame 81FC 42 KB
13 KB 120ms
70ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 232485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Tue, 15 Mar 2022 21:57:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Mar 2023 21:57:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 81FC 8 KB
892 B 65ms
36ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 13:46:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 14:31:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 14:31:53 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 81FC 2 KB
3 KB 68ms
19ms Image
image/png 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 08:32:25 GMT
x-content-type-options: nosniff
server: cafe
age: 21568
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 19 Mar 2022 08:32:25 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 81FC 295 B
399 B 68ms
20ms Image
image/png 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:37:57 GMT
x-content-type-options: nosniff
server: cafe
age: 17636
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 19 Mar 2022 09:37:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 81FC 0
0 65ms
36ms Image
text/html 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxid_O0dcZw5ud7KKB5pJS7jUiEUote9ApZJ7Bkgjm8XqZElaQfvrUrcaByFzCrdGyqIUAAJFybzjiEof025HFiOMCZw
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 81FC 0
0 51ms
49ms Image
text/html 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVSsW2Jc0Yvn6EsqojAatn6_YCu6lhodph6PnhZQQ_pL8l88vEAEg2pGAa2B9oAGfpq7rA8gBAeACAKgDAcgDCqoEyAJP0MLMp1wY_FNbwobSds_LXya2XVZJR6EaWzLT5lvKhjgckhAJwBIm3fTPE-9PiBbjEWJ1J5cxm0MIVM-29gb54j82X3vDUMhW-QfTalBAv_HzQNuP-iTxRvkN7101XG5NpievicM0Tqaxl4GFaFU2no-O1Aw5_PpvRwHTnlH5l1864E0GSmTqMLxGUzVIH6G5n13vyylTdmxgXYsnDWY1-3OrZ1Zcq6rffDrUjM8Mhl2MkrBQbaO5GOTQZr_Eh1fyXP0iVI7DWXkU8PFqOXo691mibkQT7a2Yxr0ky058kCgh1-JNLAYoWfjNdX9z7WMCkOKTQta-1krAwsaMzphG7Q7opg4ozFUqQnaF6pWi5AjS6msD-y2V6SWM9fjc0KR15g7V_2FEkyhBghY2vj2M8NXA7oWai6HGp3l2_vuE_foP_o82noKhwATut9Le9gPgBAGSBQQIBBgBkgUECAUYBIAHydnRFKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMivEtIIBwiIYRABGB2ACgPICwHYEwKIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTc4Mzc5ODA4NzE0ODIyNRjj1Sc&sigh=fevrZOufgrU&uach_m=[UACH]
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s33-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 zoomd.widget.logger.min.js Show response
d99666469a0d.bitsngo.net/widget-scripts/ 8 KB
4 KB 28ms
28ms Script
application/x-javascript 69.28.157.216
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/widget-scripts/zoomd.widget.logger.min.js?ver=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.157.216 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-28-157-216.iad.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3727ee6b2ebeb3d7afd764d42abf601c2d36896755f94df00a14837b47f65c5d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:53 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 12:54:14 GMT
server: Microsoft-IIS/10.0
age: 90753
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 3849
x-llid: 14dd19d4d7a5c41daebdcb0cc327c29b
expires: Sun, 27 Mar 2022 13:19:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 91EF 0
0 43ms
42ms Fetch
image/gif 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpji7RoFdLi3ERSgTitMWSyp28eTeXSnRongfllr8bsmccG60-95mucf9eSRt6uBX-aRE4yqAIx4-cYFfmHGPL2HMj3h7y92UZpU0lk72175Ah_hzLgQOeUkZ9_vXqdSNagpzqpaKlYoeoCO_yuEUwEGZtacGVgDIEPhmcBkzz4n81magHNLIFOL1DmPwObW0OInYkgYiUO2F97UJrHianJFhkQt4Ugr_V8y7R-OxTVG8kL75ajV_UYpOfI_pczMngfYBOpS5KgJl-WUwOo3XGU9yGlg6j9lnaMot2CcRuDVroIycWGdK9llW_0OnHyJRM8gFLn-Xrj8pPuGU&sai=AMfl-YQWNqQi8Ty24QxIw0IkP79_Xzb4IPShzHi30y-n61E2BnPgNRHwYhUrJnYaDiKUBS0K9-_ifK1dSwQB8XWBnl_yjBBIad4wgwSbi037y_5wOARDCK-gfGmv4WXBrhJG&sig=Cg0ArKJSzDUdRs4c5HGSEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-10-83-212.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js Show response
cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/ Frame 91EF
Redirect Chain

https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssFlbcze_pRvtklKiur36GNN-LmPQqkGbUB4V_5hX1Ua5UV9BtEuSf7hvCrvq8QL4qB6NyEhxMi-9DTj0e_6OwPEg0HUZ-YWQm9n9kin8zeJ3jOe1c6_Zw7FudypN1bRLTX5mOPnUD0eiynv...
https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js

42 KB
42 KB

395ms
21ms

Script
application/octet-stream

8.252.62.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Server: 8.252.62.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac06a4bf4509a76500a4548b7b267ee564022537bd167ddaff4fd96768ee3dc2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:53 GMT
last-modified: Thu, 10 Mar 2022 13:17:27 GMT
server: AmazonS3
age: 695568
etag: "3a75963ff5e202de5246fe57a36f8b97"
x-amz-id-2: K2Bwgo+is8AMw+q3yscc88VNCw6/mEQfHsRLUTUP27itnuUlAaH43gmfQU6tTkC5YfJdjOmo+Sg=
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 43036
accept-ranges: bytes
x-amz-request-id: B8WJWKKEHP0K70T3
x-cdn: Lumen
expires: Mon, 09 May 2022 13:22:17 GMT

Redirect headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91EF 117 KB
36 KB 76ms
48ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Mar 2022 14:31:53 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/gmanmidfpdisplay183413089896/ Frame 91EF 12 KB
5 KB 107ms
38ms Script
application/x-javascript 23.221.201.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/gmanmidfpdisplay183413089896/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-201-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d3cdcd5682e1ae08a0bf5318faed144df464c8d576364769cf8362004fa7e562

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:53 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 17:17:11 GMT
server: AmazonS3
x-amz-request-id: ZYJBCHM54DKRV3BS
etag: "17ec5516d15dd1a5f277b76ac8af2dae"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=14464
accept-ranges: bytes
content-length: 4363
x-amz-id-2: gqLQbug2XEsCITlAoKUAg0Hsf1qfjMWSgENvvYn0YUUkiyWAxMpP6txajD4zTD3oiFnToYWK6OA=

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 142ms
33ms Script
application/javascript 23.10.83.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?rnd=1647613913283&cid=c010&dmn=www.gmanetwork.com&gdpr_domain=false

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.10.83.212 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

c1f8eaff746273c4eb883246de52e6c949f72d106ed4088059f3eb2572187ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1363
Expires: Fri, 18 Mar 2022 15:31:53 GMT

GET
DATA 200
OK truncated
/ Frame 81FC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d1ef3e165f4116415ca2fae8ca17f23329bace5866f940ef1f4a895b0f0a52b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 81FC 28 KB
28 KB 21ms
20ms Font
font/woff2 2607:f8b0:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:46:07 GMT
x-content-type-options: nosniff
age: 229546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:46:07 GMT

GET
H2 200 900_675_Main_Image07_1008__20211008095228.jpg
aphrodite.gmanetwork.com/entertainment/articles/ 119 KB
120 KB 33ms
32ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/articles/900_675_Main_Image07_1008__20211008095228.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70f6e89aad2247918026119991ae8fe2635a9824a0bb181c8fba5995fc1d5783

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 20:36:15 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 08 Oct 2021 01:52:31 GMT
server: AmazonS3
age: 64539
etag: "5deda58f3b469f6bbceb7e512b7db172"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 121978
x-amz-cf-id: JfN08wUTm5z_2wvXRV0ZqB5leMW73d3RANlo3YaNUHLpVWdyJD-YlA==

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 90ms
20ms XHR
application/json 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1647613913505&sessionId=1afb125c-9dbf-c051-e0c1-bc9806807bdd&url=www.gmanetwork.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:53 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 3218aa3d5298330b88ca8247a9ee2ccd
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 4 KB
2 KB 192ms
117ms Script
text/javascript 146.75.30.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&idx=0&rand=74343&key=NANOWDGT01&widgetJSId=AR_30&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=1afb125c-9dbf-c051-e0c1-bc9806807bdd&fdu=www.gmanetwork.com&px=237&py=4077&vpd=2877&cw=770&activeTab=true&darkMode=false&settings=true&recs=true&version=2000634&sig=nVFpXsmC&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&aqp=utm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&id5=ID5*-EbdD3RqmTh0rWWJ6PVr-wo6nphlvabA03gQlVHeJLoLct746kw-9NP2b5kTy_TbC3PfVJ1pxC_j79QxE1aacwt0bI9ov7lFS7Z1lj2Jq0YLdT6_gu2imzqLyxN6rUihC3Zvt0GvMyNQ2zc1gAegUwt3tWkZ7b8n3dbzHdt_n9gLeIVtmJOG_6VLLAEWGraKC3m3CFjV7Muy3E-5DS7ZjAt62mTLQtv_HsQQvW4PmicLe1OScGDDBGOk4HvwpYUHC3xGX5nbXNrLjmej_fzdmAt9KVjjbBUNxSWpGvK6F3ULfuHC8Zqy2zTm3LtP4oxoC3_5_Z1zwFnozHzgvTNcfQuAEnRhpGcV9P3qr9IPCzoLgaNG8IzEK-gcGxL-2tG_C4I0RPrQN27ncvlHFRXL_wuDsF8N2VeMpmnqtMux41oLhDa3iZDjXxMsR739zfExC4UavH305ZSdwSqmPZGNNAuGeZa7BQ_2qqWVXyhadTELhxyxWTvLC_SzOhkwMTgTC4hsv2od86ZLeLit29FvXguJV-yUV93MIECBhmgyEU0Ligy_VqFmiJ9tifzRdUJ2C4vkpg4YeMpNkD9DS6iykAuM10l_ssqAMdQF1v-qjmsLjW2MRiMNkYyODtob8JRXC47A6fswMnYVrjOEO5fVDw&id5type=1&ogn=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fa515768c47ec6624b35658f674e9ea82d9e91a0c5ac4a9444deb429ac33b4e1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:53 GMT
content-encoding: gzip
traffic-path: SADC1, IAD, North_America
x-cache: MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-cache-hits: 0
x-traceid: 15107eb39822ab736746070b4e95e498
content-length: 1671
x-served-by: cache-iad-kiad7000076-IAD
pragma: no-cache
x-timer: S1647613914.604490,VS0,VE95
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8E11 0
15 B 21ms
18ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.gmanetwork.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Fri, 18 Mar 2022 14:31:53 GMT

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 3 KB
2 KB 98ms
37ms Script
text/javascript 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=63925811921991721018629040122689048985799668021150181651287283292977&nc=0&tsf=0&tsfmi=&pv=0&cb=1647613913600&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=437199853&at=&bid=e30%3D&di=W1siZWYiLDQ2NDddLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyLTUu%0D%0AMC4wKVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMu%0D%0AMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1%0D%0AbSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6MTIsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwi%0D%0Ad2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxNzU1MjMzNzU1LFwic2VjXCI6XCJcIn0iXSxbLTEsIi0i%0D%0AXSxbLTIsIjEwLGVZRzlYMS9YMXRabFMyMmQ1MXg4WU5ZOU14SlFFTUNkVUJISkw4NkwyM0FDR1Vo%0D%0AQkl3SVNTRUVBY0lKZlJlQWdRSUVGb0luZEN4d1FYamhvMjcxOTZtTWpPdi9yODcwdXhxRngiXSxb%0D%0ALTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJwYWVvam9mb2hvZWZn%0D%0AaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFst%0D%0ANiwie1wid1wiOltcIjBcIixcImNocm9tZVwiLFwiJFwiLFwialF1ZXJ5XCIsXCJFTlZJUk9OTUVO%0D%0AVFwiLFwiSVNfRFVQTElDQVRFXCIsXCJCQVNFX1VSTFwiLFwiU0lURV9OQU1FXCIsXCJTSVRFX1VS%0D%0ATFwiLFwiRU5UX1JFU1wiLFwiU1lOQ19BU1NFVFNfVVJMXCIsXCJSRVNPVVJDRV9VUkxcIixcIlNJ%0D%0AVEVfU0VHTUVOVF8xXCIsXCJTSVRFX1NFR01FTlRfMlwiLFwiU0lURV9TRUdNRU5UXzNcIixcIlNJ%0D%0AVEVfU0VHTUVOVF80XCIsXCJTSVRFX1NFR01FTlRfNVwiLFwiSU5URVJOQVRJT05BTF9VUkxcIixc%0D%0AIkhBREVTX0NPTlRFTlRcIixcIk5FVFdPUktfVVJMXCIsXCJFTlRfREFUQV9VUkwxXCIsXCJFTlRf%0D%0AREFUQV9VUkwyXCIsXCJTM19FTkRQT0lOVFwiLFwiUzNfU09VUkNFXCIsXCJTM19NRURJQVwiLFwi%0D%0ARU5WXCIsXCJTRVJWSUNFU19JR01BXCIsXCJCQVNFX0ZPTERFUlwiLFwiSlNfQ09PS0lFX0VYUElS%0D%0AWVwiLFwiU1VCX0ZPTERFUlwiLFwiQ09OVEVOVF9JRFwiLFwiQ09OVEVOVF9LRVlXT1JEXCIsXCJQ%0D%0AQUdFX1RZUEVcIixcIkNBVEVHT1JZXCIsXCJDQVRFR09SWV9MQUJFTFwiLFwiV0lER0VUXCIsXCJD%0D%0AT05URU5UX1RZUEVcIixcIkVOVF9EQVRBX1VSTFwiLFwiU0VSVkVSX1RJTUVcIixcIkRGUF9LRVlX%0D%0AT1JEU1wiLFwiTUVUQV9LRVlXT1JEU1wiLFwiREZQX0NPREVcIixcIlBVQkxJU0hfREFURVwiLFwi%0D%0AUE9TVF9EQVRFXCIsXCJTRU9fVElUTEVcIixcIkFVVEhPUlwiLFwiRkJfSURcIixcIkdPT0dMRV9B%0D%0ATkFMWVRJQ1NcIixcIkdPT0dMRV9BTkFMWVRJQ1NfRU5UXCIsXCJHQTRfSURfRU5UXCJdLFwiblwi%0D%0AOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTEx%0D%0ALCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwia2V5d29yZHNcIixcIm9nOnRp%0D%0AdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjp0aXRsZVwiLFwidHdpdHRlcjpkZXNj%0D%0AcmlwdGlvblwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9cIjowLjAwMzA5%0D%0ANTk3NTIzMjE5ODE0MjZ9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAs%0D%0AMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAs%0D%0AMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiMTc4%0D%0AODYxNzk5Mi4xNjQ3NjEzOTEyIl0sWy0yMSwiblZGcFhzbUMiXSxbLTIyLCJbXCJuXCIsXCJuXCJd%0D%0AIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjozNzMwMDAw%0D%0AMCxcInVqaHNcIjoyNzYwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDEwLDAs%0D%0AXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMiXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAs%0D%0AMiwwLDIsMCwyLDAsMCwyLDIsMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNl%0D%0AIl0sWy0zMiwiMiJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2NDc2MTM5MTM1NzksMF0i%0D%0AXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImks%0D%0ALTEsLTEsNDIsMCwxLDAsNTUxLDM5LDM3OTksNjAsMCw0OTYwLjksNDk2MC45LDc1ODEsNzU4MiJd%0D%0ALFstMzksIltcIjIwMDMwMTA3XCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwi%0D%0ALG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFst%0D%0ANDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMCJdLFstNDQs%0D%0AIjAsMCwwLDUiXSxbLTQ1LCItIl0sWy00NiwiMCJdLFstNDcsIkV0Yy9Vbmtub3duLGVuLVVTLGxh%0D%0AdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbImJuY2giLDgzXV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A237%2C%22y%22%3A4077%2C%22w%22%3A770%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=LkXNxuhQVG&sdd=%7B%7D&pto=7604
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 12449eb3e3ac94ae01c46ac6aaefba7d5f92beaa74fa1337bd3a4f68407fd803

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:53 GMT
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 1643
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 81FC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

100ms
51ms

Image
text/html

2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Server: 2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Fri, 18 Mar 2022 14:31:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 99ms
52ms Fetch
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: d99666469a0d.bitsngo.net
URL: https://d99666469a0d.bitsngo.net/widget-scripts/zoomd.widget.loader.min.js?ver=4.0.v20220317125347.11905

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 2623987765962668673
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 18 Mar 2022 14:31:53 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 6CC8 2 KB
1 KB 36ms
36ms Document
text/html 23.10.83.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.873.23176&cid=c010

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?rnd=1647613913283&cid=c010&dmn=www.gmanetwork.com&gdpr_domain=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.10.83.212 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-10-83-212.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

Content-Length: 1160
Cache-Control: max-age=604800
Expires: Fri, 25 Mar 2022 14:31:53 GMT
Date: Fri, 18 Mar 2022 14:31:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Encoding: gzip
Content-Type: text/html
X-Robots-Tag: noindex, nofollow

GET
H2 200 moatcore.js Show response
z.moatads.com/gmanmidfpdisplay183413089896/ Frame 91EF 302 KB
103 KB 34ms
33ms Script
application/x-javascript 23.221.201.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/gmanmidfpdisplay183413089896/moatcore.js
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/gmanmidfpdisplay183413089896/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-201-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7c426a1dbdfc86de82f1da708227a50f0d7e7a32e4317a580ff8a1af32b14712

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:53 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 17:17:15 GMT
server: AmazonS3
x-amz-request-id: S2GSRWQHENF6JMWD
etag: "71a17029f13e123d65e7c7e2698e4eba"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=64546
accept-ranges: bytes
content-length: 104579
x-amz-id-2: pHV5O5S0ALJRmzPbMV9o/Td027aMice7gW2/aaDad/piBy6sgKC34ZShFD5fGjr53KXN03ynGQM=

GET
H2 200 pixel.gif
px.moatads.com/ Frame 91EF 43 B
260 B 99ms
96ms Image
image/gif 23.221.201.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&d=GMANMI_DFP_DISPLAY1%3A343684595%3A346094075%3A-&de=142602342491&t=1647613913701&i=MOAT_FEATHER_DEBUG1&gw=gmanmidfpdisplay183413089896&cm=1&ac=1&f=0&bq=0&ar=359f21c1e97-clean&iw=2add9d8&dMoatOQs=moatClientLevel1%3D4914438385%26moatClientLevel2%3D2739195827%26moatClientLevel3%3D5471012876%26moatClientLevel4%3D138322335932%26moatClientSlicer1%3D343684595%26moatClientSlicer2%3D346094075%26zMoatSZ%3D300x250%26zMoatPS%3DENT_Celeblife_Desktop_Mrec1_1%26zMoatPT%3DCelebrity_Life_Article_Page%26zMoatMMV%3D%26zMoatSite%3DGMA_Entertainment%26zMoatMData%3D%26zMoatMGV%3D%26zMoatMSafety%3D&fq=0&sy=0&gh=0&wb=0&g=0&na=27302494&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-201-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 18 Mar 2022 14:31:53 GMT

GET
DATA 200
OK truncated
/ Frame 91EF 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36e4e2ff7930d1b6cbd9dac505e4504dd6ef0c5e719b7c35ef2f79d339dbf866

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 20ms
20ms XHR
application/json 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1647613913775&sessionId=1afb125c-9dbf-c051-e0c1-bc9806807bdd&url=www.gmanetwork.com&cheqSource=1&cheqEvent=2&responseTime=812
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:53 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: f36a6192fb8c242e0e7a9ff5dcd2bc14
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
79 B 30ms
30ms Image
image/gif 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136ee9c134e94e8b9e9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163345714393d30164f578afe6d0e34748b54f88bd39e821da61c45085052aae2d05f91e46042ccf5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c0250616e96567ac940a61efc89825d957bd1fad811bc551c8c96dd82a77c3d835d277c5d0befaddefb61f7bf52fb2b2f2780432eed066c5e244e7164153850b5dd182c38681eb923bce6a88de93a349cd5c5513a2372a97c696157d80bf28fc5ab2c34cc62cfa26464a559930be5cdb97a828bbd26c8752a798ccd527d6195178e812115c7d4579d1b96ea44c98cd8a2be89969eb973ccc81e2f27288bcf112677986ee5e54d0a1125409f0ebaf38f17dd9f554eee329b563f86ed24e854a83b57b9f4f65b1b3c63f6b22245b7f16034ceebede399054e2060a5e76baed1886c64948aba79cfee32e8bfff8eed2adbdfb4a532eb912d7f5063091496607c5210163669d78b37519cbf7c2618c7cd42083b72fccbb1184780a243c1f7a139ddcf9dd3c7f49871b4395cfc4bdb0c83e198ce3af7784bc0269c4c0402e63f88dcb1370a52d81438d59b67ddd4799bb4cbde476bbc5dfc0920320aab52771c136b487b0e6&cb=1647613913775&cri=LkXNxuhQVG
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:53 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 43
content-type: image/gif

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame 5FF7 2 KB
1004 B 35ms
34ms Document
text/html 23.221.200.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=d73919cd-dc31-4461-a49f-395199010621
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.221.200.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-200-229.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "1e015194a0e596827cb8971f884eb43c:1647354312.495409"
last-modified: Mon, 14 Mar 2022 11:43:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
expires: Fri, 18 Mar 2022 18:31:53 GMT
date: Fri, 18 Mar 2022 14:31:53 GMT
content-length: 686
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame C2FC 416 B
713 B 33ms
32ms Document
text/html 23.221.200.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.221.200.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-200-229.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1647434064.79331"
last-modified: Mon, 14 Mar 2022 07:40:28 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=14400
expires: Fri, 18 Mar 2022 18:31:53 GMT
date: Fri, 18 Mar 2022 14:31:53 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 32ms
19ms Fetch
application/json 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=87debe564f155aebf95cc034356f53b2&pvId=87debe564f155aebf95cc034356f53b2&sid=5000847&pid=3816&idx=0&wId=254&pad=0&org=0&tm=1083&eT=0&widgetWidth=770&widgetHeight=0&widgetX=237&widgetY=4078&wRV=2000634&pVis=0&lsd=d73919cd-dc31-4461-a49f-395199010621&eIdx=&cheq=2&rtt=270&oo=false&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:53 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 6813a97f4199f04e2718ab9ac1ff04e8
Content-Length: 4
Expires: 0

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame 36C5 17 KB
6 KB 34ms
34ms Document
text/html 23.221.200.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.221.200.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-200-229.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4ba5146eb33e639576b0befa39a523230a21b504b6a68f57bb1a32ea9b514c23

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "2f2b7a716f5b20c4b13adcdfd51e461b:1646323178.713502"
last-modified: Thu, 03 Mar 2022 15:52:32 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
expires: Fri, 18 Mar 2022 18:31:53 GMT
date: Fri, 18 Mar 2022 14:31:53 GMT
content-length: 5861
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H/1.1 200
OK gmanetwork_zoomd.js Show response
prodpsus1.blob.core.windows.net/content/pixels/ 860 B
1 KB 265ms
37ms Script
application/x-javascript 20.150.88.132
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prodpsus1.blob.core.windows.net/content/pixels/gmanetwork_zoomd.js?userId=7fa6c323-ab70-4dee-80a8-f4978dc45754
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.88.132 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d46b7712943d14b327830c345926bdb29d127f75dfd28105dd88b5f0293981b7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 18 Mar 2022 14:31:53 GMT
Last-Modified: Thu, 20 May 2021 10:56:59 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: SeH3AvXe18mvsXriAhnG7g==
ETag: "0x8D91B7DFDD717B0"
x-ms-meta-CbModifiedTime: Thu, 20 May 2021 10:55:52 GMT
Content-Type: application/x-javascript
x-ms-request-id: bae08f6f-501e-0013-10d4-3a42a4000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 860
x-ms-lease-state: available

POST
H/1.1 200
OK GetToken Show response
zdwidget3-bs.sphereup.com/zoomd/SearchUi/ 224 B
953 B 129ms
34ms XHR
application/json 104.209.192.206
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/GetToken
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.209.192.206 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4d79cb16e955592f90a4fb9ab22459c3309817a9f82f669f9fc80ab28c679682

Request headers

Accept: */*
Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 18 Mar 2022 14:31:53 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 324

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 426ms
398ms Fetch
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: d99666469a0d.bitsngo.net
URL: https://d99666469a0d.bitsngo.net/widget-scripts/zoomd.widget.loader.min.js?ver=4.0.v20220317125347.11905

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54804
x-xss-protection: 0
server: cafe
etag: 5218658745697026728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 14:31:54 GMT

GET
H3 200 css
fonts.googleapis.com/ 3 KB
627 B 35ms
35ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 13:38:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 14:31:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 14:31:53 GMT

GET
H3 200 icon
fonts.googleapis.com/ 569 B
366 B 36ms
35ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 14:31:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 14:31:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 14:31:53 GMT

GET
H2 200 masonry.pkgd.min.js Show response
d99666469a0d.bitsngo.net/widget-scripts/ 25 KB
10 KB 29ms
28ms Script
application/x-javascript 69.28.157.216
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/widget-scripts/masonry.pkgd.min.js?v=4.0.v201807040945
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.157.216 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-28-157-216.iad.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b4ab3afc167a24f795563b7a51fae8dfbe6efc232ccb2e2add52dacc59cec3e3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:53 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 09:55:22 GMT
server: Microsoft-IIS/10.0
age: 238923
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 10208
x-llid: 52e344a4bbc433159c15bfa58b5d22f4
expires: Fri, 25 Mar 2022 20:09:50 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 45ms
18ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 28440509
cdn-cachedat: 2021-03-10 13:26:28
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9de03c320bd826dd854266be13ad082b
cf-ray: 6edeacb17a704bbe-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3 200 core.min.js Show response
cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/ 86 KB
26 KB 39ms
20ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/core-js/2.5.1/core.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c062e44ef26a7b57ee5e158af4af360561ed6f3d18d96e4c1faa9b69097add0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 759255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25572
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-156f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2B9baPEetGBRCQwXyQk06j17dLusIkGvsxObLCVwl8bmub1PW1HLh%2BEQTsZVtCG8CzQbkq%2FfRoM%2FPqrYrWUP58LtoNEH13YHaor62U15qPq9ccAflaLkICZVRGwCZqf3coCuMXDGK8tw5yQS5TL9FjNY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6edeacb16a694bbe-YUL
expires: Wed, 08 Mar 2023 14:31:53 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.873.23176/a/CA/ Frame 167A 23 KB
10 KB 42ms
37ms Script
text/javascript 23.10.83.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.873.23176/a/CA/t_.js?cid=c010

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.873.23176&cid=c010

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.10.83.212 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-10-83-212.deploy.static.akamaitechnologies.com

Software

Resource Hash

79c54b3e884eff89d5bb4de506d76aad867ef49583c5d5364a3d3e5a0a8e5546

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.873.23176&cid=c010
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:53 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 9493
Expires: Fri, 25 Mar 2022 14:31:53 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 91EF 43 B
260 B 33ms
32ms Image
image/gif 23.221.201.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&d=GMANMI_DFP_DISPLAY1%3A343684595%3A346094075%3A-&de=142602342491&t=1647613913701&i=MOAT_FEATHER_DEBUG1&gw=gmanmidfpdisplay183413089896&cm=1&ac=1&f=0&bq=0&ar=359f21c1e97-clean&iw=2add9d8&dMoatOQs=moatClientLevel1%3D4914438385%26moatClientLevel2%3D2739195827%26moatClientLevel3%3D5471012876%26moatClientLevel4%3D138322335932%26moatClientSlicer1%3D343684595%26moatClientSlicer2%3D346094075%26zMoatSZ%3D300x250%26zMoatPS%3DENT_Celeblife_Desktop_Mrec1_1%26zMoatPT%3DCelebrity_Life_Article_Page%26zMoatMMV%3D%26zMoatSite%3DGMA_Entertainment%26zMoatMData%3D%26zMoatMGV%3D%26zMoatMSafety%3D&fq=0&sy=0&gh=0&wb=0&g=1&tc=1&na=1825425771&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-201-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 18 Mar 2022 14:31:53 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 34ms
33ms Image
image/gif 23.221.201.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=GMANMI_DFP_DISPLAY1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1647613913853&de=157009397932&m=0&ar=359f21c1e97-clean&iw=a1dda84&q=2&cb=0&ym=0&cu=1647613913853&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4914438385%3A2739195827%3A5471012876%3A138322335932&zMoatPT=Celebrity_Life_Article_Page&zMoatSZ=300x250&zMoatPS=ENT_Celeblife_Desktop_Mrec1_1&zMoatSite=GMA_Entertainment&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&id=1&ii=4&bo=343684595&bd=346094075&zMoatOrigSlicer1=343684595&zMoatOrigSlicer2=346094075&gw=gmanmidfpdisplay183413089896&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A4961%3A4961%3A0%3A4492&iq=na&tt=na&tu=&tp=&fs=197273&na=232522850&cs=0
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-201-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 18 Mar 2022 14:31:53 GMT

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 41ms
40ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Accept-Language: en-CA,en;q=0.9
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=Jv3xN5T5LxsSf1h9zXJ3GYXy4LPSLLAiD5gpa3vxXek%3D&se=1647615737&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: pageView
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
clientId: "89268379"

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 18 Mar 2022 14:31:53 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 163ms
32ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Fri, 18 Mar 2022 14:31:53 GMT

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v28/ 16 KB
16 KB 21ms
20ms Font
font/woff2 2607:f8b0:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gmanetwork.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:44:51 GMT
x-content-type-options: nosniff
age: 229622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:06:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:44:51 GMT

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame C2FC 610 B
674 B 33ms
33ms Document
text/html 23.221.200.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.221.200.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-200-229.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1647354310.339468"
last-modified: Mon, 14 Mar 2022 11:43:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
expires: Fri, 18 Mar 2022 18:31:53 GMT
date: Fri, 18 Mar 2022 14:31:53 GMT
content-length: 355
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H3

200

458249.gif
idsync.rlcdn.com/ Frame 36C5
Redirect Chain

https://idsync.rlcdn.com/420046.gif?partner_uid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQEhPT3M0UDcxWEhGcDRuQ3Y0V1FEc0NadWV2WW1uTjVCcTVqelBVX3lUeEJXYmhFSXpvVk1nbUFLTXhmcDRmaVMQABoNCNqv0pEGEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=6547a7002bcf01f20f639737947ea2af7494b2188f53d2c317137056cb882d5c791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2NTQ3YTcwMDJiY2YwMWYyMGY2Mzk3Mzc5NDdlYTJhZjc0OTRiMjE4OGY1M2QyYzMxNzEzNzA1NmNiODgyZDVjNzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2NTQ3YTcwMDJiY2YwMWYyMGY2Mzk3Mzc5NDdlYTJhZjc0OTRiMjE4OGY1M2QyYzMxNzEzNzA1NmNiODgyZDVjNzkxNDI2YjU0MTdkY2UyMRAAGgwI2q_SkQYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=df6fe177-892b-4dc9-b7fd-3b494c164dc5

42 B
60 B

43ms
42ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=df6fe177-892b-4dc9-b7fd-3b494c164dc5
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:54 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/458249.gif?partner_uid=df6fe177-892b-4dc9-b7fd-3b494c164dc5
date: Fri, 18 Mar 2022 14:31:54 GMT
via: 1.1 google
x-samesite: secure
alt-svc: clear
content-length: 111
content-type: text/html; charset=utf-8

GET
H/1.1 400
Bad Request 29859
tags.bluekai.com/site/ Frame 36C5 0
225 B 125ms
87ms Image
text/plain 173.223.56.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29859?id=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.56.123 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-56-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://b1sync.zemanta.com/usersync/outbrain/?puid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&gdpr=0&gdpr_consent=&us_privacy=1---
https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&s=2&us_privacy=1---
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=7njEWzLJ9MvebDLMaMLC&gdpr=0&us_privacy=1---

0
292 B

51ms
21ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=zemanta&uid=7njEWzLJ9MvebDLMaMLC&gdpr=0&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: c981862167ffd636ffc295334ef1481e
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:54 GMT
P3p: CP="We do not support P3P header."
Location: https://sync.outbrain.com/cookie-sync?p=zemanta&uid=7njEWzLJ9MvebDLMaMLC&gdpr=0&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 130
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dappnexus%26uid%3D%24UID%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=3963323398845382505&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS

0
291 B

76ms
20ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=3963323398845382505&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: 5af3e3db4d01febb97b5ac3b3f562816
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:54 GMT
X-Proxy-Origin: 149.56.153.180; 149.56.153.180; 802.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5f39df28-5faa-41d7-928c-7b364069b54d
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=3963323398845382505&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 36C5
Redirect Chain

https://dpm.demdex.net/ibs:dpid=133726&dpuuid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&gdpr=0&gdpr_pd=1&gdpr_consent=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&gdpr=0&gdpr_pd=1&gdpr_consent=

42 B
943 B

32ms
31ms

Image
image/gif

54.210.230.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&gdpr=0&gdpr_pd=1&gdpr_consent=

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html

Protocol

HTTP/1.1

Server

54.210.230.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-210-230-128.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v030-02368c80f.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 8v9UAIwlRas=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-2-v030-007f93e96.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: NNSek2SqS+I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&gdpr=0&gdpr_pd=1&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 set
sync-jp.im-apps.net/imid/ Frame 36C5 43 B
203 B 837ms
265ms Image
image/gif 52.192.30.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.30.216 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-30-216.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
cache-control: no-cache
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
content-length: 43
expires: Fri, 18 Mar 2022 14:31:53 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent=
https://sync.outbrain.com/cookie-sync?p=ttd&uid=60aef7da-d3ee-450f-9043-2b25dc5ed8ad

0
306 B

78ms
20ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=ttd&uid=60aef7da-d3ee-450f-9043-2b25dc5ed8ad
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: 6f7692849e8b2adff282dbe2e1cd7bb6
Content-Length: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:54 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.outbrain.com/cookie-sync?p=ttd&uid=60aef7da-d3ee-450f-9043-2b25dc5ed8ad
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 36C5 0
338 B 80ms
23ms Image
text/plain 52.201.81.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.81.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-81-127.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1647613914
x-served-by: beacon-n012-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 36C5 43 B
654 B 76ms
30ms Image
image/gif 143.204.146.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-27.ewr52.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:54 GMT
via: 1.1 4c4a56815dfe3e256aedb11d486092f0.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR52-C2
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: T_rnMaNGpz8EMj9vD0CQxV9lcSCNh3Jsg3UQpvs4ka3ubdDclHkHIQ==
expires: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=ff6a1422-97f5-4e8f-8d22-9a5441b0e269

0
308 B

41ms
21ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=ff6a1422-97f5-4e8f-8d22-9a5441b0e269
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: 3eff3f0ce64a0ff95942413135b8b292
Content-Length: 0

Redirect headers

location: //sync.outbrain.com/cookie-sync?p=mediaforce&uid=ff6a1422-97f5-4e8f-8d22-9a5441b0e269
date: Fri, 18 Mar 2022 14:31:54 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://x.bidswitch.net/sync?ssp=outbrain&user_id=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=outbrain&bsw_custom_parameter=28336e19-f04a-42ba-a8e3-32940fcbf9f4
https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=4db720f8-f2c1-4d3f-a7af-9066333eca2d&ssp=outbrain&bsw_param=28336e19-f04a-42ba-a8e3-32940fcbf9f4
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=28336e19-f04a-42ba-a8e3-32940fcbf9f4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

0
309 B

21ms
21ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=28336e19-f04a-42ba-a8e3-32940fcbf9f4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: 460009e0eb3537b2ccd12e0a936eede9
Content-Length: 0

Redirect headers

Location: //sync.outbrain.com/cookie-sync?p=bidswitch&uid=28336e19-f04a-42ba-a8e3-32940fcbf9f4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 36C5 43 B
363 B 74ms
24ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS%26uid%3D%40%40CRITEO_USERID%40%40

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:54 GMT
server: Kestrel
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 582609
content-type: image/gif
expires: Fri, 18 Mar 2022 00:00:00 GMT

GET
H/1.1

200
OK

sync
sofia.trustx.org/ul_cb/ Frame 36C5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKBnfdBxlAdQ3roDOTmXYBc&google_cver=1
https://sofia.trustx.org/sync?tp_id=1&tp_uid=28336e19-f04a-42ba-a8e3-32940fcbf9f4&ssp_custom_data=
https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=28336e19-f04a-42ba-a8e3-32940fcbf9f4&ssp_custom_data=

43 B
806 B

35ms
35ms

Image
image/gif

35.211.168.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=28336e19-f04a-42ba-a8e3-32940fcbf9f4&ssp_custom_data=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.168.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Location: https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=28336e19-f04a-42ba-a8e3-32940fcbf9f4&ssp_custom_data=
Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=25
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7076447877075237008

0
294 B

21ms
20ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7076447877075237008
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: 77fd3af36868e6da5eac5b2b1b79c4e0
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7076447877075237008
Date: Fri, 18 Mar 2022 14:31:54 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 36C5
Redirect Chain

https://ps.eyeota.net/match?bid=1mpn7m0&uid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS

70 B
440 B

25ms
25ms

Image
image/gif

3.232.64.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 3.232.64.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-64-79.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?bid=1mpn7m0&uid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Date: Fri, 18 Mar 2022 14:31:54 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
id.geistm.com/m/OB/ Frame 36C5 0
158 B 82ms
23ms Image
text/plain 52.6.194.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.geistm.com/m/OB/HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.194.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-194-164.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
x-powered-by: Express

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://creativecdn.com/cm-notify?pi=outbrain
https://creativecdn.com/cm-notify?pi=outbrain&tc=1
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=sHId1ieHY03i2hYsLy5F&pi=outbrain&tc=1

0
292 B

20ms
19ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=sHId1ieHY03i2hYsLy5F&pi=outbrain&tc=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: 7508f65e430bf5bfe7ab2c67efb72a7d
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=sHId1ieHY03i2hYsLy5F&pi=outbrain&tc=1
pragma: no-cache
date: Fri, 18 Mar 2022 14:31:54 GMT, Fri, 18 Mar 2022 14:31:54 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L0WIS8MA-1D-APDF

0
287 B

21ms
21ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L0WIS8MA-1D-APDF
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: c54bc7b4fa439fe35d1b629ff0a5c4c8
Content-Length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L0WIS8MA-1D-APDF
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 0190a17a18f2299b1b85aeb1793e601c
Expires: 0

GET
H/1.1 200
OK cookiesyncredir
bttrack.com/Pixel/ Frame 36C5 35 B
573 B 100ms
25ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/Pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbidtellect%26uid%3D%7Bglobalid%7D%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ServerName: Track004-iad
Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:48 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2 403 tpid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame 36C5 49 B
269 B 25ms
24ms Image
image/gif 54.173.43.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.43.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-43-128.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:54 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.15.135
content-type: image/gif
content-length: 49
expires: 0

GET
H3

200

396846.gif
idsync.rlcdn.com/ Frame 36C5
Redirect Chain

https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&xl8blockcheck=1
https://idsync.rlcdn.com/397416.gif?partner_uid=ba003d8a2caa47b4e68eea8a765591d4
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=c329367f-ce73-4f31-a378-805130525f46

42 B
60 B

48ms
48ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=c329367f-ce73-4f31-a378-805130525f46
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:54 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=c329367f-ce73-4f31-a378-805130525f46
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBW...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMg...
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS

0
307 B

20ms
20ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: e9c6e93a9655275457bf126bc9976da5
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 348
Expires: Fri, 18 Mar 2022 14:31:54 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTx...
https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTx...
https://sync.outbrain.com/cookie-sync?p=spotx&uid=28690ff1-a6c8-11ec-8552-1c1b615a0503&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS

0
308 B

22ms
22ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=spotx&uid=28690ff1-a6c8-11ec-8552-1c1b615a0503&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: adcfb89a8e6c63b0dad587289bb5312c
Content-Length: 0

Redirect headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Server: nginx
Location: https://sync.outbrain.com/cookie-sync?p=spotx&uid=28690ff1-a6c8-11ec-8552-1c1b615a0503&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 128
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkFDOEU5RDYtQURCRi00NzU1LUIwRjQtQTlBQTcxQjAyQzJD&gdpr=0&gdpr_consent=PM_CONSENT
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT
https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS%2...
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&uid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C

0
311 B

21ms
20ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&uid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: a29fb38b9464a0024e970caab5997fd3
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&uid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C
date: Fri, 18 Mar 2022 13:21:44 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMx...
https://u.openx.net/w/1.0/cm?cc=1&id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMg...
https://sync.outbrain.com/cookie-sync?p=openx&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&uid=26fe601e-7cda-44ad-9f6e-520fb172f9b5

0
308 B

20ms
20ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=openx&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&uid=26fe601e-7cda-44ad-9f6e-520fb172f9b5
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: e692e5637c886e87e41ec5e8f742c33a
Content-Length: 0

Redirect headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync.outbrain.com/cookie-sync?p=openx&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&uid=26fe601e-7cda-44ad-9f6e-520fb172f9b5
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP28783839-a6c8-11ec-8ca3-0e9024a78271
https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP28783839-a6c8-11ec-8ca3-0e9024a78271&verify=true
https://sync.outbrain.com/cookie-sync?p=oath&uid=UP28783839-a6c8-11ec-8ca3-0e9024a78271

0
309 B

34ms
20ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=oath&uid=UP28783839-a6c8-11ec-8ca3-0e9024a78271
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: 4614998ade9e9057a84d10fffeaa6e7b
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=oath&uid=UP28783839-a6c8-11ec-8ca3-0e9024a78271
date: Fri, 18 Mar 2022 14:31:54 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

302
Found

getuid
ib.adnxs.com/ Frame 36C5
Redirect Chain

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS%0A
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5...

0
820 B

18ms
17ms

Image
text/html

68.67.161.207
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS%0A&b64_redirect=aHR0cHM6Ly9zeW5jLm91dGJyYWluLmNvbS9jb29raWUtc3luYz9wPWVteCZ1aWQ9JEVNWFVJRCZvYlVpZD1IT09zNFA3MVhIRnA0bkN2NFdRRHNDWnVldlltbk41QnE1anpQVV95VHhCV2JoRUl6b1ZNZ21BS014ZnA0ZmlTCg==

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html

Protocol

HTTP/1.1

Server

68.67.161.207 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

802.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:54 GMT
X-Proxy-Origin: 149.56.153.180; 149.56.153.180; 802.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4bd83352-42b8-4e30-a028-89661f4a93bd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS%0A&b64_redirect=aHR0cHM6Ly9zeW5jLm91dGJyYWluLmNvbS9jb29raWUtc3luYz9wPWVteCZ1aWQ9JEVNWFVJRCZvYlVpZD1IT09zNFA3MVhIRnA0bkN2NFdRRHNDWnVldlltbk41QnE1anpQVV95VHhCV2JoRUl6b1ZNZ21BS014ZnA0ZmlTCg==
date: Fri, 18 Mar 2022 14:31:54 GMT
content-length: 0
content-type: text/html

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzP...
https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5...
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=ab2217ff-d085-4027-96d0-a1e95c63339e&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS

0
318 B

25ms
23ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=ab2217ff-d085-4027-96d0-a1e95c63339e&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: fcfe15cb1341166b605dcc0ed15034fe
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=ab2217ff-d085-4027-96d0-a1e95c63339e&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
date: Fri, 18 Mar 2022 14:31:54 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%24%7BUSER%7D%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhE...
https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&zcc=1&cb=1647613914585
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=885891271
https://sync.1rx.io/usersync/tradedesk/0a5af0c9-0c57-49a6-993a-f55dc5b2e711
https://sync.targeting.unrulymedia.com/csync/RX-b0a481a5-940b-4179-b52d-708c6a52647f-005?redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3DRX-b0a481a5-940b-4179-b52d-708c6a52...
https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-b0a481a5-940b-4179-b52d-708c6a52647f-005&obUid=$D

0
145 B

19ms
19ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-b0a481a5-940b-4179-b52d-708c6a52647f-005&obUid=$D
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: 2e5efb063a2f6b6470653d050d984477
Content-Length: 0

Redirect headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Server: Tengine
ETag: RXb0a481a5940b4179b52d708c6a52647f005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-b0a481a5-940b-4179-b52d-708c6a52647f-005&obUid=$D
Connection: keep-alive
Content-Type: text/html

GET
H2 204 /
s.ad.smaato.net/c/ Frame 36C5 0
240 B 60ms
19ms Image
text/plain 2600:9000:2140:d800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:d800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
via: 1.1 4a93be6e6adaadeec2a72967f0720080.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: IeK-8nr2jfU7rROGGRn9L80EQcHZJNHlWefqYaNylBJjDl5AvxNIcw==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DHOOs4P71XHFp4n...
https://sync.outbrain.com/cookie-sync?p=smart&uid=7657049583729428286&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING

0
291 B

22ms
21ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=smart&uid=7657049583729428286&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: 58e6bcb179fd083394dd50187f2617f8
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=smart&uid=7657049583729428286&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
date: Fri, 18 Mar 2022 14:31:54 GMT
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&redir=true&verify=true
https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-TFnfEixE2uH42bZ5M6KObsa9ySGTwXEEk2esim8-~A&gdpr=0&gdpr_consent=

0
323 B

28ms
27ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-TFnfEixE2uH42bZ5M6KObsa9ySGTwXEEk2esim8-~A&gdpr=0&gdpr_consent=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: 60cdcb83e8a19279a3367acbc1cb4d36
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-TFnfEixE2uH42bZ5M6KObsa9ySGTwXEEk2esim8-~A&gdpr=0&gdpr_consent=
date: Fri, 18 Mar 2022 14:31:54 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 c.gif
c.bing.com/ Frame 36C5 42 B
667 B 76ms
33ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?red3=MSOB_pd&uid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:53 GMT
etag: "7c5ed6a6f22cd81:0"
last-modified: Mon, 28 Feb 2022 22:29:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9229881B7AC64B3DB737CE4011A5B58A Ref B: YTO01EDGE0722 Ref C: 2022-03-18T14:31:54Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbh...
https://sync.outbrain.com/cookie-sync?p=synacor&uid=E801134CDB7A4163B1FBF08B82384B89&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS

0
306 B

20ms
19ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=synacor&uid=E801134CDB7A4163B1FBF08B82384B89&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: 2f51630d979aeee22997c400d9f766ba
Content-Length: 0

Redirect headers

date: Fri, 18 Mar 2022 14:31:54 GMT
via: 1.1 varnish
server: nginx
age: 0
location: https://sync.outbrain.com/cookie-sync?p=synacor&uid=E801134CDB7A4163B1FBF08B82384B89&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: text/plain
access-control-allow-origin: https://widgets.outbrain.com/
access-control-allow-credentials: true
x-varnish: 785423797
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS%26uid%3D%7BUSER_I...
https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&uid=e3bc8aed-d5a0-4f8b-9d0c-f6bd11a6c54f

0
145 B

19ms
18ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&uid=e3bc8aed-d5a0-4f8b-9d0c-f6bd11a6c54f
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: a9b45e8cbb38302eb4bc2febe1e1a772
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS&uid=e3bc8aed-d5a0-4f8b-9d0c-f6bd11a6c54f
date: Fri, 18 Mar 2022 14:31:54 GMT
content-length: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/html; charset=utf-8

GET
H2 200 sync-iframe
cs-server-s2s.yellowblue.io/ Frame 36C5 0
0 84ms
24ms Image
text/html 52.7.157.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Drise%26uid%3D%5BpartnerId%5D%26obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.157.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-157-94.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 36C5
Redirect Chain

https://id.rlcdn.com/711945.gif?cparams=obUid%3DHOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS

0
145 B

20ms
20ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Cache-Control: no-cache
X-TraceId: d1e4492420aadd373f5184fadbff6640
Content-Length: 0

Redirect headers

date: Fri, 18 Mar 2022 14:31:54 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=HOOs4P71XHFp4nCv4WQDsCZuevYmnN5Bq5jzPU_yTxBWbhEIzoVMgmAKMxfp4fiS
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 runtime.js Show response
d99666469a0d.bitsngo.net/content/4.0/js/ 3 KB
2 KB 28ms
28ms Script
application/x-javascript 69.28.157.216
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/content/4.0/js/runtime.js?v=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.157.216 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-28-157-216.iad.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b7fa4ecd73e09d3c33ee2d635c416c8cb1dcfe500a1536936e7b3e4052eaff6b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 13:00:24 GMT
server: Microsoft-IIS/10.0
age: 90753
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 1984
x-llid: 6afd13269489cd1bed9815c32d80964b
expires: Sun, 27 Mar 2022 13:19:21 GMT

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame E62C 438 B
675 B 156ms
36ms Script
application/javascript 18.190.172.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.873.23176&cid=c010

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.190.172.142 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-172-142.us-east-2.compute.amazonaws.com

Software

Resource Hash

e1c408ce2cac7ef9f4554f9030087416f7797806d8e92e28ac17d55f4ae0db26

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: application/javascript

GET
H2 204 /
loadus.exelator.com/load/ Frame 167A 0
324 B 87ms
23ms Image
text/plain 34.229.3.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-229-3-43.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

lotame
sync.sharethis.com/int/ Frame 167A
Redirect Chain

https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_conse...
https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_...
https://sync.sharethis.com/int/lotame?uid=ccbe94808fa408f00a2256f57b85293d&gdpr=0&gdpr_consent=

42 B
297 B

136ms
34ms

Image
image/gif

13.59.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/int/lotame?uid=ccbe94808fa408f00a2256f57b85293d&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

13.59.214.99 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Fri, 18 Mar 2022 14:31:54 GMT
Content-Length: 42
Stid: ZG4AAmI0l9gAAAAJLZDLAw==
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:54 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.sharethis.com/int/lotame?uid=ccbe94808fa408f00a2256f57b85293d&gdpr=0&gdpr_consent=
cache-control: no-cache
x-server: 10.40.5.151
content-length: 0
expires: 0

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 167A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=0a5af0c9-0c57-49a6-993a-f55dc5b2e711&gdpr=0&gdpr_consent=

42 B
297 B

157ms
35ms

Image
image/gif

13.59.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=0a5af0c9-0c57-49a6-993a-f55dc5b2e711&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

13.59.214.99 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Fri, 18 Mar 2022 14:31:54 GMT
Content-Length: 42
Stid: ZG4AAmI0l9gAAAAJLZDLAw==
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:54 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.sharethis.com/ttd?uid=0a5af0c9-0c57-49a6-993a-f55dc5b2e711&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame 167A
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2ac-qROTY4YvvVp5U2pDGBvruo8Se-6I-ew5sRRxQyAM&gdpr=0&gdpr_consent=

42 B
297 B

87ms
36ms

Image
image/gif

13.59.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2ac-qROTY4YvvVp5U2pDGBvruo8Se-6I-ew5sRRxQyAM&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

13.59.214.99 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Fri, 18 Mar 2022 14:31:54 GMT
Content-Length: 42
Stid: ZG4AAmI0l9gAAAAJLZDLAw==
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2ac-qROTY4YvvVp5U2pDGBvruo8Se-6I-ew5sRRxQyAM&gdpr=0&gdpr_consent=
Date: Fri, 18 Mar 2022 14:31:54 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

csync.ashx
ml314.com/ Frame 167A
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3625877832821899277
https://ml314.com/csync.ashx?fp=6aa36b25864125fd5b03669b3a5d5ff79c5741208ea311f461a37ad3271b6acdf4cb09cee1a4f8eb&person_id=3625877832821899277&eid=50082

43 B
312 B

27ms
25ms

Image
image/gif

34.233.103.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=6aa36b25864125fd5b03669b3a5d5ff79c5741208ea311f461a37ad3271b6acdf4cb09cee1a4f8eb&person_id=3625877832821899277&eid=50082
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Server: 34.233.103.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-103-61.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Sat, 19 Mar 2022 10:31:54 GMT

Redirect headers

date: Fri, 18 Mar 2022 14:31:54 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=6aa36b25864125fd5b03669b3a5d5ff79c5741208ea311f461a37ad3271b6acdf4cb09cee1a4f8eb&person_id=3625877832821899277&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

drawbridge
sync.sharethis.com/ Frame 167A
Redirect Chain

https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&...
https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&...
https://sync.sharethis.com/drawbridge?uid=abe5777416ec8c9642d374ae2d981dbb

42 B
297 B

95ms
35ms

Image
image/gif

13.59.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/drawbridge?uid=abe5777416ec8c9642d374ae2d981dbb

Requested by

Protocol

HTTP/1.1

Server

13.59.214.99 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Fri, 18 Mar 2022 14:31:54 GMT
Content-Length: 42
Stid: ZG4AAmI0l9gAAAAJLZDLAw==
Content-Type: image/gif

Redirect headers

date: Fri, 18 Mar 2022 14:31:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='NON DSP COR CONi OUR BUS CNT'
location: https://sync.sharethis.com/drawbridge?uid=abe5777416ec8c9642d374ae2d981dbb
cf-ray: 6edeacb37df95479-YYZ
content-length: 0

GET
H2 200 5f212d9d5440c96fb49c4d53.js Show response
cdn.vidcrunch.com/ Frame 91EF 440 B
793 B 19ms
18ms Script
text/javascript 8.252.62.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/5f212d9d5440c96fb49c4d53.js?channelId=5f212d174b419e3bf16f66ad&cb=1647613914044
Requested by: Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssFlbcze_pRvtklKiur36GNN-LmPQqkGbUB4V_5hX1Ua5UV9BtEuSf7hvCrvq8QL4qB6NyEhxMi-9DTj0e_6OwPEg0HUZ-YWQm9n9kin8zeJ3jOe1c6_Zw7FudypN1bRLTX5mOPnUD0eiynv1oo_vtcbR8gkzdL1K1wemKz5Xq2h-UuY4GAV5QSvvSIuqsEecFlacN2HT6SSPzUpTsAupSQcYmJeVQNRKh17mbstYrzdEoRfjJorIq_hQX_aMG5RkIqlQozJo6IdGu3ZD5hZX5JLnLbMzos8nbT-_uMjz0K8qzSTylbK97ulyChBirZMCjLLU7UJ2hxyWk&sai=AMfl-YSBVRi8AviM-MMBwpuD-QuUS0XvAJ86maH8hBMtcVOrjbKESY67BBNX6BPbL8aN-3dqLqaW3zGT-g6q_KvIfNPdP_wBzD8zffve-BMNbfOM4fqXUcqigR0HC1_jYC1E&sig=Cg0ArKJSzABlmx4d_cl6EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.252.62.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27c8dd8b9b8947535a0d67cc1f009f4d724711935637b3f4919c9a52c0a6aad8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
last-modified: Thu, 10 Mar 2022 13:29:42 GMT
server: AmazonS3
age: 694862
etag: "fcb49bb3d2c35a94eaa35b1b6c03c647"
x-amz-id-2: GORfqZKdA8PuQfb8CQyAYD9XIohaW4EAsGt2Wid17hh50l8bxBD4cm9wGUdFViJYeiNdXyGfobE=
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 440
accept-ranges: bytes
x-amz-request-id: 2Z0KVT0QKYHHJA2A
x-cdn: Lumen
expires: Mon, 09 May 2022 13:31:13 GMT

GET
H2 200 vendor.js Show response
d99666469a0d.bitsngo.net/content/4.0/js/ 451 KB
154 KB 29ms
28ms Script
application/x-javascript 69.28.157.216
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/content/4.0/js/vendor.js?v=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.157.216 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-28-157-216.iad.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 08c81648bcbad3dd665ef330cf7e792f55a7a4dd36468820a8c4412fa15f8e9b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 13:00:24 GMT
server: Microsoft-IIS/10.0
age: 90752
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 157748
x-llid: 73c60f581f7ea685c684a0419fef414c
expires: Sun, 27 Mar 2022 13:19:22 GMT

GET
H3

200

458249.gif Show response
idsync.rlcdn.com/ Frame DE6B
Redirect Chain

https://idsync.rlcdn.com/711123.html?partner_uid=7fa6c323-ab70-4dee-80a8-f4978dc45754
https://pippio.com/api/sync?pid=5324&it=1&iv=6547a7002bcf01f20f639737947ea2af7494b2188f53d2c317137056cb882d5c791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2NTQ3YTcwMDJiY2YwMWYyMGY2Mzk3Mzc5NDdlYTJhZjc0OTRiMjE4OGY1M2QyYzMxNzEzNzA1NmNiODgyZDVjNzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2NTQ3YTcwMDJiY2YwMWYyMGY2Mzk3Mzc5NDdlYTJhZjc0OTRiMjE4OGY1M2QyYzMxNzEzNzA1NmNiODgyZDVjNzkxNDI2YjU0MTdkY2UyMRAAGgwI2q_SkQYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=06fea937-4e0c-4fc2-84e4-f8f064f69cdf

42 B
60 B

42ms
42ms

Document
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=06fea937-4e0c-4fc2-84e4-f8f064f69cdf
Requested by: Host: prodpsus1.blob.core.windows.net
URL: https://prodpsus1.blob.core.windows.net/content/pixels/gmanetwork_zoomd.js?userId=7fa6c323-ab70-4dee-80a8-f4978dc45754
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:54 GMT
content-length: 42
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/458249.gif?partner_uid=06fea937-4e0c-4fc2-84e4-f8f064f69cdf
x-samesite: secure
date: Fri, 18 Mar 2022 14:31:54 GMT
content-length: 111
via: 1.1 google
alt-svc: clear

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 91EF 0
0 69ms
42ms Fetch
image/gif 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssviLBpQO9cy2PL99fNXnMVHFP76UnPoXdt-_RDHidKgFK1y8-3P78nAyx1C3YXBz88praf9BLRjmcnIJ21xBR2M66qNW6Q8cX8ZZu-g4PY08O8F-tehTxf_giMz4zg4wvYo339SzSDhg9tZvqd-eO6gHyI51cunBmEGFodmVz_KOO3T-wKxECW8ugmIQCTvV3YNi3BSzFfkNZ0CoPzBh1B98h8ogsCptTTjvmiZxJ5dS_rxHMxltfDSanv5ooMvzBt68VGWMa-P4cdN_Uk26dpdkLWhCvXuD68cv_m7UgpT4h0sZiwAEaGcQ1HzdN_QhrUJNsS4DJvLEOUOrd8w&sai=AMfl-YTnQR9oHUwigPIL3vX8gaTCSKJtnkEEmt5CddQ4n8Hbhz7Xp8UJk06GRhKWoVBXkHNwEzMwpyS1G0aNX_mGAn1pwnW12cd3rSONUL9g9BjTgguYo2RCyDcaG3NpVrCP&sig=Cg0ArKJSzB1jw1sdGhvzEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-78-204-173.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 18 Mar 2022 14:31:54 GMT

GET
H2 200 aniview.js Show response
player.aniview.com/script/6.1/ Frame 91EF 26 KB
10 KB 72ms
19ms Script
application/javascript 2600:1400:b000:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/aniview.js
Requested by: Host: adclick.g.doubleclick.net
URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssFlbcze_pRvtklKiur36GNN-LmPQqkGbUB4V_5hX1Ua5UV9BtEuSf7hvCrvq8QL4qB6NyEhxMi-9DTj0e_6OwPEg0HUZ-YWQm9n9kin8zeJ3jOe1c6_Zw7FudypN1bRLTX5mOPnUD0eiynv1oo_vtcbR8gkzdL1K1wemKz5Xq2h-UuY4GAV5QSvvSIuqsEecFlacN2HT6SSPzUpTsAupSQcYmJeVQNRKh17mbstYrzdEoRfjJorIq_hQX_aMG5RkIqlQozJo6IdGu3ZD5hZX5JLnLbMzos8nbT-_uMjz0K8qzSTylbK97ulyChBirZMCjLLU7UJ2hxyWk&sai=AMfl-YSBVRi8AviM-MMBwpuD-QuUS0XvAJ86maH8hBMtcVOrjbKESY67BBNX6BPbL8aN-3dqLqaW3zGT-g6q_KvIfNPdP_wBzD8zffve-BMNbfOM4fqXUcqigR0HC1_jYC1E&sig=Cg0ArKJSzABlmx4d_cl6EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://cdn.vidcrunch.com/integrations/5f212d9d5440c96fb49c4d53/Gmanetwork.com_Desktop_IBV_300x250_DFP_Rev70_2907_18.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1400:b000:28a::2c79 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 625d5045bbad85753d71af310f093afd66f84024777e2a6413cbd680429cd589

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdu5w5N7qio7I66iz4g9Kdd3NfDQwA8nu--wnj8ivGjyxrG_PsjO9OyVR4wYs-603EOHCOqTv8Bz9pwbqX0r0kw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 9411
last-modified: Tue, 15 Mar 2022 06:30:57 GMT
server: UploadServer
etag: "23fa81b5f3d763b662a58567032ba34f"
vary: Accept-Encoding
x-goog-hash: crc32c=wLm1HA==, md5=I/qBtfPXY7ZipYVnAyujTw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1647325857124484
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9411
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 18 Mar 2022 14:36:54 GMT

GET
H2 200 track
track1.aniview.com/ Frame 91EF 0
71 B 107ms
25ms Image
text/plain 50.16.177.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5eea0864e08b0760d33128ae&cid=5f212d174b419e3bf16f66ad&e=playerLoaded&cb=1647613914083
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.177.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-177-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 main.js Show response
d99666469a0d.bitsngo.net/content/4.0/js/ 79 KB
26 KB 29ms
28ms Script
application/x-javascript 69.28.157.216
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/content/4.0/js/main.js?v=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.157.216 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-28-157-216.iad.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 521cfede6a16331d21fdff4b48c11f482412469d46a48aa271f2cce5af3b7e44

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 13:00:24 GMT
server: Microsoft-IIS/10.0
age: 90749
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 25867
x-llid: 25b95e798eccc8e7a3fec25d225456bb
expires: Sun, 27 Mar 2022 13:19:25 GMT

GET
H/1.1 200
OK AVmanager.js Show response
player.vidcrunch.com/script/6.1/ Frame F9F4 364 KB
103 KB 217ms
35ms Script
application/javascript 2600:1400:d::17db:5d53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::17db:5d53 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 624bb529d39e9f16e1be8aaeb07645c36c9a44f32ed2cb8f48e08657b076e68c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdu2WYU7JPYodFIHcy3gonapIQGeyUijfYlxcHK0cE8WkSMKKf7fzeet_ejRg5Q0L-GJlBtWmv_p3tGCWorj8h0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 104648
Last-Modified: Thu, 17 Mar 2022 07:46:20 GMT
Server: UploadServer
ETag: "edfdc1c027f3005cf82800fd81f3275d"
Vary: Accept-Encoding
x-goog-hash: crc32c=B5yC1g==, md5=7f3BwCfzAFz4KAD9gfMnXQ==
Content-Language: en
Access-Control-Allow-Origin: *
x-goog-generation: 1647503180640239
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=300
x-goog-stored-content-length: 104648
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Fri, 18 Mar 2022 14:36:54 GMT

GET
H3 200 zone.min.js Show response
cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/ 43 KB
13 KB 19ms
19ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Requested by

Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

937fdab3409538bd4f6164b79c2caf886f7bb6170fcc37d9bb2fa3c9c010940f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10011070
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12870
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:18:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04044-ac73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhFtIjy6s5bEDvQVLVAwRTE%2Bt3jG83UK1QTSsUm4DWfkBjvizUKfK9ty9fdGudSfIPQx0kV7Pc2BV6GosL2mGLSz2m9%2B4%2B7LGJRgC2jphrJBLZTUr3mt5hXAoVCrhfzAHOp5tFq9viKDylDPTM8VgcXl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6edeacb3edf04bbe-YUL
expires: Wed, 08 Mar 2023 14:31:54 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ Frame E62C 51 KB
16 KB 167ms
35ms Script
application/javascript 23.78.204.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.78.204.173 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Fri, 18 Mar 2022 14:31:54 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Fri, 25 Mar 2022 14:31:54 GMT

GET
H2 200 zoomd.widget.externalcontent.loader.min.js Show response
d99666469a0d.bitsngo.net/widget-scripts/extra_content/ 15 KB
6 KB 29ms
28ms Script
application/x-javascript 69.28.157.216
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/widget-scripts/extra_content/zoomd.widget.externalcontent.loader.min.js?ver=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.157.216 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-28-157-216.iad.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 34d2701c293a921dbbaf7b206c1f4ffb541a7223c1ab3c5c6ff2b1fa011a85a0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 12:54:20 GMT
server: Microsoft-IIS/10.0
age: 90754
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 6259
x-llid: 024517f381345cf4193300eef0cda657
expires: Sun, 27 Mar 2022 13:19:20 GMT

GET
H2 200 jquery.dfp.min.js Show response
d99666469a0d.bitsngo.net//common-scripts/ 7 KB
3 KB 31ms
30ms Script
application/x-javascript 69.28.157.216
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net//common-scripts/jquery.dfp.min.js?v=4.0.v201807040945
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.157.216 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-28-157-216.iad.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9d566d5a66973cf49495579c828f81361d994a2b2e42690b5824ef1fd7803227

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 12:48:18 GMT
server: Microsoft-IIS/10.0
age: 468750
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 3227
x-llid: 0da942c3f730aef9dd4231d45dfcc324
expires: Wed, 23 Mar 2022 04:19:24 GMT

GET
H2 200 zd_top.searches.css
d99666469a0d.bitsngo.net/Content/3.0/widget-css/ 16 KB
3 KB 31ms
30ms Stylesheet
text/css 69.28.157.216
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/Content/3.0/widget-css/zd_top.searches.css?ver=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.157.216 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-28-157-216.iad.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 176f3ca1ee7b655aa9f2c16e71c09dc548d315c9b77ff39d637eebb931d70d81

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 09:55:22 GMT
server: Microsoft-IIS/10.0
age: 90753
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 2799
x-llid: 448d591669815d1188d689ef1a888819
expires: Sun, 27 Mar 2022 13:19:21 GMT

GET
H2 200 zd_top.searches.min.js Show response
d99666469a0d.bitsngo.net/widget-scripts/extra_content/ 17 KB
7 KB 29ms
28ms Script
application/x-javascript 69.28.157.216
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://d99666469a0d.bitsngo.net/widget-scripts/extra_content/zd_top.searches.min.js?ver=4.0.v20220317125347.11905
Requested by: Host: zdwidget3-bs.sphereup.com
URL: https://zdwidget3-bs.sphereup.com/zoomd/SearchUi/Script?clientId=89268379
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.157.216 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-28-157-216.iad.llnw.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1426c56748e464a4c9a1dae580dc73acf291663684aa701711537d8709329014

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 12:54:18 GMT
server: Microsoft-IIS/10.0
age: 90753
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=864000
accept-ranges: bytes
content-length: 6909
x-llid: f1ffa31d58488022b85c84329b1c42f2
expires: Sun, 27 Mar 2022 13:19:21 GMT

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 73ms
41ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Accept-Language: en-CA,en;q=0.9
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=Jv3xN5T5LxsSf1h9zXJ3GYXy4LPSLLAiD5gpa3vxXek%3D&se=1647615737&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: DFPLoaded
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
clientId: "89268379"

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 18 Mar 2022 14:31:54 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 30ms
30ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Fri, 18 Mar 2022 14:31:54 GMT

GET
H/1.1 200
OK MultipleTopSearch Show response
zdwidget3-bs.sphereup.com/ 564 B
745 B 46ms
45ms Script
text/javascript 104.209.192.206
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://zdwidget3-bs.sphereup.com/MultipleTopSearch?callback=jQuery112006749040513244751_1647613910477&clientId=89268379&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&query=&title=&loader=false&containerType=SR1&overrideActions=true&targetUrl=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&_=1647613910478
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.209.192.206 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 585ba2b84176df352d4f99f923ef22d550a4b782b9d7b98606131b55d56da07b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:53 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Content-Type: text/javascript; charset=utf-8
Content-Length: 363
Expires: -1

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 84ms
44ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Accept-Language: en-CA,en;q=0.9
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=Jv3xN5T5LxsSf1h9zXJ3GYXy4LPSLLAiD5gpa3vxXek%3D&se=1647615737&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: TSrequested
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
clientId: "89268379"

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 18 Mar 2022 14:31:53 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 59ms
30ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Fri, 18 Mar 2022 14:31:54 GMT

GET
H/1.1 200
OK 59574 Show response
stags.bluekai.com/site/ Frame 3EA3 62 B
747 B 121ms
81ms Document
image/gif 173.223.56.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZG4AAmI0l9gAAAAJLZDLAw%3D%3D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.873.23176%26cid%3Dc010&phint=__bk_v%3D3.1.10&limit=5&r=43025023
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.56.123 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-56-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/

Response headers

Content-Type: image/gif
Content-Length: 62
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Date: Fri, 18 Mar 2022 14:31:54 GMT
Connection: keep-alive

OPTIONS
H/1.1 200
OK messages
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ Frame 0
0 51ms
30ms Preflight 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: action,authorization,clientid,content-type,sourcesenderid
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin: https://www.gmanetwork.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: action,authorization,clientid,content-type,sourcesenderid
Strict-Transport-Security: max-age=31536000
Date: Fri, 18 Mar 2022 14:31:54 GMT

POST
H/1.1 201
Created messages Show response
prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/ 0
313 B 46ms
45ms XHR
application/xml 40.79.44.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-sb-appanalytics-us1.servicebus.windows.net/usagelogs/messages

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.44.59 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sourcesenderId: 3
Accept-Language: en-CA,en;q=0.9
Authorization: SharedAccessSignature sr=http%3A%2F%2Fprod-sb-appanalytics-us1.servicebus.windows.net%2F&sig=Jv3xN5T5LxsSf1h9zXJ3GYXy4LPSLLAiD5gpa3vxXek%3D&se=1647615737&skn=all
Content-Type: application/atom+xml;type=entry;charset=UTF-8
Accept: */*
action: TSdisplayed
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
clientId: "89268379"

Response headers

Access-Control-Allow-Origin: https://www.gmanetwork.com
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 18 Mar 2022 14:31:54 GMT
Transfer-Encoding: chunked
Content-Type: application/xml; charset=utf-8

GET
H2 200 track
track1.aniview.com/ 0
70 B 25ms
25ms Image
text/plain 50.16.177.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.gmanetwork.com&sn=&ic=0&tgt=0&app=&wi=300&he=250&test=&d36=6.2.6&apppkg=&fv=1&proto=https&pid=5eea0864e08b0760d33128ae&cid=5f212d174b419e3bf16f66ad&stagid=&stplid=&e=inventory&vi=100&cb=1647613914482
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.177.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-177-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 120_90_MainImage_-20220315182535.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 4 KB
4 KB 24ms
21ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_MainImage_-20220315182535.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d243ef29453187e28d0bbf0fb0b7f2ed6511cf755f7fa1ab464d33664fdc547f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Tue, 15 Mar 2022 10:25:38 GMT
server: AmazonS3
age: 60388
etag: "b44d3ce812658e8f4d87aef6568d28d4"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Thu, 17 Mar 2022 21:45:27 GMT
x-amz-cf-pop: EWR52-C4
content-length: 4011
x-amz-cf-id: DOgW0nF5CPXb-qubPjDJZZGVXK2S2SnA7Ea3xdWnhajRgSN6p1AGew==

GET
H2 200 120_90_main_-20220316175018.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
4 KB 24ms
21ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220316175018.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ce6a8e8b131df434deb525481df0dc468be443b8e67fa1a782e7a4d728c3cde

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:20:15 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 09:50:20 GMT
server: AmazonS3
age: 43900
etag: "81fdfb5afaaa0482781e3f9662c2060c"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3583
x-amz-cf-id: BWb-AaQdYmFel9DEJdsLTf7qCPrSMVItDo34nqOFGKc4OFuJuuq77w==

GET
H2 200 120_90_main_-20220317152612.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
3 KB 26ms
22ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220317152612.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1602e38939fe4063f118d10a71114a3c2af0bb98c806f099b1c65b68f43b6e6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Thu, 17 Mar 2022 07:26:14 GMT
server: AmazonS3
age: 13387
etag: "96f4ee1dc3559385423011094edb1d58"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Fri, 18 Mar 2022 10:48:47 GMT
x-amz-cf-pop: EWR52-C4
content-length: 2962
x-amz-cf-id: tTXN7qt-cSvWQm9bfxG9hlNA9sLHs6kSGZy0lqYR6b-WrFX5AG7YXg==

GET
H2 200 120_90_main_-20220318172202.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 4 KB
4 KB 24ms
21ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220318172202.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d1858aa4dc092adb62881cdd8b096ad7fcb87f5eb894d2224e712f1be02692e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:42:04 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 09:22:16 GMT
server: AmazonS3
age: 17391
etag: "6e33f7af85b59d129d86cbcb4664990e"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3698
x-amz-cf-id: OeLvHErHwGT5Oj5Qcl-hrIfo0vQfxuvaQho-hn2Af-8bYMxzWhTksw==

GET
H2 200 120_90_main_-20220318162345.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
4 KB 26ms
23ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220318162345.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f85c837f2396129897f6f2ccdf2e7c726c49cd108b312ff8dc92be23aaa6c09

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 08:27:54 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 08:23:47 GMT
server: AmazonS3
age: 21841
etag: "30629ca5842358cf3845f14f067ab904"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3566
x-amz-cf-id: hewziF4GChtR3soyiaGjbGEXxPE4dxnAVXTbSoahD1l7c3UDjO53kQ==

GET
H2 200 120_90_main_-20220318152619.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 4 KB
4 KB 24ms
22ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220318152619.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a07de11156bca2b8fb6a8a1e3a6f4912cc57fe911d0592c16a8980349b0e7ace

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 07:37:17 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 07:26:22 GMT
server: AmazonS3
age: 24878
etag: "a2d22e21a7c22fc0a2f6095302354da5"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 4012
x-amz-cf-id: mrpl05kZ4yZ_2nhocRzV-kF50DI1-h7QCZOB7ZAmaX03qyLwfRyBZA==

GET
H2 200 120_90_FIRSTL_000021-FULL-EP-CMS_-20220315130032.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 3 KB
3 KB 26ms
23ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_FIRSTL_000021-FULL-EP-CMS_-20220315130032.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27467774b1f010a593d1d2c95013f7acbb4878265a09f5ad91c857b2c5e12783

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Tue, 15 Mar 2022 05:00:34 GMT
server: AmazonS3
age: 5400
etag: "2c60e3ab96959a1479ea7950bdd9eb8e"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Fri, 18 Mar 2022 13:01:55 GMT
x-amz-cf-pop: EWR52-C4
content-length: 2843
x-amz-cf-id: g5K6Lm67KPAkf8N6miKcqeFj1G_3QxIrOy36dAIw2jHreBpr0exzpA==

GET
H2 200 160_90_BV_-LPRINC-_031422_FULL_-20220314202633.png
aphrodite.gmanetwork.com/entertainment/videos/images/ 33 KB
33 KB 27ms
25ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/160_90_BV_-LPRINC-_031422_FULL_-20220314202633.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36e1c129ea140353c9de17965b9618d27395a7b0e0c6ffc7d20ce90d433a2fe9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Mon, 14 Mar 2022 12:26:36 GMT
server: AmazonS3
age: 34090
etag: "375a8dd825cefb1249fdb42ad525568c"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Fri, 18 Mar 2022 05:03:45 GMT
x-amz-cf-pop: EWR52-C4
content-length: 33642
x-amz-cf-id: JNLXLASGpHUFnrRotaHa1whSKy5D66HOyLgfIHh86Vn2Xw3BpJoUEA==

GET
H2 200 160_90_vlcsnap-2022-03-14-14h26m31s658_-20220314145743.png
aphrodite.gmanetwork.com/entertainment/videos/images/ 34 KB
35 KB 28ms
26ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/160_90_vlcsnap-2022-03-14-14h26m31s658_-20220314145743.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43c880d4e242e830f010bfad4c3f09a58044f129bf65c73ebc3b7d4ec83a489a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Mon, 14 Mar 2022 06:57:45 GMT
server: AmazonS3
age: 13053
etag: "abd0b9e0a008de7eab3260aa58b7430b"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Fri, 18 Mar 2022 10:54:22 GMT
x-amz-cf-pop: EWR52-C4
content-length: 34935
x-amz-cf-id: qxckhMPtGPW5MoYaIhoI6SZW8LS_xa7HJS0VR3yRKElxDDUzPdU9lg==

GET
H2 200 120_90_CMS_-20220318204746.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 4 KB
4 KB 27ms
25ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_CMS_-20220318204746.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee0d295a47a305acdeef168179580af379e8c9b43042b441b4e597dbf6c409f6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 12:51:35 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 12:47:48 GMT
server: AmazonS3
age: 6020
etag: "dcaa1d20111303683496ad1563eefb6c"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 4147
x-amz-cf-id: kgYVX_XFmczAeWFSlb-vI88rTMFxLUHyB1BpmuLMy4fQK2LAdVETAQ==

GET
H2 200 120_90_March-18_-20220318183323.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 3 KB
3 KB 35ms
33ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_March-18_-20220318183323.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8cec626787aa156963551b0ba64e42f743f668b5d804da96f5f1023323b826ed

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 10:51:36 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 10:33:25 GMT
server: AmazonS3
age: 13219
etag: "1d9d653dd56f75dc22676d2261b9194b"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3115
x-amz-cf-id: SDPcqXmAYv8Jw2C8ntezs_P6qkHolvYf8qh_p8UusYH28857F0NEXw==

GET
H2 200 120_90_SDB-1_-20220318142737.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 4 KB
4 KB 36ms
34ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_SDB-1_-20220318142737.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba057b4ea09dc388df75171623c548c5343796be74112f878ce9f5a1cd79e512

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:37:17 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 06:27:39 GMT
server: AmazonS3
age: 28478
etag: "0a2c3400a47264ce747ee7d2b6a3c40c"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3758
x-amz-cf-id: Q9oueTbBAErxXVIn218RUo3FmdsdWf6Lwsa7r25wkTI8pGYVq3gq4g==

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 25 KB
4 KB 338ms
243ms XHR
application/json 54.165.191.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_DNTCHECK=1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&AV_PUBLISHERID=5eea0864e08b0760d33128ae&AV_CHANNELID=5f212d174b419e3bf16f66ad&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gmanetwork.com&AV_DADPOS=1&AV_PLACEMENT=1&d36=6.2.6&responsive=1&sver=2&avtoken=914481&AV_WIDTH=300&AV_HEIGHT=250&AV_DNT=0&cb=1647613914523
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.191.202 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-191-202.compute-1.amazonaws.com
Software: /
Resource Hash: 0e21288a60c8fe4229582cbca1076f99ba457ba9979988bd900dce47569be433

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Mon, 07 Mar 2022 00:45:14 GMT

GET
H2 200 vidcrunch.svg
cdn.vidcrunch.com/integrations/ Frame 91EF 1 KB
2 KB 18ms
18ms Image
image/svg+xml 8.252.62.250
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidcrunch.com/integrations/vidcrunch.svg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.252.62.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab1382c70c0a537459c8eec56c1d9f6a66caab98eccb6b7fa057309aae36c99e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
last-modified: Mon, 21 Jun 2021 09:40:53 GMT
server: AmazonS3
age: 3187711
etag: "1c9fbc73f4d739ceb1acb5dd88d42d30"
x-amz-id-2: HUmoxmUcUxEHSYGNFbAXnofuYYy/uxCBEq1Zfxw/oD82XRSO3k/64Nlf08Ifm5akLUj4eOav6ng=
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 1227
accept-ranges: bytes
x-amz-request-id: 40X2V4HZ2VKPKRYA
x-cdn: Lumen
expires: Sun, 10 Apr 2022 17:03:23 GMT

GET
H2 206 5f212d9d5440c96fb49c4d53.mp4
cdn.vidcrunch.com/ Frame 91EF 64 KB
0 21ms
20ms Media
video/mp4 8.252.62.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/5f212d9d5440c96fb49c4d53.mp4?channelId=5f212d174b419e3bf16f66ad&cb=1647613914044
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.252.62.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.gmanetwork.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
last-modified: Thu, 10 Mar 2022 13:29:42 GMT
server: AmazonS3
age: 694873
etag: "892c855684d8f00b62c151ee5bb70f1a"
x-amz-id-2: CLztmZ5Rddkqel8gYK2qTEH/2MsmljWrsY5DUqMyN39YWgNT+6KdMbHWKRgWO1cUi1hdfHNkqh0=
content-type: video/mp4
Content-Range: bytes 0-1156511/1156512
cache-control: max-age=5184000
Content-Length: 1156512
access-control-allow-origin: *
x-amz-request-id: E5NQRRCVZRN86JWV
x-cdn: Lumen
expires: Mon, 09 May 2022 13:30:50 GMT

GET
DATA 200
OK truncated
/ Frame 91EF 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 206 5f212d9d5440c96fb49c4d53.mp4
cdn.vidcrunch.com/ Frame 91EF 41 KB
42 KB 40ms
38ms Media
video/mp4 8.252.62.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/5f212d9d5440c96fb49c4d53.mp4?channelId=5f212d174b419e3bf16f66ad&cb=1647613914044
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.252.62.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19e55920f769b934706ec848f0357a84e3870f914845ab7240529f18572186e8

Request headers

Referer: https://www.gmanetwork.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=1114112-

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
last-modified: Thu, 10 Mar 2022 13:29:42 GMT
server: AmazonS3
age: 694873
etag: "892c855684d8f00b62c151ee5bb70f1a"
x-amz-id-2: CLztmZ5Rddkqel8gYK2qTEH/2MsmljWrsY5DUqMyN39YWgNT+6KdMbHWKRgWO1cUi1hdfHNkqh0=
content-type: video/mp4
Content-Range: bytes 1114112-1156511/1156512
cache-control: max-age=5184000
Content-Length: 42400
access-control-allow-origin: *
x-amz-request-id: E5NQRRCVZRN86JWV
x-cdn: Lumen
expires: Mon, 09 May 2022 13:30:50 GMT

GET 5f212d9d5440c96fb49c4d53.mp4
cdn.vidcrunch.com/ Frame 91EF 0
0

GET
H2 206 5f212d9d5440c96fb49c4d53.mp4
cdn.vidcrunch.com/ Frame 91EF 384 KB
0 21ms
21ms Media
video/mp4 8.252.62.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/5f212d9d5440c96fb49c4d53.mp4?channelId=5f212d174b419e3bf16f66ad&cb=1647613914044
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.252.62.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.gmanetwork.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=65536-

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
last-modified: Thu, 10 Mar 2022 13:29:42 GMT
server: AmazonS3
age: 694873
etag: "892c855684d8f00b62c151ee5bb70f1a"
x-amz-id-2: CLztmZ5Rddkqel8gYK2qTEH/2MsmljWrsY5DUqMyN39YWgNT+6KdMbHWKRgWO1cUi1hdfHNkqh0=
content-type: video/mp4
Content-Range: bytes 65536-1156511/1156512
cache-control: max-age=5184000
Content-Length: 1090976
access-control-allow-origin: *
x-amz-request-id: E5NQRRCVZRN86JWV
x-cdn: Lumen
expires: Mon, 09 May 2022 13:30:50 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 81FC 42 B
64 B 87ms
60ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNhlRkAVvVs9_rtR0dCTJCpuojpkRkRV9l-W9z5Pt-Vr1ueDMRIZiCfEyJ14l3fSRdJ7HlFv8amEdQ6yiXzikeUyrIqLhnLvtyLmn_AtpyEWha54IlR-qEUU3gdoew-2Er5_IV0JiY5w&sai=AMfl-YRzbgwMvr59uxn4FdXPUYAYyoXYEBo1SMtV6u6HhfMgPaf-dvV2EQ6uS2ueq6faOp0jIk6wFoTcGp4D52diZKaBKWddSJwCP1VeuoZRNxhlXkzisV-JGwsBK3xNkaA&sig=Cg0ArKJSzL8TIEQE0cUIEAE&id=ampim&o=315,70&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=749&tls=1749&g=100&h=100&tt=1749&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1118826149

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prompt-logo.png
aphrodite.gmanetwork.com/assets/webpush/ 5 KB
5 KB 19ms
18ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/assets/webpush/prompt-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9746212474b3d7068f2fa58a4f960adeb2ca9cd5ef52b7ba2aacd444585b5e4c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:06:07 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Thu, 08 Nov 2018 10:57:04 GMT
server: AmazonS3
age: 18606348
etag: "5603be90b5c6d91b957098a445fe2c1f"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 4975
x-amz-cf-id: ZaAv4LaBMMjxQayugqs7llmHC5fBoV43jPiS4rWOdHbknFZGpH6c2g==
x-amz-meta-s3b-last-modified: 20181003T123553Z

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 47ms
46ms XHR
application/json 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c4cf0250932e1400781b2f4c54df4eb06ed9bfc1396d8645c6fb2537d6cf41a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10611
x-xss-protection: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159753/4709/1/ Frame F9F4 254 KB
79 KB 104ms
35ms Script
text/javascript 104.112.9.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159753/4709/1/pwt.js
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.112.9.245 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-112-9-245.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c56fe8e86248dab9f5bd11df391c35cf45ac349aadd3b2a1df79091f4c103e90

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 11:25:08 GMT
server: Apache/2.2.15 (CentOS)
etag: "1521081-3f9b9-5c544ed0518c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=27668
accept-ranges: bytes
content-type: text/javascript
content-length: 80621
expires: Fri, 18 Mar 2022 22:13:02 GMT

GET
H2 200 ProfilesEngineServlet Show response
api.intentiq.com/profiles_engine/ 15 B
828 B 89ms
28ms XHR
text/html 13.33.60.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=755298539&pt=17&dpn=1&fbp=2503514548
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-34.ewr52.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 30adcceef958c38a02a02125fb5794f73e88cd388a62ac554c5d406cab2dd431

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
via: 1.1 c62f6c9a9fdf2356a904a1b156a05fe0.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: EWR52-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
pragma: no-cache
server: Apache-Coyote/1.1
access-control-max-age: 3600
access-control-allow-methods: POST, GET
content-type: text/html
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id: wR0Y4RiKGpwdAKWvXedB5XpbFtSWh4pE7TTbQER2kYZ5gtscfn0HVg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content rmpssp
sync.1rx.io/usersync2/ Frame 9992 0
0 26ms
25ms Document
text/plain 199.127.204.142
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.1rx.io/usersync2/rmpssp?sub=Vidcrunch&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D200%26key%3D%5BRX_UUID%5D
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

Server: Tengine
Date: Fri, 18 Mar 2022 14:31:54 GMT
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame F8B1
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D22%26key%3D%7BPUB_USE...
https://sync.aniview.com/cookiesyncendpoint?auid=1647613914073-944497590674-005932-010-006390&biddername=22&key=ab2217ff-d085-4027-96d0-a1e95c63339e

0
239 B

82ms
24ms

Document
text/plain

44.194.158.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1647613914073-944497590674-005932-010-006390&biddername=22&key=ab2217ff-d085-4027-96d0-a1e95c63339e
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.158.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-158-136.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-length: 0

Redirect headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-type: text/plain
content-length: 0
location: https://sync.aniview.com/cookiesyncendpoint?auid=1647613914073-944497590674-005932-010-006390&biddername=22&key=ab2217ff-d085-4027-96d0-a1e95c63339e
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BF5B 15 KB
6 KB 94ms
34ms Document
text/html 104.112.9.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.112.9.245 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-112-9-245.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=144440
expires: Sun, 20 Mar 2022 06:39:14 GMT
date: Fri, 18 Mar 2022 14:31:54 GMT
vary: Accept-Encoding

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 8DF6
Redirect Chain

https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D18%26k...
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D18%26k...
https://sync.aniview.com/cookiesyncendpoint?auid=1647613914073-944497590674-005932-010-006390&biddername=18&key=2723a4761fb760d58d3672c9

0
222 B

24ms
23ms

Document
text/plain

44.194.158.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1647613914073-944497590674-005932-010-006390&biddername=18&key=2723a4761fb760d58d3672c9
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.158.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-158-136.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

date: Fri, 18 Mar 2022 14:31:55 GMT
content-length: 0

Redirect headers

Connection: close
Date: Fri, 18 Mar 2022 14:31:54 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1647613914073-944497590674-005932-010-006390&biddername=18&key=2723a4761fb760d58d3672c9
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap5ewr1

GET
H/1.1 200
OK avpb4.js Show response
player.vidcrunch.com/script/6.1/ Frame F9F4 352 KB
106 KB 20ms
20ms Script
application/javascript 2600:1400:d::17db:5d53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vidcrunch.com/script/6.1/avpb4.js
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::17db:5d53 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 854a441c2debc6a2b76c243d59d6b5b5de2271eeb3c504bb51cb2f05a6736f16

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdus9hrDJl7bGIGerhVggxOltQ7mD5zsQ9WUC5vq6uKHSnk9v4CYf81MZ_OZjGSRHBaxfrc2rufsui3W1fTY0GU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 108168
Last-Modified: Tue, 15 Mar 2022 06:30:29 GMT
Server: UploadServer
ETag: "3cef7c5304a6ef97d74168fb793b7c3c"
Vary: Accept-Encoding
x-goog-hash: crc32c=hNbHAQ==, md5=PO98UwSm75fXQWj7eTt8PA==
Content-Language: en
Access-Control-Allow-Origin: *
x-goog-generation: 1647325829409155
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=300
x-goog-stored-content-length: 108168
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Fri, 18 Mar 2022 14:36:54 GMT

GET
H/1.1 200
OK avpb4a0.js Show response
player.vidcrunch.com/script/6.1/ Frame F9F4 75 KB
23 KB 52ms
19ms Script
application/javascript 2600:1400:d::17db:5d53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vidcrunch.com/script/6.1/avpb4a0.js
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::17db:5d53 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: fd9570efb472ca676cabea9a7e5807abbedf38852026d168b8f6a0bb265771ef

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdvUHRqLAVnQgqJRGMSiwtgHaosTZfPGJWCQSeUqpuZl2loguVgLQHuFFSv4oD5g7rpk8evyHJEPdVAlybtRl4s
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 22439
Last-Modified: Tue, 15 Mar 2022 06:30:33 GMT
Server: UploadServer
ETag: "e64f324b75f3a80754f10514237bd872"
Vary: Accept-Encoding
x-goog-hash: crc32c=aM7ZQA==, md5=5k8yS3XzqAdU8QUUI3vYcg==
Content-Language: en
Access-Control-Allow-Origin: *
x-goog-generation: 1647325833271318
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=300
x-goog-stored-content-length: 22439
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Fri, 18 Mar 2022 14:36:54 GMT

GET
H/1.1 200
OK avpb4a2.js Show response
player.vidcrunch.com/script/6.1/ Frame F9F4 68 KB
22 KB 55ms
19ms Script
application/javascript 2600:1400:d::17db:5d53
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vidcrunch.com/script/6.1/avpb4a2.js
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::17db:5d53 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 5f1d9ebe7be7be612f7ae237a0542f6be6dbd4a56f0ccebefbdf4287a949faa3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:54 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdt0GWKqZyXGaZoVgBT5hPtNQo_Eh9TvouGlC66Kylq-2iPG-N3U8ZnwqUNyM07el67M4ISRvuJNzerWZrnI4MxaNnYrQA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 21863
Last-Modified: Tue, 15 Mar 2022 06:30:41 GMT
Server: UploadServer
ETag: "80784077ce9dffbee43626a9fe1e0ca5"
Vary: Accept-Encoding
x-goog-hash: crc32c=21nalg==, md5=gHhAd86d/77kNiap/h4MpQ==
Content-Language: en
Access-Control-Allow-Origin: *
x-goog-generation: 1647325841034165
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=300
x-goog-stored-content-length: 21863
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Fri, 18 Mar 2022 14:36:54 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 24ms
24ms Image
text/plain 50.16.177.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=50844&t=1647613914&cip=149.56.153.180&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647613914073-944497590674-005932-010-006390&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=74313016122&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250&&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=request&cb=1647613914881&asid=619e234c1859e5764139cfc7%2C60c9af0fd5b7d53516584abd%2C60c5a06b11731011741c82a1%2C61f12d904c844c5c31329637%2C61b306832a905336af1b6a4a%2C61e8138f6988204b2f59bad4%2C60928d12155c9162fd282fe5%2C5f9195c9d6a3f6760a139c3a%2C617a4eb2cb2c5300c52fe8c3%2C60f1355d86bbbf27bc755e24%2C6006a7a93daa6c44f97e05c9%2C60c9bd699498f81096551f59%2C6006a79aba887464ff3c1ecc&ofpr=%2C%2C%2C%2C%2C0.8%2C1.8%2C1%2C0.8%2C%2C1.6%2C1.2%2C1.6&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.177.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-177-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
236 B 305ms
240ms XHR
text/plain 54.242.205.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=62aa12f7dde621ae325d1388046a728f_1723152210&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1647613914073-944497590674-005932-010-006390&AV_DNTCHECK=1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&AV_PUBLISHERID=5eea0864e08b0760d33128ae&AV_CHANNELID=5f212d174b419e3bf16f66ad&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gmanetwork.com&AV_DADPOS=1&AV_PLACEMENT=1&d36=6.2.6&responsive=1&sver=2&avtoken=914481&AV_WIDTH=300&AV_HEIGHT=250&AV_DNT=0&cb=7613914878&tgt=0&&AV_VI=100&AV_VID=0&d4=1&d5=0
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.242.205.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-242-205-23.compute-1.amazonaws.com
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:55 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Mon, 07 Mar 2022 00:45:15 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 89ms
59ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Mar 2022 14:31:54 GMT

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 86ms
24ms Preflight 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 18 Mar 2022 14:31:55 GMT
content-length: 0
server: ATS/9.1.0.33
access-control-allow-origin: https://www.gmanetwork.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205427/0/ 0
174 B 84ms
29ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205427/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Fri, 18 Mar 2022 14:31:55 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
449 B 265ms
212ms XHR
text/plain 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
x-openrtb-version: 2.5
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Fri, 18 Mar 2022 14:31:55 GMT
access-control-allow-credentials: true
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205428/0/ 0
174 B 80ms
29ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Fri, 18 Mar 2022 14:31:55 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
237 B 79ms
27ms XHR
text/plain 52.45.17.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-17-150.compute-1.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Fri, 18 Mar 2022 14:31:55 GMT
access-control-allow-credentials: true
server: SOMA
x-smt-sessionid: 73ee13af-c40e-4964-9190-4b530f132d0e
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
334 B 82ms
25ms XHR
application/json 104.94.205.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=733458&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%229734ac388b1454%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22106139c746a059c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22733458%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B300%2C250%5D%5D%2C%22w%22%3A300%2C%22h%22%3A250%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A0.8%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22vidcrunch.com%22%2C%22sid%22%3A%225eea0864e08b0760d33128ae%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-205-31.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 27f2940b4e02aafe711a2697810c864f054c8aaffd699c855ee50d35ada19825

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:55 GMT
x-ak-initial-geo: CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.180], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.gmanetwork.com
x-cs-client-geo: 19
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 19
expires: Fri, 18 Mar 2022 14:31:55 GMT

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 820 B
2 KB 131ms
75ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22129673917c5d856%22%3A%22eb3f4d8692b65578db80%7C%7Cf%3D1%22%7D&ref=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&s=1da1ef1a-f013-4a52-81f0-5140e12b8a1f&pv=778a3355-c4c7-46cd-9380-154209b9a84e&vp=mobile&lib_name=prebid&lib_v=6.11.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22vidcrunch.com%22%2C%22sid%22%3A%225eea0864e08b0760d33128ae%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%7D&coppa=0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

7686daf6ac9e9eb8208fae23c10bc3ef31d024ca69a4974d79dcd9594ba22e19

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:55 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-35
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-type: application/json
content-length: 476
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205428/0/ 0
174 B 94ms
51ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Fri, 18 Mar 2022 14:31:55 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BF5B 2 KB
3 KB 72ms
24ms Script
text/html 8.28.7.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42158694&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 76caf5349785bdbc964cc5885fe4363a6a887f0d63b608d9212a8dc66ad721c4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:55 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ABFC 13 KB
5 KB 21ms
20ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Mar 2022 11:45:50 GMT
expires: Sat, 18 Mar 2023 11:45:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 9965
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1A98 783 B
534 B 39ms
38ms Document
text/html 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7cd670453f07ca6c3ee6f648788649a2cc1d916b5938b269400d75cb69cd9ddf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N2xh2Cxo40DQtcw5b2c4PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 18 Mar 2022 14:31:55 GMT
date: Fri, 18 Mar 2022 14:31:55 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-N2xh2Cxo40DQtcw5b2c4PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 91EF 42 B
64 B 43ms
43ms Fetch
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2F_QhJWV8wUzeJMCZSpIpsE74F-WagcuCDi8Ez8EXACdvDHXsnErCalKAp8aHqRVIoTAY9RDnGbbjaYloQP2MJu5osQklmXUOG-6V2mjW-rGy_Kzg&sig=Cg0ArKJSzGOe2iay5chWEAE&id=lidar2&mcvt=1012&p=350,1059,600,1359&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=915958108&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647613913123&rpt=950&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 0887
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C

35 B
467 B

17ms
17ms

Document
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 18 Mar 2022 14:31:55 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Fri, 18 Mar 2022 14:31:55 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5B4A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjSX2wABx7NfAwA-&gdpr=0&gdpr_consent=&_test=YjSX2wABx7NfAwA-

1 B
413 B

52ms
19ms

Document
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjSX2wABx7NfAwA-&gdpr=0&gdpr_consent=&_test=YjSX2wABx7NfAwA-
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 18 Mar 2022 14:31:55 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: njrpug005:0:638
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjSX2wABx7NfAwA-&gdpr=0&gdpr_consent=&_test=YjSX2wABx7NfAwA-
accept-ranges: bytes
date: Fri, 18 Mar 2022 14:31:55 GMT
via: 1.1 varnish
x-served-by: cache-yul12822-YUL
x-cache: HIT
x-cache-hits: 0
x-timer: S1647613915.159555,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B924
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0b696234-97db-4f00-a083-8220846437ea&gdpr=0&gdpr_consent=

42 B
341 B

19ms
19ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0b696234-97db-4f00-a083-8220846437ea&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 18 Mar 2022 14:31:55 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: njrpug020:0:508
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Fri, 18 Mar 2022 14:31:55 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4256 109297d master cdg-pixel-x8 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0b696234-97db-4f00-a083-8220846437ea&gdpr=0&gdpr_consent=
Expires: Fri, 18 Mar 2022 14:31:54 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame BD72
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEU2lFN0VhVEFBQURJbmlMbjE2QQ&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADSiE7EaTAAADIniLn16A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sy...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7657049583729428286
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADSiE7EaTAAADIniLn16A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7657049583729428286%26bee_sync_partners%3Dsyn%252Cpm%26...
https://match.prod.bidr.io/cookie-sync?userid=7657049583729428286&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADSiE7EaTAAADIniLn16A&pid=55...
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADSiE7EaTAAADIniLn16A&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7657049583729428286%26bee_sync_partners%3Dpm%26bee_sy...
https://match.prod.bidr.io/cookie-sync?userid=7657049583729428286&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADSiE7EaTAAADIniLn16A

42 B
294 B

24ms
23ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADSiE7EaTAAADIniLn16A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 18 Mar 2022 14:31:55 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: va1pug016:0:392
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Fri, 18 Mar 2022 14:31:55 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADSiE7EaTAAADIniLn16A
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2 200 cookiesyncendpoint Show response
sync.aniview.com/ Frame E18C 0
242 B 28ms
23ms Document
text/plain 44.194.158.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1647613914073-944497590674-005932-010-006390&biddername=1&key=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.158.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-158-136.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 18 Mar 2022 14:31:55 GMT
content-length: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BF5B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-sjp1q2_R1Ww9KmqcbAsLA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

34ms
34ms

Image
text/html

104.112.9.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D
Protocol: H2
Server: 104.112.9.245 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-112-9-245.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:55 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=144439
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Sun, 20 Mar 2022 06:39:14 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

396846.gif
idsync.rlcdn.com/ Frame BF5B
Redirect Chain

https://idsync.rlcdn.com/420486.gif?partner_uid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=c329367f-ce73-4f31-a378-805130525f46

42 B
60 B

42ms
41ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=c329367f-ce73-4f31-a378-805130525f46
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:55 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Fri, 18 Mar 2022 14:31:55 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=c329367f-ce73-4f31-a378-805130525f46
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame BF5B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1c9e6234-97db-4f00-9fba-d330956747e1

0
128 B

24ms
24ms

Image
text/plain

8.28.7.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1c9e6234-97db-4f00-9fba-d330956747e1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D
Protocol: H2
Server: 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:53 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 18 Mar 2022 14:31:55 GMT
Server: MT3 4256 109297d master cdg-pixel-x14 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1c9e6234-97db-4f00-9fba-d330956747e1
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 18 Mar 2022 14:31:54 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BF5B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHdmPG8EN-r5NX3giTgN42Y&google_cver=1

42 B
362 B

24ms
23ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHdmPG8EN-r5NX3giTgN42Y&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:55 GMT
cache-control: no-store, no-cache, private
x-lat: va1pug004:0:295
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHdmPG8EN-r5NX3giTgN42Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BF5B
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:EEB88CDD63424B968D1B7A629B2300F6

42 B
382 B

24ms
24ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:EEB88CDD63424B968D1B7A629B2300F6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 07:33:56 GMT
cache-control: no-store, no-cache, private
x-lat: va2pug008:0:614
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Fri, 18 Mar 2022 14:31:55 GMT
x-content-type-options: nosniff
server: nginx
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:EEB88CDD63424B968D1B7A629B2300F6
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 17 Mar 2022 14:31:55 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame BF5B
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7529550527526254281&gdpr=0&gdpr_consent=&us_privacy=

1 B
168 B

19ms
19ms

Image
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7529550527526254281&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:55 GMT
cache-control: no-store, no-cache, private
x-lat: njrpug010:0:634
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7529550527526254281&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 18 Mar 2022 14:31:54 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame BF5B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0a5af0c9-0c57-49a6-993a-f55dc5b2e711

42 B
603 B

62ms
19ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0a5af0c9-0c57-49a6-993a-f55dc5b2e711
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:13:41 GMT
cache-control: no-store, no-cache, private
x-lat: njrpug024:0:331
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:55 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0a5af0c9-0c57-49a6-993a-f55dc5b2e711
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2 200 FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame BF5B 43 B
992 B 83ms
29ms Image
image/gif 2600:1f18:4e9:5a05:3ff0:16c7:24f8:6b4f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a05:3ff0:16c7:24f8:6b4f Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:55 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame BF5B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-14iHNuBE2uVLgtOJJltqx044Uz3cKcY-~A&gdpr=0&gdpr_consent=

0
128 B

26ms
24ms

Image
text/plain

8.28.7.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-14iHNuBE2uVLgtOJJltqx044Uz3cKcY-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D
Protocol: H2
Server: 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:54 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-14iHNuBE2uVLgtOJJltqx044Uz3cKcY-~A&gdpr=0&gdpr_consent=
date: Fri, 18 Mar 2022 14:31:55 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BF5B
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3963323398845382505&gdpr=0&gdpr_consent=

42 B
404 B

27ms
25ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3963323398845382505&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:55 GMT
cache-control: no-store, no-cache, private
x-lat: 10:0:509
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:55 GMT
X-Proxy-Origin: 149.56.153.180; 149.56.153.180; 802.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: cb00a280-157f-4475-abb9-d6bd7a20470b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3963323398845382505&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js Show response
pagead2.googlesyndication.com/bg/ Frame ABFC 35 KB
14 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 21:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 319271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13798
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 21:50:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1A98 0
0 77ms
77ms Image
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=3823595328649609&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 91EF 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 91EF 492 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ABFC 0
9 B 20ms
20ms Image
text/plain 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CFAzRQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 25ms
25ms Image
text/plain 50.16.177.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=50844&t=1647613914&cip=149.56.153.180&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647613914073-944497590674-005932-010-006390&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=74313016122&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250&&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=bid&cb=1647613915329&asid=619e234c1859e5764139cfc7%2C60c9af0fd5b7d53516584abd%2C60c5a06b11731011741c82a1%2C61f12d904c844c5c31329637%2C61b306832a905336af1b6a4a%2C60f1355d86bbbf27bc755e24&ofpr=%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.177.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-177-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:55 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F9F4 371 KB
124 KB 84ms
36ms Script
text/javascript 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5eea0864e08b0760d33128ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7522915bcb350be6f3157b1692458fdf8d6d728c2c09a8d0754c50101078e8c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126233
x-xss-protection: 0
expires: Fri, 18 Mar 2022 14:31:55 GMT

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame EEF8 590 KB
192 KB 48ms
20ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame F9F4 44 KB
17 KB 88ms
35ms Script
text/javascript 2607:f8b0:4006:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2006 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Mar 2022 14:31:55 GMT

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 33B4 590 KB
192 KB 36ms
23ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1AF4 590 KB
192 KB 32ms
31ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D4A2 590 KB
192 KB 36ms
36ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 33FD 590 KB
192 KB 31ms
31ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F9F4 107 B
122 B 70ms
41ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C7E3 37 KB
13 KB 30ms
29ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2281 37 KB
13 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0A25 37 KB
13 KB 23ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C100 37 KB
13 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8E5A 37 KB
13 KB 23ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 505F 3 KB
2 KB 78ms
18ms Document
text/html 23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.vidcrunch.com
URL: https://player.vidcrunch.com/script/6.1/avpb4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 18 Mar 2022 14:31:56 GMT
Content-Length: 1388
Connection: keep-alive

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=58816f58-2d20-4ad5-9d49-7cb5d9673ff9&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ZTJoVm1zY1U4d0dvU1FsRWFySEt2UQ&gdpr=&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEHLybnwTi__jBhmU_l8KjeA&google_cver=1
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=8cckDbCdaDqj

49 B
840 B

32ms
31ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=pp&nuid=8cckDbCdaDqj

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:56 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-23
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-CA
location: https://sync.go.sonobi.com/us.gif?nw=pp&nuid=8cckDbCdaDqj
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-5799967b4-lk6nr
expires: -1

GET

ProfilesEngineServlet
api.intentiq.com/profiles_engine/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=f79d8a858b&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us.gif?nw=td&nuid=0a5af0c9-0c57-49a6-993a-f55dc5b2e711&pubid=f79d8a858b
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=58816f58-2d20-4ad5-9d49-7cb5d9673ff9
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=58816f58-2d20-4ad5-9d49-7cb5d9673ff9&ckls=true&ci=PzJVJALCOj&nc=false&trid=14186...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D570392714%26rnd%3D11...
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=72fdc2909d041202&is_secure=true&networkId=17100&version=1&nuid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGZdLpNSzLdQNodip7AAAAAAA&expiration=1647700316&nuid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C&...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=SxWn8EQQ8PxQRqb8REG58B8SoPRQQfemGEENF7my
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=570392714&rnd=1110151257&pcid=FAC8E9D6-ADBF-4755-B0F4-A9AA71B02C2C
https://ib.adnxs.com/getuid?https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D570392714%3B1402230080%26rnd%3D-1480014151&pcid=$UID
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=570392714;1402230080&rnd=-1480014151&pcid=3963323398845382505
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D570392...
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=570392714;1402230080;1709765917&rnd=-629170180&pcid=614aafa9-4f72-41a2-b864-9681e5817d8b
https://ce.lijit.com/merge?pid=8101&3pid=PzJVJALCOj&location=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D570392714%3B14022...
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=570392714;1402230080;1709765917;1486637409&rnd=1647388477&pcid=2723a4761fb760d58d3672c9
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Fapi.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1072441116%26mi%3D10%26csh%3D570392714%3B140...
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1072441116&mi=10&csh=570392714;1402230080;1709765917;1486637409;396218182&rnd=1989196616&pcid=28690ff1-a6c8-11ec-8552-1c1b61...

0
0

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050710537140539

49 B
934 B

100ms
28ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050710537140539

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:56 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-32
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050710537140539
Date: Fri, 18 Mar 2022 14:31:56 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dsonobi%26bsw_param%3...
https://x.bidswitch.net/sync?dsp_id=354&user_id=f8d88e95ec4b4d88a2588f0fded79144&ssp=sonobi&bsw_param=28336e19-f04a-42ba-a8e3-32940fcbf9f4&gdpr=0&consent=&gdpr_pd=&expires=7
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=28336e19-f04a-42ba-a8e3-32940fcbf9f4

49 B
864 B

25ms
24ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=28336e19-f04a-42ba-a8e3-32940fcbf9f4

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:56 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-23
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=28336e19-f04a-42ba-a8e3-32940fcbf9f4
Date: Fri, 18 Mar 2022 14:31:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=1c9e6234-97db-4f00-9fba-d330956747e1

49 B
951 B

70ms
25ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=1c9e6234-97db-4f00-9fba-d330956747e1

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:56 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-23
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 18 Mar 2022 14:31:56 GMT
Server: MT3 4256 109297d master cdg-pixel-x12 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=1c9e6234-97db-4f00-9fba-d330956747e1
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 18 Mar 2022 14:31:55 GMT

GET
H2 200 index.html Show response
ws.sharethis.com/secure/ Frame AF36 7 KB
2 KB 18ms
18ms Document
text/html 2600:9000:2120:4200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure/index.html

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:4200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

342c75c322642d566dee32013f0b67792777b521227e8948f30eaa46518b1bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

content-type: text/html
content-length: 2090
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 18:42:03 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Thu, 17 Mar 2022 21:36:04 GMT
etag: W/"61e1c3fb-1ade"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 be2bc6f826ea9bebe879d48a50a29432.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: kXcZwRNo8PaqpaKgrkgVOQeFB75BtSKgOZaPvJxUnu1DMMmPHdqqJw==
age: 60952

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 33ms
32ms Image
image/gif 23.221.201.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=3&kq=1&lo=4&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fimasdk.googleapis.com%2Fjs%2Fcore%2Fbridge3.505.0_en.html%23goog_1592145500&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-ayhgNwRTPmCpsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&rs=1-5u6rgEk%2F0rYACQ%3D%3D&sc=1&os=1-xw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=IJQYWJ%3Dt%5DD&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=150&w=300&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&id=1&ii=4&f=0&j=&t=1647613913853&de=157009397932&cu=1647613913853&m=2329&ar=359f21c1e97-clean&iw=a1dda84&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4631&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A4961%3A4961%3A8859%3A4492&as=0&ag=20&an=0&gf=20&gg=0&ix=20&ic=20&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=20&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=40&cd=0&ah=40&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4914438385%3A2739195827%3A5471012876%3A138322335932&bo=343684595&bd=346094075&gw=gmanmidfpdisplay183413089896&zMoatOrigSlicer1=343684595&zMoatOrigSlicer2=346094075&zMoatPT=Celebrity_Life_Article_Page&zMoatSZ=300x250&zMoatPS=ENT_Celeblife_Desktop_Mrec1_1&zMoatSite=GMA_Entertainment&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&iq=na&tt=na&tu=&tp=&tc=0&fs=197273&na=303731087&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-201-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 18 Mar 2022 14:31:56 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 91EF 43 B
260 B 35ms
34ms Image
image/gif 23.221.201.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&d=GMANMI_DFP_DISPLAY1%3A343684595%3A346094075%3A-&de=142602342491&t=1647613913701&i=MOAT_FEATHER_DEBUG1&gw=gmanmidfpdisplay183413089896&cm=1&ac=1&f=0&bq=0&ar=359f21c1e97-clean&iw=2add9d8&dMoatOQs=moatClientLevel1%3D4914438385%26moatClientLevel2%3D2739195827%26moatClientLevel3%3D5471012876%26moatClientLevel4%3D138322335932%26moatClientSlicer1%3D343684595%26moatClientSlicer2%3D346094075%26zMoatSZ%3D300x250%26zMoatPS%3DENT_Celeblife_Desktop_Mrec1_1%26zMoatPT%3DCelebrity_Life_Article_Page%26zMoatMMV%3D%26zMoatSite%3DGMA_Entertainment%26zMoatMData%3D%26zMoatMGV%3D%26zMoatMSafety%3D&fq=0&sy=0&gh=0&wb=0&g=2&tc=1&id=1&na=355506581&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-201-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 18 Mar 2022 14:31:56 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 82ms
82ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=3823595328649609&bg=!KCulK2_NAAba2mK92to7ACkAdvg8WlCCPe0l9hi7-aPjZFRu81VsLT0hYrcN9_yR1ZHmH0cALHU1nAIAAACRUgAAAAJoAQeZAus5R-TShAM4Cf60GYLFLYSgrWpPAA2TaojZx6YG5vQA3XrISDOFDmek0YLqoIhhAKHMs9g4RM6SlJFG1OpYXZ2wYuJBcgYGuIrGNSVSKFOvc4VLNXxGpnDe4rl4WgBpc0OnKBaR0cioRCaABBTlFHfyhf9mOejo2z2IKzpHl5M_X59sA63P4fyYbpMBqx6M-6RsmeIf4QpjqQIHlR-z-5PMgo9YypF6N5s0fQw6E68jS51yR280mar0flcfeB_1KnAgVGnWqh9PgwMQj1wJmQigoM6rgNzU9kfPEcP4I5eC9Ka2y5Vaq99YK7mCcKpOfL-Tuvw3da733Rn6vr58p8-iGajqBfbTHNHA0OTCc5ex73ruH4zYdujpSPwDUEf3r-sRhVZQAfBHqNIe0SDvch_eCzyPaXHl6l3EaBo1e35O0Ocjdj9883tJFPgzBzvav_pqzoTcvBxPaH94L9_EIr11kvuzrP7B8QloQkdmoFm4YuQpOO7U8EjESDH7biVCRAeKe0gvIGnBwIuTHFh0jTZi-MSCMs3vLmhi2nl8nND-Us_RNaj32nvkJci9KfeOV-w4zFRlhEBQLu-Hf3EKUELX_NeN_f0ygDQtYJlBOVTkyQDVEGMmaNpbpNwQZRco1k4hcEv7lYPteNgk4BOuIiLYcFzDc2-VrHydkhgM2ZZRiHEQ0XDLGE63B0hL19no6YSFtaSyZk-qPRTbGXfqnsyHt3Knr9WKMM1h_qJRekm8G9zw7aEsNFNpkkJgoiG3vjmcGAlKlNTsPg9vy_QK4rFMfvOhJwRk_Zt9CfaYMHHnNOjcuui6_492AVqCloOx4SfePUl129xoCDyIUKBmLdjAE92OarMnNA6bj7HzDXGW_9HFHQ5JZiKuLgWPPkfg21Od_0n4CnDOyC8kj-hLJpzgjqvAxXnSfHlagWrGiYpD1ImX2-KN08fQrrZaSjPikh_ejsJ-onepgenlKOmNjar5pqQL21M6Nk2As_Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 st.11f7946d377d9e3c2cb7836521807fe8.js Show response
ws.sharethis.com/secure/js/ Frame AF36 87 KB
23 KB 20ms
20ms Script
application/javascript 2600:9000:2120:4200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure/js/st.11f7946d377d9e3c2cb7836521807fe8.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:4200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

369914445b6366d34f5a761a942d8a2c2db2e71fb66a7470fca8d7eb037fad73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ws.sharethis.com/secure/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 02:03:34 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 12227302
x-cache: Hit from cloudfront
content-length: 23524
server: nginx/1.20.1
etag: W/"6179dc46-15de6"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 be2bc6f826ea9bebe879d48a50a29432.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
x-robots-tag: noindex, nofollow
x-amz-cf-id: aSXKFBPJznhWBkc7UIsPUf06aaXVXEIKu5t83H-Cco_2pYd_aCfLpA==
expires: Fri, 28 Oct 2022 02:03:34 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame EEF8 156 B
185 B 532ms
526ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_8&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3432835748983353&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3922806848&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dlt=1647613914174&idt=1876&dt=1647613916306&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=248954272772158&ged=ve4_td2_tt0_pd2_la2000_er350.1059.504.1359_vi0.0.1200.1600_vp100_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 33B4 156 B
185 B 522ms
522ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_6&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2447502401612210&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=1996794275&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dlt=1647613914174&idt=1914&dt=1647613916314&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=4214054577442105&ged=ve4_td2_tt0_pd2_la2000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1AF4 156 B
523 B 288ms
288ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=903901488544087&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=4048354652&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613916323&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=4466640697837759&ged=ve4_td2_tt0_pd2_la2000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 3A2D 2 KB
3 KB 52ms
51ms Document
text/html 104.112.10.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.112.10.99 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-112-10-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e1aba8a1dad53d665ac54548d70f146d993a7744330af8f687276d15b117d75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|39|45|31|206|17|4
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Fri, 18 Mar 2022 14:31:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:56 GMT
Content-Length: 1662
Connection: keep-alive

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D4A2 156 B
185 B 474ms
473ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=347929178852699&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3215857442&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613916332&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=1695061861118786&ged=ve4_td2_tt0_pd2_la2000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 33FD 156 B
185 B 482ms
480ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_250&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3710786789618422&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3614242065&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613916338&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=4245223934670248&ged=ve4_td2_tt0_pd2_la2000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 3A2D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPDk9jfbTFMsPXiBHpc7nng&google_cver=1

43 B
315 B

41ms
41ms

Image
image/gif

104.112.10.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPDk9jfbTFMsPXiBHpc7nng&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 104.112.10.99 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-112-10-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 18 Mar 2022 14:31:56 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPDk9jfbTFMsPXiBHpc7nng&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 3A2D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB&dcc=t

43 B
932 B

45ms
44ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3X9P11C4YV4GB7HWA9XM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HP02C0KKPKGM56HCBH7M
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3A2D
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0a5af0c9-0c57-49a6-993a-f55dc5b2e711&expiration=1650205916&gdpr=0&gdpr_consent=

43 B
1006 B

138ms
43ms

Image
image/gif

104.112.10.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0a5af0c9-0c57-49a6-993a-f55dc5b2e711&expiration=1650205916&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 104.112.10.99 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-112-10-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Mar 2022 14:31:56 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:56 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0a5af0c9-0c57-49a6-993a-f55dc5b2e711&expiration=1650205916&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3A2D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjSX2nH7TP6LsH08QceQ3wAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEHCfUI0alhQwmDJXde0pOg&google_cver=1

43 B
1 KB

44ms
43ms

Image
image/gif

104.112.10.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEHCfUI0alhQwmDJXde0pOg&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 104.112.10.99 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-112-10-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Mar 2022 14:31:56 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEHCfUI0alhQwmDJXde0pOg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3A2D
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7009003161603226719&uid=Q7009003161603226719&ref=%2Feucm%2Fp%2Fcc
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7009003161603226719

43 B
990 B

89ms
65ms

Image
image/gif

104.112.10.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7009003161603226719
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 104.112.10.99 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-112-10-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Mar 2022 14:31:56 GMT

Redirect headers

Date: Fri, 18 Mar 2022 14:31:56 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7009003161603226719
Cache-Control: max-age=86311
Connection: keep-alive
Content-Type: text/html
Content-Length: 154

GET
H2

200

YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3A2D
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB&gdpr_consent=&us_privacy=&gdpr=
https://pr-bh.ybp.yahoo.com/sync/casale/YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB

43 B
991 B

31ms
30ms

Image
image/gif

2600:1f18:4e9:5a05:3ff0:16c7:24f8:6b4f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Server

2600:1f18:4e9:5a05:3ff0:16c7:24f8:6b4f Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:56 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/YjSX2nH7TP6LsH08QceQ3wAAAd4AAAAB
date: Fri, 18 Mar 2022 14:31:56 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3A2D
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
https://stags.bluekai.com/site/23178?id=7njEWzLJ9MvebDLMaMLC&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2N3ONJCVO...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=7njEWzLJ9MvebDLMaMLC

43 B
1 KB

42ms
41ms

Image
image/gif

104.112.10.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=7njEWzLJ9MvebDLMaMLC
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 104.112.10.99 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-112-10-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Mar 2022 14:31:56 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:56 GMT
P3p: CP="We do not support P3P header."
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=7njEWzLJ9MvebDLMaMLC
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 115
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3A2D
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7529550527526254281

43 B
989 B

151ms
56ms

Image
image/gif

104.112.10.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7529550527526254281
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 104.112.10.99 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-112-10-99.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:31:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Mar 2022 14:31:56 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7529550527526254281
pragma: no-cache
date: Fri, 18 Mar 2022 14:31:55 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3A2D 43 B
425 B 20ms
18ms Image
image/gif 23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YjSX2nH7TP6LsH08QceQ3wAA%26478
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.gmanetwork.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:31:56 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3594
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Mar 2022 15:31:50 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 73ms
25ms XHR
text/plain 50.16.177.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=50844&t=1647613914&cip=149.56.153.180&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647613914073-944497590674-005932-010-006390&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=74313016122&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.177.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-177-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 18 Mar 2022 14:31:56 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5C0E 590 KB
192 KB 20ms
20ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F9F4 107 B
122 B 40ms
40ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7703 37 KB
13 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 5C0E 156 B
142 B 486ms
485ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_150&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1532193286306987&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=4179348324&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613917012&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=3162017003316048&ged=ve4_td3_tt1_pd3_la3000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts1_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 77ms
25ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gmanetwork.com%2F&domain=www.gmanetwork.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://www.gmanetwork.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 2220
date: Fri, 18 Mar 2022 14:31:56 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gmanetwork.com%2F&domain=www.gmanetwork.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=AyHGj3xoVGljM0hnT05EdlhCZ1VtQ2ZEZm1CVDhjamRrYURLQXJ3emtGZTZwb1d4QTIxdFpjVWZ0R3BhV2IzN054UXk0QWsrZDB0dm1VSklMbzlSb2tTZHA1TUxHWFdwRktIeHNTSENZM3BrVE1UT3RaRVhZQ1QyTHEvbV...

360 B
620 B

72ms
25ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=AyHGj3xoVGljM0hnT05EdlhCZ1VtQ2ZEZm1CVDhjamRrYURLQXJ3emtGZTZwb1d4QTIxdFpjVWZ0R3BhV2IzN054UXk0QWsrZDB0dm1VSklMbzlSb2tTZHA1TUxHWFdwRktIeHNTSENZM3BrVE1UT3RaRVhZQ1QyTHEvbVJjOGNmRkhKdWsxZ2Y1NTdGTmsyRHNnYVFuMDQrTjNwK21SUitMZ2wvZWF2WXdrdlByOEZlNFI4bGVHQVdNNHRzVmhtenVCMy81UU91d1h6amJ2cGgxNldTQThaQUMzYk8rekxzK0JtaS9Wc0FldnBlWHBJPXw&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

3390929927754555d7d51725fec8f49e57ab81d0ef533beb41e0f0dc885e9314

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:56 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2891
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:56 GMT
location: https://mug.criteo.com/sid?cpp=AyHGj3xoVGljM0hnT05EdlhCZ1VtQ2ZEZm1CVDhjamRrYURLQXJ3emtGZTZwb1d4QTIxdFpjVWZ0R3BhV2IzN054UXk0QWsrZDB0dm1VSklMbzlSb2tTZHA1TUxHWFdwRktIeHNTSENZM3BrVE1UT3RaRVhZQ1QyTHEvbVJjOGNmRkhKdWsxZ2Y1NTdGTmsyRHNnYVFuMDQrTjNwK21SUitMZ2wvZWF2WXdrdlByOEZlNFI4bGVHQVdNNHRzVmhtenVCMy81UU91d1h6amJ2cGgxNldTQThaQUMzYk8rekxzK0JtaS9Wc0FldnBlWHBJPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2364
content-length: 482
expires: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame BF5B 0
128 B 25ms
23ms Script
text/plain 8.28.7.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=160993&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647613914073-944497590674-005932-010-006390%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:55 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 84ms
24ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1148
date: Fri, 18 Mar 2022 14:31:56 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 26ms
26ms Preflight 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 18 Mar 2022 14:31:57 GMT
content-length: 0
server: ATS/9.1.0.33
access-control-allow-origin: https://www.gmanetwork.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 24ms
24ms Image
text/plain 50.16.177.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=50844&t=1647613914&cip=149.56.153.180&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647613914073-944497590674-005932-010-006390&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=74313016122&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250&&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=request&cb=1647613917510&asid=619e234c1859e5764139cfc7%2C60c5a06b11731011741c82a1%2C60c9af0fd5b7d53516584abd%2C61f12d904c844c5c31329637%2C61b306832a905336af1b6a4a%2C61e8138f6988204b2f59bad4%2C60c9bd699498f81096551f59%2C617a4eb2cb2c5300c52fe8c3%2C60928d12155c9162fd282fe5%2C5f9195c9d6a3f6760a139c3a%2C60f1355d86bbbf27bc755e24%2C6006a7a93daa6c44f97e05c9%2C6006a79aba887464ff3c1ecc&ofpr=%2C%2C%2C%2C%2C0.8%2C1.2%2C0.8%2C1.8%2C1%2C%2C1.6%2C1.6&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.177.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-177-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
235 B 70ms
70ms XHR
text/plain 54.242.205.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=62aa12f7dde621ae325d1388046a728f_1723152210&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1647613914073-944497590674-005932-010-006390&AV_DNTCHECK=1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&AV_PUBLISHERID=5eea0864e08b0760d33128ae&AV_CHANNELID=5f212d174b419e3bf16f66ad&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gmanetwork.com&AV_DADPOS=1&AV_PLACEMENT=1&d36=6.2.6&responsive=1&sver=2&avtoken=914481&AV_WIDTH=300&AV_HEIGHT=250&AV_DNT=0&cb=7613917509&tgt=0&&AV_VI=100&AV_VID=0&d4=2&d5=3
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.242.205.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-242-205-23.compute-1.amazonaws.com
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:57 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Mon, 07 Mar 2022 00:45:17 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205428/0/ 0
174 B 27ms
26ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Fri, 18 Mar 2022 14:31:57 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
236 B 28ms
28ms XHR
text/plain 52.45.17.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-17-150.compute-1.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Fri, 18 Mar 2022 14:31:57 GMT
access-control-allow-credentials: true
server: SOMA
x-smt-sessionid: 38be1500-7f20-4eec-bdaa-b58b21784416
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 829 B
3 KB 145ms
99ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2221502e737ed5e35%22%3A%22eb3f4d8692b65578db80%7C%7Cf%3D1%22%7D&ref=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&s=d3a85ac3-2f1c-44d5-b6ee-784c8e8a1628&pv=778a3355-c4c7-46cd-9380-154209b9a84e&vp=mobile&lib_name=prebid&lib_v=6.11.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22vidcrunch.com%22%2C%22sid%22%3A%225eea0864e08b0760d33128ae%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%7D&coppa=0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

7286951983682aa35197ba48380c694bcf617141bf628d120207e562d4969842

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:57 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-35
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-type: application/json
content-length: 486
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205427/0/ 0
174 B 73ms
73ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205427/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Fri, 18 Mar 2022 14:31:57 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
335 B 23ms
22ms XHR
application/json 104.94.205.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=733458&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22244890d4137004a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2225bec398831a5e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22733458%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B300%2C250%5D%5D%2C%22w%22%3A300%2C%22h%22%3A250%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A0.8%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22vidcrunch.com%22%2C%22sid%22%3A%225eea0864e08b0760d33128ae%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-205-31.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: aafd7f6c4129cd4626400925fa77586e3a0ddcabd567ab9c4c6ef0f834795901

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:57 GMT
x-ak-initial-geo: CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.180], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.gmanetwork.com
x-cs-client-geo: 19
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 19
expires: Fri, 18 Mar 2022 14:31:57 GMT

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
294 B 35ms
34ms XHR
text/plain 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
x-openrtb-version: 2.5
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Fri, 18 Mar 2022 14:31:57 GMT
access-control-allow-credentials: true
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205428/0/ 0
174 B 37ms
37ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Fri, 18 Mar 2022 14:31:57 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 track
track1.aniview.com/ 0
70 B 24ms
23ms Image
text/plain 50.16.177.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=50844&t=1647613914&cip=149.56.153.180&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647613914073-944497590674-005932-010-006390&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=74313016122&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250&&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=bid&cb=1647613917673&asid=619e234c1859e5764139cfc7%2C60c5a06b11731011741c82a1%2C60c9af0fd5b7d53516584abd%2C61f12d904c844c5c31329637%2C61b306832a905336af1b6a4a%2C60f1355d86bbbf27bc755e24&ofpr=%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.177.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-177-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame DA6E 590 KB
192 KB 20ms
20ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F9F4 107 B
122 B 39ms
38ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EEA2 37 KB
13 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E018 590 KB
192 KB 20ms
19ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 289C 590 KB
192 KB 20ms
19ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3896 590 KB
192 KB 20ms
19ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 075D 590 KB
192 KB 20ms
19ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6972 37 KB
13 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D3EE 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CB1A 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4E6B 37 KB
13 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DA6E 156 B
142 B 433ms
432ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_8&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=159578382343715&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=965939686&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613918392&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=2541310330925583&ged=ve4_td4_tt2_pd4_la4000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts1_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E018 156 B
142 B 434ms
430ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_6&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4438750442175246&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2918382769&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613918405&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=525691712728810&ged=ve4_td4_tt2_pd4_la4000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 289C 156 B
142 B 418ms
414ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2130483222585140&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3885195076&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613918415&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=1875695250011266&ged=ve4_td4_tt2_pd4_la4000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3896 156 B
142 B 442ms
437ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=906929238918209&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=1489693486&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613918426&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=568013261662524&ged=ve4_td4_tt2_pd4_la4000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 075D 156 B
142 B 251ms
251ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_250&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1590870781446378&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=77214615&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613918448&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=1302733778829983&ged=ve4_td4_tt2_pd4_la4000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 120_90_MainImage_-20220315182535.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 4 KB
4 KB 19ms
18ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_MainImage_-20220315182535.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d243ef29453187e28d0bbf0fb0b7f2ed6511cf755f7fa1ab464d33664fdc547f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Tue, 15 Mar 2022 10:25:38 GMT
server: AmazonS3
age: 60392
etag: "b44d3ce812658e8f4d87aef6568d28d4"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Thu, 17 Mar 2022 21:45:27 GMT
x-amz-cf-pop: EWR52-C4
content-length: 4011
x-amz-cf-id: P2hchr_yxY_xSdmUU5lVqKpvogdRPgnpTWKwBXFp-g-4ANQ8GSL9eg==

GET
H2 200 120_90_main_-20220316175018.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
4 KB 19ms
18ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220316175018.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ce6a8e8b131df434deb525481df0dc468be443b8e67fa1a782e7a4d728c3cde

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:20:15 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 09:50:20 GMT
server: AmazonS3
age: 43904
etag: "81fdfb5afaaa0482781e3f9662c2060c"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3583
x-amz-cf-id: 0jxZWR41ISrHcsc7YELQttj3-gq86woKMapvEFXq5_TO-3y5DCkgdA==

GET
H2 200 120_90_main_-20220317152612.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
3 KB 23ms
22ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220317152612.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1602e38939fe4063f118d10a71114a3c2af0bb98c806f099b1c65b68f43b6e6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Thu, 17 Mar 2022 07:26:14 GMT
server: AmazonS3
age: 13391
etag: "96f4ee1dc3559385423011094edb1d58"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Fri, 18 Mar 2022 10:48:47 GMT
x-amz-cf-pop: EWR52-C4
content-length: 2962
x-amz-cf-id: tMRz4ZqEBLkrzGopVR0j2Gt41KzDTuyNwrP3AdNy8Amzz0o57voh4w==

GET
H2 200 120_90_main_-20220318172202.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 4 KB
4 KB 19ms
18ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220318172202.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d1858aa4dc092adb62881cdd8b096ad7fcb87f5eb894d2224e712f1be02692e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:42:04 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 09:22:16 GMT
server: AmazonS3
age: 17395
etag: "6e33f7af85b59d129d86cbcb4664990e"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3698
x-amz-cf-id: kuI4-XO8kbDIkKNO-uW7rheSWpgq8J0hS2cFjaJ2E9VFy5hEo1XI-w==

GET
H2 200 120_90_main_-20220318162345.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
4 KB 20ms
18ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220318162345.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f85c837f2396129897f6f2ccdf2e7c726c49cd108b312ff8dc92be23aaa6c09

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 08:27:54 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 08:23:47 GMT
server: AmazonS3
age: 21845
etag: "30629ca5842358cf3845f14f067ab904"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3566
x-amz-cf-id: eoAUzU0WKffOtimOrG8helJESsuJnWUkmFIGqLJcLW6HhWn93fzl9w==

GET
H2 200 120_90_main_-20220318152619.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 4 KB
4 KB 20ms
19ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220318152619.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a07de11156bca2b8fb6a8a1e3a6f4912cc57fe911d0592c16a8980349b0e7ace

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 07:37:17 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 07:26:22 GMT
server: AmazonS3
age: 24882
etag: "a2d22e21a7c22fc0a2f6095302354da5"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 4012
x-amz-cf-id: gGHwALUmdUpvtsH1a09lwLYvuF9qqHL82dpFv8qZegRtSg1ob1-KrQ==

GET
H2 200 120_90_FIRSTL_000021-FULL-EP-CMS_-20220315130032.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 3 KB
3 KB 22ms
20ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_FIRSTL_000021-FULL-EP-CMS_-20220315130032.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27467774b1f010a593d1d2c95013f7acbb4878265a09f5ad91c857b2c5e12783

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Tue, 15 Mar 2022 05:00:34 GMT
server: AmazonS3
age: 5404
etag: "2c60e3ab96959a1479ea7950bdd9eb8e"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Fri, 18 Mar 2022 13:01:55 GMT
x-amz-cf-pop: EWR52-C4
content-length: 2843
x-amz-cf-id: YjdAV4NN9G4_AelgJXaV8zQnICzo32XKn6WrVRl5F5rO32xCZdjHkQ==

GET
H2 200 160_90_BV_-LPRINC-_031422_FULL_-20220314202633.png
aphrodite.gmanetwork.com/entertainment/videos/images/ 33 KB
33 KB 22ms
21ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/160_90_BV_-LPRINC-_031422_FULL_-20220314202633.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36e1c129ea140353c9de17965b9618d27395a7b0e0c6ffc7d20ce90d433a2fe9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Mon, 14 Mar 2022 12:26:36 GMT
server: AmazonS3
age: 34094
etag: "375a8dd825cefb1249fdb42ad525568c"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Fri, 18 Mar 2022 05:03:45 GMT
x-amz-cf-pop: EWR52-C4
content-length: 33642
x-amz-cf-id: vT-p2SJVZ-TLJLxqLogKqluGqmz_sumazslrmY1fZ-ffaTtJvqFz0Q==

GET
H2 200 160_90_vlcsnap-2022-03-14-14h26m31s658_-20220314145743.png
aphrodite.gmanetwork.com/entertainment/videos/images/ 34 KB
34 KB 23ms
22ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/160_90_vlcsnap-2022-03-14-14h26m31s658_-20220314145743.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43c880d4e242e830f010bfad4c3f09a58044f129bf65c73ebc3b7d4ec83a489a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Mon, 14 Mar 2022 06:57:45 GMT
server: AmazonS3
age: 13057
etag: "abd0b9e0a008de7eab3260aa58b7430b"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Fri, 18 Mar 2022 10:54:22 GMT
x-amz-cf-pop: EWR52-C4
content-length: 34935
x-amz-cf-id: lLKiN5Ocdg8fCdLzKKcF1QgkiDF1NBliqRTcXqv7gLt58rxYL7rbGg==

GET
H2 200 120_90_CMS_-20220318204746.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 4 KB
4 KB 23ms
22ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_CMS_-20220318204746.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee0d295a47a305acdeef168179580af379e8c9b43042b441b4e597dbf6c409f6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 12:51:35 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 12:47:48 GMT
server: AmazonS3
age: 6024
etag: "dcaa1d20111303683496ad1563eefb6c"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 4147
x-amz-cf-id: MRaczqX4joXfTDc2kD6VzgqA2CdeLgUQ2iqWMe2D951aJfSbksJYYg==

GET
H2 200 120_90_March-18_-20220318183323.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 3 KB
3 KB 28ms
27ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_March-18_-20220318183323.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8cec626787aa156963551b0ba64e42f743f668b5d804da96f5f1023323b826ed

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 10:51:36 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 10:33:25 GMT
server: AmazonS3
age: 13223
etag: "1d9d653dd56f75dc22676d2261b9194b"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3115
x-amz-cf-id: IH5UkovTTJpUvvQ8FCnFZG_50K8-L-6ZAqq_XdoHXzqGtd73T5qW6g==

GET
H2 200 120_90_SDB-1_-20220318142737.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 4 KB
4 KB 26ms
25ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_SDB-1_-20220318142737.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba057b4ea09dc388df75171623c548c5343796be74112f878ce9f5a1cd79e512

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:37:17 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 06:27:39 GMT
server: AmazonS3
age: 28482
etag: "0a2c3400a47264ce747ee7d2b6a3c40c"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3758
x-amz-cf-id: D5av3INvctHoc0A79VaaRMjJaPaA7K4TchPX5D1VxwHhxXmHu4cRFw==

GET
H2 200 120_90_MainImage_-20220315182535.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 4 KB
4 KB 17ms
17ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_MainImage_-20220315182535.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d243ef29453187e28d0bbf0fb0b7f2ed6511cf755f7fa1ab464d33664fdc547f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Tue, 15 Mar 2022 10:25:38 GMT
server: AmazonS3
age: 60392
etag: "b44d3ce812658e8f4d87aef6568d28d4"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Thu, 17 Mar 2022 21:45:27 GMT
x-amz-cf-pop: EWR52-C4
content-length: 4011
x-amz-cf-id: YMx70QFlSmEU0tZFHAwY8X0KTnwrxKlajSfAVecDXnq5LWTzSR6fAA==

GET
H2 200 120_90_main_-20220316175018.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
4 KB 18ms
18ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220316175018.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ce6a8e8b131df434deb525481df0dc468be443b8e67fa1a782e7a4d728c3cde

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 02:20:15 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 09:50:20 GMT
server: AmazonS3
age: 43904
etag: "81fdfb5afaaa0482781e3f9662c2060c"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3583
x-amz-cf-id: 8RlL_rIi-cNTuyETXvP64rYwIzVnsT6AWrCRv5plsIRSLuMrqzyGjQ==

GET
H2 200 120_90_main_-20220318172202.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 4 KB
4 KB 17ms
17ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220318172202.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d1858aa4dc092adb62881cdd8b096ad7fcb87f5eb894d2224e712f1be02692e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:42:04 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 09:22:16 GMT
server: AmazonS3
age: 17395
etag: "6e33f7af85b59d129d86cbcb4664990e"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3698
x-amz-cf-id: TJeGK_wWrkJA-ElXB99Ulchnyem148sg4eBWXDgitvuBW8G8hqPXtg==

GET
H2 200 120_90_main_-20220318162345.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
4 KB 18ms
17ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220318162345.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f85c837f2396129897f6f2ccdf2e7c726c49cd108b312ff8dc92be23aaa6c09

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 08:27:54 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 08:23:47 GMT
server: AmazonS3
age: 21845
etag: "30629ca5842358cf3845f14f067ab904"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3566
x-amz-cf-id: X_2GceafzdFPsMLXX2ek8Z5fILWtyuOrHVryGdTCpsKFSAtIw10HwQ==

GET
H2 200 120_90_main_-20220318152619.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 4 KB
4 KB 19ms
19ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220318152619.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a07de11156bca2b8fb6a8a1e3a6f4912cc57fe911d0592c16a8980349b0e7ace

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 07:37:17 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 07:26:22 GMT
server: AmazonS3
age: 24882
etag: "a2d22e21a7c22fc0a2f6095302354da5"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 4012
x-amz-cf-id: c7dg-h12sp7_oRrVH-ljOtVvpdDraSktUvRRKXojS0Kq0JssDANJYQ==

GET
H2 200 120_90_main_-20220317152612.jpg
aphrodite.gmanetwork.com/entertainment/gallery/ 3 KB
3 KB 19ms
19ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/gallery/120_90_main_-20220317152612.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1602e38939fe4063f118d10a71114a3c2af0bb98c806f099b1c65b68f43b6e6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Thu, 17 Mar 2022 07:26:14 GMT
server: AmazonS3
age: 13391
etag: "96f4ee1dc3559385423011094edb1d58"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Fri, 18 Mar 2022 10:48:47 GMT
x-amz-cf-pop: EWR52-C4
content-length: 2962
x-amz-cf-id: ax8pjtZrj6uRiJliqn7IL-Eoe87Sj-EZegtg_VU5SFKfsh5nLs1lYQ==

GET
H2 200 120_90_FIRSTL_000021-FULL-EP-CMS_-20220315130032.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 3 KB
3 KB 20ms
19ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_FIRSTL_000021-FULL-EP-CMS_-20220315130032.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27467774b1f010a593d1d2c95013f7acbb4878265a09f5ad91c857b2c5e12783

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Tue, 15 Mar 2022 05:00:34 GMT
server: AmazonS3
age: 5404
etag: "2c60e3ab96959a1479ea7950bdd9eb8e"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Fri, 18 Mar 2022 13:01:55 GMT
x-amz-cf-pop: EWR52-C4
content-length: 2843
x-amz-cf-id: XNR5exqqrqQ3mdaa2MCMlCWAcim0KIBgQROSQXO_ou_LksXrVkspDw==

GET
H2 200 160_90_BV_-LPRINC-_031422_FULL_-20220314202633.png
aphrodite.gmanetwork.com/entertainment/videos/images/ 33 KB
33 KB 20ms
18ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/160_90_BV_-LPRINC-_031422_FULL_-20220314202633.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36e1c129ea140353c9de17965b9618d27395a7b0e0c6ffc7d20ce90d433a2fe9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Mon, 14 Mar 2022 12:26:36 GMT
server: AmazonS3
age: 34094
etag: "375a8dd825cefb1249fdb42ad525568c"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Fri, 18 Mar 2022 05:03:45 GMT
x-amz-cf-pop: EWR52-C4
content-length: 33642
x-amz-cf-id: wsxhRAyPFY2fbfcEabTbuY1v_Rimu54GaOpiElq1Mz2ACkK1pi9HnQ==

GET
H2 200 160_90_vlcsnap-2022-03-14-14h26m31s658_-20220314145743.png
aphrodite.gmanetwork.com/entertainment/videos/images/ 34 KB
34 KB 22ms
21ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/160_90_vlcsnap-2022-03-14-14h26m31s658_-20220314145743.png
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43c880d4e242e830f010bfad4c3f09a58044f129bf65c73ebc3b7d4ec83a489a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Mon, 14 Mar 2022 06:57:45 GMT
server: AmazonS3
age: 13057
etag: "abd0b9e0a008de7eab3260aa58b7430b"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
date: Fri, 18 Mar 2022 10:54:22 GMT
x-amz-cf-pop: EWR52-C4
content-length: 34935
x-amz-cf-id: JVhpVNhafGRMJxd8TECqKPGNRb0Y05NmKVCbYCeSNGsn4ncHonh3AA==

GET
H2 200 120_90_CMS_-20220318204746.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 4 KB
4 KB 23ms
22ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_CMS_-20220318204746.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee0d295a47a305acdeef168179580af379e8c9b43042b441b4e597dbf6c409f6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 12:51:35 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 12:47:48 GMT
server: AmazonS3
age: 6024
etag: "dcaa1d20111303683496ad1563eefb6c"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 4147
x-amz-cf-id: AIgsmzDKof4c0W2BPM6eWuUMSBJGXevzTEVrTAjRJUFjjYCpD9D-OA==

GET
H2 200 120_90_SDB-1_-20220318142737.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 4 KB
4 KB 23ms
22ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_SDB-1_-20220318142737.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba057b4ea09dc388df75171623c548c5343796be74112f878ce9f5a1cd79e512

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:37:17 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 06:27:39 GMT
server: AmazonS3
age: 28482
etag: "0a2c3400a47264ce747ee7d2b6a3c40c"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3758
x-amz-cf-id: nsMNks00mRjqJ3buYShrvrPttfYGhkW0tWvFHjWuEsli2yuB72ZXNw==

GET
H2 200 120_90_March-18_-20220318183323.jpg
aphrodite.gmanetwork.com/entertainment/videos/images/ 3 KB
3 KB 24ms
24ms Image
image/png 2600:9000:2120:7800:c:3460:340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aphrodite.gmanetwork.com/entertainment/videos/images/120_90_March-18_-20220318183323.jpg
Requested by: Host: www.gmanetwork.com
URL: https://www.gmanetwork.com/entertainment/celebritylife/news/81377/how-and-where-did-the-oktoberfest-originate/story?utm_term=OZY&utm_campaign=daily-dose&utm_content=Thursday_03.17.22&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7800:c:3460:340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8cec626787aa156963551b0ba64e42f743f668b5d804da96f5f1023323b826ed

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 10:51:36 GMT
via: 1.1 b4f17bdba953bc99ed49dfb95ccb934c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 10:33:25 GMT
server: AmazonS3
age: 13223
etag: "1d9d653dd56f75dc22676d2261b9194b"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: EWR52-C4
content-type: image/png
content-length: 3115
x-amz-cf-id: h1vvW9iB-4ejHfnfC9VWfvKZ_cIVkUs617mtFAMUPIEmhWVF-AUT0A==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 33ms
33ms Image
image/gif 23.221.201.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=21&q=0&yco=0&yt=0&xco=0&xt=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=3&kq=1&lo=4&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=GMANMI_DFP_DISPLAY1&ol=2716289260&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-ayhgNwRTPmCpsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&rs=1-5u6rgEk%2F0rYACQ%3D%3D&sc=1&os=1-xw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=IJQYWJ%3Dt%5DD&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=150&w=300&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&id=1&ii=4&f=0&j=&t=1647613913853&de=157009397932&cu=1647613913853&m=5036&ar=359f21c1e97-clean&iw=a1dda84&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4631&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A4961%3A4961%3A8859%3A4492&as=0&ag=712&an=20&gf=712&gg=20&ix=712&ic=712&ez=1&aj=1&pg=100&pf=100&ib=0&cc=0&bw=712&bx=20&dj=1&aa=0&ad=605&cn=0&gk=605&gl=0&ik=605&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2542&cd=40&ah=2542&am=40&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4914438385%3A2739195827%3A5471012876%3A138322335932&bo=343684595&bd=346094075&gw=gmanmidfpdisplay183413089896&zMoatOrigSlicer1=343684595&zMoatOrigSlicer2=346094075&zMoatPT=Celebrity_Life_Article_Page&zMoatSZ=300x250&zMoatPS=ENT_Celeblife_Desktop_Mrec1_1&zMoatSite=GMA_Entertainment&zMoatMMV=-&zMoatMData=-&zMoatMGV=-&zMoatMSafety=-&zMoatCURL=gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&iq=na&tt=na&tu=&tp=&tc=0&fs=197273&na=385034396&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.221.201.161 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-201-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 18 Mar 2022 14:31:58 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 27ms
26ms XHR
text/plain 50.16.177.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=50844&t=1647613914&cip=149.56.153.180&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647613914073-944497590674-005932-010-006390&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=74313016122&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.177.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-177-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 18 Mar 2022 14:31:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 716C 590 KB
192 KB 23ms
22ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F9F4 107 B
122 B 40ms
39ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E519 37 KB
13 KB 24ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 716C 156 B
142 B 429ms
428ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_150&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3950968450118843&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3651058258&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613919076&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=2629766070251105&ged=ve4_td5_tt3_pd5_la5000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts1_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 25ms
24ms Preflight 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 18 Mar 2022 14:31:59 GMT
content-length: 0
server: ATS/9.1.0.33
access-control-allow-origin: https://www.gmanetwork.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 25ms
25ms Image
text/plain 50.16.177.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=50844&t=1647613914&cip=149.56.153.180&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647613914073-944497590674-005932-010-006390&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=74313016122&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250&&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=request&cb=1647613919526&asid=619e234c1859e5764139cfc7%2C60c9af0fd5b7d53516584abd%2C60c5a06b11731011741c82a1%2C61f12d904c844c5c31329637%2C61b306832a905336af1b6a4a%2C61e8138f6988204b2f59bad4%2C5f9195c9d6a3f6760a139c3a%2C6006a7a93daa6c44f97e05c9%2C617a4eb2cb2c5300c52fe8c3%2C60928d12155c9162fd282fe5%2C60c9bd699498f81096551f59%2C60f1355d86bbbf27bc755e24%2C6006a79aba887464ff3c1ecc&ofpr=%2C%2C%2C%2C%2C0.8%2C1%2C1.6%2C0.8%2C1.8%2C1.2%2C%2C1.6&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.177.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-177-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:59 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
235 B 75ms
75ms XHR
text/plain 54.242.205.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=62aa12f7dde621ae325d1388046a728f_1723152210&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1647613914073-944497590674-005932-010-006390&AV_DNTCHECK=1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&AV_PUBLISHERID=5eea0864e08b0760d33128ae&AV_CHANNELID=5f212d174b419e3bf16f66ad&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gmanetwork.com&AV_DADPOS=1&AV_PLACEMENT=1&d36=6.2.6&responsive=1&sver=2&avtoken=914481&AV_WIDTH=300&AV_HEIGHT=250&AV_DNT=0&cb=7613919525&tgt=0&&AV_VI=100&AV_VID=0&d4=3&d5=5
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.242.205.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-242-205-23.compute-1.amazonaws.com
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:59 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Mon, 07 Mar 2022 00:45:19 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
335 B 26ms
26ms XHR
application/json 104.94.205.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=733458&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2230fecf2d0ee8d09%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22312c231a47a1b62%22%2C%22ext%22%3A%7B%22siteID%22%3A%22733458%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B300%2C250%5D%5D%2C%22w%22%3A300%2C%22h%22%3A250%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A0.8%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22vidcrunch.com%22%2C%22sid%22%3A%225eea0864e08b0760d33128ae%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-205-31.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4f4daa7e3844c4f1105d85694f3763ba833e79d6d1e911b78366fe85c411e36c

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:59 GMT
x-ak-initial-geo: CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.180], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.gmanetwork.com
x-cs-client-geo: 19
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 19
expires: Fri, 18 Mar 2022 14:31:59 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205427/0/ 0
174 B 38ms
38ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205427/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Fri, 18 Mar 2022 14:31:59 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205428/0/ 0
174 B 34ms
34ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Fri, 18 Mar 2022 14:31:59 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
294 B 69ms
69ms XHR
text/plain 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
x-openrtb-version: 2.5
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Fri, 18 Mar 2022 14:31:59 GMT
access-control-allow-credentials: true
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205428/0/ 0
174 B 28ms
28ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Fri, 18 Mar 2022 14:31:59 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 265 B
2 KB 76ms
75ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2241c5bbc3cfccc7b%22%3A%22eb3f4d8692b65578db80%7C%7Cf%3D1%22%7D&ref=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&s=45ec4962-57e8-4480-b6a9-b18983131b35&pv=778a3355-c4c7-46cd-9380-154209b9a84e&vp=mobile&lib_name=prebid&lib_v=6.11.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22vidcrunch.com%22%2C%22sid%22%3A%225eea0864e08b0760d33128ae%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%7D&coppa=0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

812e27ecbe2a3fa1751248c3184a9ca37ca64679f51e40c048913a2fa3ad0fb1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:31:59 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-35
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-type: application/json
content-length: 240
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
236 B 28ms
27ms XHR
text/plain 52.45.17.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-17-150.compute-1.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Fri, 18 Mar 2022 14:31:59 GMT
access-control-allow-credentials: true
server: SOMA
x-smt-sessionid: 54cdc20f-e702-4372-af07-6b63049c1ad7
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires

GET
H2 200 track
track1.aniview.com/ 0
70 B 25ms
24ms Image
text/plain 50.16.177.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=50844&t=1647613914&cip=149.56.153.180&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647613914073-944497590674-005932-010-006390&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=74313016122&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250&&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=bid&cb=1647613919636&asid=619e234c1859e5764139cfc7%2C60c9af0fd5b7d53516584abd%2C60c5a06b11731011741c82a1%2C61f12d904c844c5c31329637%2C61b306832a905336af1b6a4a%2C60f1355d86bbbf27bc755e24&ofpr=%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.177.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-177-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:31:59 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2431 590 KB
192 KB 20ms
20ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F9F4 107 B
122 B 42ms
42ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8FB7 590 KB
192 KB 21ms
21ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 75BB 590 KB
192 KB 54ms
54ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 115E 590 KB
192 KB 30ms
28ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E594 590 KB
192 KB 21ms
20ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1AF8 37 KB
13 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DD52 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BD87 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 54AD 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 941E 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2431 156 B
142 B 412ms
412ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_8&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1332612414795327&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3651058258&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613920481&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=2346970453778858&ged=ve4_td6_tt4_pd6_la6000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts1_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8FB7 156 B
142 B 266ms
265ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_6&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=663360216649532&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3409139524&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613920491&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=2827648113802062&ged=ve4_td6_tt4_pd6_la6000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 75BB 156 B
142 B 249ms
248ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1241488710985714&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=1377227870&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613920499&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=984970172345633&ged=ve4_td6_tt4_pd6_la6000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 115E 156 B
142 B 368ms
368ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1754570565676781&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2553163485&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613920507&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=3942264653493582&ged=ve4_td6_tt4_pd6_la6000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E594 156 B
142 B 269ms
269ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_250&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2475337904048721&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2855324650&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613920513&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=3329595618375686&ged=ve4_td6_tt4_pd6_la6000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 30ms
30ms XHR
text/plain 50.16.177.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=50844&t=1647613914&cip=149.56.153.180&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647613914073-944497590674-005932-010-006390&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=74313016122&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.177.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-177-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 18 Mar 2022 14:32:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1DFF 590 KB
192 KB 20ms
19ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F9F4 107 B
122 B 41ms
40ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3787 37 KB
13 KB 22ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1DFF 156 B
142 B 419ms
418ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_150&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2114711298518120&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3651058258&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613920993&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=2543613367783217&ged=ve4_td7_tt5_pd7_la7000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts1_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:32:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 25ms
25ms Preflight 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Origin: https://www.gmanetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 18 Mar 2022 14:32:01 GMT
content-length: 0
server: ATS/9.1.0.33
access-control-allow-origin: https://www.gmanetwork.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 26ms
26ms Image
text/plain 50.16.177.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=50844&t=1647613914&cip=149.56.153.180&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647613914073-944497590674-005932-010-006390&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=74313016122&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250&&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=request&cb=1647613921428&asid=619e234c1859e5764139cfc7%2C60c9af0fd5b7d53516584abd%2C60c5a06b11731011741c82a1%2C61b306832a905336af1b6a4a%2C61f12d904c844c5c31329637%2C61e8138f6988204b2f59bad4%2C60c9bd699498f81096551f59%2C60928d12155c9162fd282fe5%2C617a4eb2cb2c5300c52fe8c3%2C5f9195c9d6a3f6760a139c3a%2C60f1355d86bbbf27bc755e24%2C6006a7a93daa6c44f97e05c9%2C6006a79aba887464ff3c1ecc&ofpr=%2C%2C%2C%2C%2C0.8%2C1.2%2C1.8%2C0.8%2C1%2C%2C1.6%2C1.6&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.177.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-177-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:32:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
235 B 52ms
51ms XHR
text/plain 54.242.205.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=62aa12f7dde621ae325d1388046a728f_1723152210&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1647613914073-944497590674-005932-010-006390&AV_DNTCHECK=1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&AV_PUBLISHERID=5eea0864e08b0760d33128ae&AV_CHANNELID=5f212d174b419e3bf16f66ad&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.gmanetwork.com&AV_DADPOS=1&AV_PLACEMENT=1&d36=6.2.6&responsive=1&sver=2&avtoken=914481&AV_WIDTH=300&AV_HEIGHT=250&AV_DNT=0&cb=7613921427&tgt=0&&AV_VI=100&AV_VID=0&d4=4&d5=6
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.242.205.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-242-205-23.compute-1.amazonaws.com
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:32:01 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Mon, 07 Mar 2022 00:45:21 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205428/0/ 0
174 B 56ms
56ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Fri, 18 Mar 2022 14:32:01 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205428/0/ 0
174 B 28ms
28ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205428/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Fri, 18 Mar 2022 14:32:01 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 264 B
2 KB 52ms
52ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22492e7d006723b3%22%3A%22eb3f4d8692b65578db80%7C%7Cf%3D1%22%7D&ref=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&s=6a55caf0-a238-49eb-8c2b-4aa8d80f0534&pv=778a3355-c4c7-46cd-9380-154209b9a84e&vp=mobile&lib_name=prebid&lib_v=6.11.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22vidcrunch.com%22%2C%22sid%22%3A%225eea0864e08b0760d33128ae%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%7D&coppa=0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e78c39f56c3149198ccc1f6679bc97c34f87fb88265a0350f512b669808d4ffb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:32:01 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-35
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.gmanetwork.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-type: application/json
content-length: 239
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
236 B 29ms
28ms XHR
text/plain 52.45.17.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.17.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-17-150.compute-1.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Fri, 18 Mar 2022 14:32:01 GMT
access-control-allow-credentials: true
server: SOMA
x-smt-sessionid: 1b220469-a7b8-4859-86bf-6d47069dac92
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
335 B 25ms
25ms XHR
application/json 104.94.205.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=733458&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%225284147de2642ad%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2253103d19aff1c27%22%2C%22ext%22%3A%7B%22siteID%22%3A%22733458%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B300%2C250%5D%5D%2C%22w%22%3A300%2C%22h%22%3A250%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A0.8%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22vidcrunch.com%22%2C%22sid%22%3A%225eea0864e08b0760d33128ae%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-205-31.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2164de66db00f965171173d24ce5aad322c1701bb2e303bacb7ff12da6fe05c2

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:32:01 GMT
x-ak-initial-geo: CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.180], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.gmanetwork.com
x-cs-client-geo: 19
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 19
expires: Fri, 18 Mar 2022 14:32:01 GMT

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
294 B 35ms
33ms XHR
text/plain 3.92.156.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-8.compute-1.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
x-openrtb-version: 2.5
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.gmanetwork.com
date: Fri, 18 Mar 2022 14:32:01 GMT
access-control-allow-credentials: true
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

POST
H2 204 mvo Show response
tag.1rx.io/rmp/205427/0/ 0
174 B 26ms
26ms XHR
text/plain 199.127.204.163
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/205427/0/mvo?z=1r&hbv=6.11,2.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gmanetwork.com
pragma: no-cache
date: Fri, 18 Mar 2022 14:32:01 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 track
track1.aniview.com/ 0
70 B 230ms
230ms Image
text/plain 50.16.177.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=50844&t=1647613914&cip=149.56.153.180&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647613914073-944497590674-005932-010-006390&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=74313016122&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250&&ppid=5eea0864e08b0760d33128ae&nid=5b59760c073ef46a2e6b8f13&pcid=5f212d174b419e3bf16f66ad&ncid=5f212c6da6efc474f73c5ba9&pasid=5f212cab7024f27f297fc726&e=bid&cb=1647613921507&asid=619e234c1859e5764139cfc7%2C60c9af0fd5b7d53516584abd%2C60c5a06b11731011741c82a1%2C61b306832a905336af1b6a4a%2C61f12d904c844c5c31329637%2C60f1355d86bbbf27bc755e24&ofpr=%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.177.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-177-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:32:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 062E 590 KB
192 KB 20ms
19ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F9F4 107 B
122 B 41ms
40ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9149 37 KB
13 KB 21ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E0AD 590 KB
192 KB 20ms
20ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 36EF 590 KB
192 KB 20ms
19ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C35E 590 KB
192 KB 19ms
19ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D1F4 590 KB
192 KB 21ms
20ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 332D 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 650C 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 519E 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 09F7 37 KB
13 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H/1.1

200
OK

adnxs
sync.sharethis.com/ Frame 167A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.sharethis.com%2Fadnxs%3Fuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://sync.sharethis.com/adnxs?uid=3963323398845382505&gdpr=0&gdpr_consent=

42 B
297 B

35ms
34ms

Image
image/gif

13.59.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/adnxs?uid=3963323398845382505&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

13.59.214.99 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Fri, 18 Mar 2022 14:32:02 GMT
Content-Length: 42
Stid: ZG4AAmI0l9gAAAAJLZDLAw==
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 14:32:02 GMT
X-Proxy-Origin: 149.56.153.180; 149.56.153.180; 802.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5a02e38f-a9d0-4da8-8f68-21e5a017ede4
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.sharethis.com/adnxs?uid=3963323398845382505&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame 167A
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2326&gdpr=0&gdpr_consent=&partner_device_id=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2326&gdpr=0&gdpr_consent=&partner_device_id=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=27c02b2a-5e72-4526-86d7-90fccde5848e%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0a5af0c9-0c57-49a6-993a-f55dc5b2e711&ttd_puid=27c02b2a-5e72-4526-86d7-90fccde5848e%2C

95 B
430 B

37ms
37ms

Image
image/png

107.178.246.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0a5af0c9-0c57-49a6-993a-f55dc5b2e711&ttd_puid=27c02b2a-5e72-4526-86d7-90fccde5848e%2C

Protocol

Server

107.178.246.49 -, , ASN (),

Reverse DNS

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:32:02 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 14:32:02 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0a5af0c9-0c57-49a6-993a-f55dc5b2e711&ttd_puid=27c02b2a-5e72-4526-86d7-90fccde5848e%2C
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 353

GET
H/1.1

200

3.gif
id5-sync.com/c/121/3/0/ Frame 167A
Redirect Chain

https://id5-sync.com/s/121/2.gif?puid=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/121/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/121/2/1/2.gif?puid=3963323398845382505&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO1mQJeNaj9clK-_u7qDQO2MezNoBxdoDV89C0-g&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F121%2F3%2F0%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/121/3/0/3.gif?puid=1c9e6234-97db-4f00-9fba-d330956747e1&gdpr=0&gdpr_consent=

43 B
1 KB

98ms
98ms

Image
image/gif

51.75.146.199
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/121/3/0/3.gif?puid=1c9e6234-97db-4f00-9fba-d330956747e1&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

51.75.146.199 , France, ASN16276 (OVH, FR),

Reverse DNS

p12.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:32:01 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Date: Fri, 18 Mar 2022 14:32:02 GMT
Server: MT3 4256 109297d master cdg-pixel-x5 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://id5-sync.com/c/121/3/0/3.gif?puid=1c9e6234-97db-4f00-9fba-d330956747e1&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 18 Mar 2022 14:32:01 GMT

GET
H/1.1

200
OK

52233
i6.liadm.com/s/ Frame 167A
Redirect Chain

https://aa.agkn.com/adscores/r.pixel?sid=9212270798&puid=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&gdpr=0&gdpr_consent=
https://i.liadm.com/s/52233?bidder_id=100905&bidder_uuid=214250604094262529743
https://i.liadm.com/s/52233?bidder_id=100905&bidder_uuid=214250604094262529743&_li_chk=true&previous_uuid=00988a001cd641a290c9abab219537cd
https://i6.liadm.com/s/52233?bidder_id=100905&bidder_uuid=214250604094262529743

43 B
419 B

73ms
24ms

Image
image/gif

2600:1f18:444a:4602:f850:4eec:7dd:fbc1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/52233?bidder_id=100905&bidder_uuid=214250604094262529743

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:f850:4eec:7dd:fbc1 -, , ASN (),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 14:32:02 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/52233?bidder_id=100905&bidder_uuid=214250604094262529743
Date: Fri, 18 Mar 2022 14:32:01 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2

204

/
spl.zeotap.com/ Frame 167A
Redirect Chain

https://pixel.onaudience.com/?partner=138&gdpr=0&gdpr_consent=&mapped=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ba003d8a2caa47b4e68eea8a765591d4&gdpr=0
https://spl.zeotap.com/?zdid=1332&zcluid=9c4750a062fdab31

0
170 B

415ms
52ms

Image
text/plain

2606:4700:10::ac43:db6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1332&zcluid=9c4750a062fdab31
Protocol: H2
Server: 2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:32:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6edeaceadf23ca67-YUL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

Redirect headers

location: https://spl.zeotap.com?zdid=1332&zcluid=9c4750a062fdab31
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame 167A
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

42ms
42ms

Image
image/gif

13.59.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Protocol

HTTP/1.1

Server

13.59.214.99 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Fri, 18 Mar 2022 14:32:02 GMT
Content-Length: 42
Stid: ZG4AAmI0l9gAAAAJLZDLAw==
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Date: Fri, 18 Mar 2022 14:32:02 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

adobe
sync.sharethis.com/ Frame 167A
Redirect Chain

https://dpm.demdex.net/ibs:dpid=600901&dpuuid=ZG4AAmI0l9gAAAAJLZDLAw%3D%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.sharethis.com%2Fadobe%3Fuid%3D%24%7BDD_UUID%7D%26_rand%3D1647613922192
https://sync.sharethis.com/adobe?uid=21203634011106379221682371585778724831&_rand=1647613922192

42 B
297 B

36ms
35ms

Image
image/gif

13.59.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/adobe?uid=21203634011106379221682371585778724831&_rand=1647613922192

Protocol

HTTP/1.1

Server

13.59.214.99 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Fri, 18 Mar 2022 14:32:02 GMT
Content-Length: 42
Stid: ZG4AAmI0l9gAAAAJLZDLAw==
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-va6-2-v030-04f3aa68e.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: iWzaROAPS78=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.sharethis.com/adobe?uid=21203634011106379221682371585778724831&_rand=1647613922192
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 062E 156 B
142 B 357ms
356ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_8&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3192567751781359&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3409139524&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613922264&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=3778640946963224&ged=ve4_td8_tt6_pd8_la8000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts1_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:32:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E0AD 156 B
142 B 484ms
484ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_6&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2935086031075749&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=1377227870&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613922272&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=1970308107474166&ged=ve4_td8_tt6_pd8_la8000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:32:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 36EF 156 B
142 B 447ms
447ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=922072753260976&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2553163485&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613922279&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=1793969910402236&ged=ve4_td8_tt6_pd8_la8000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:32:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C35E 156 B
142 B 316ms
315ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=68492395156689&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2855324650&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613922284&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=1886678979274763&ged=ve4_td8_tt6_pd8_la8000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:32:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D1F4 156 B
142 B 278ms
277ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_250&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=202413306480173&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=4274573665&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613922291&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=273560049026071&ged=ve4_td8_tt6_pd8_la8000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:32:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 32ms
31ms XHR
text/plain 50.16.177.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.gmanetwork.com&rs=www.gmanetwork.com&sid=50844&t=1647613914&cip=149.56.153.180&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=5eea0864e08b0760d33128ae&test=&aafaid=&proto=https&uid=1647613914073-944497590674-005932-010-006390&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=74313016122&d9=0000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=250
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zone.js/0.9.1/zone.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.177.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-177-213.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gmanetwork.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 18 Mar 2022 14:32:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 bridge3.505.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6956 590 KB
192 KB 21ms
20ms Document
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 20:11:53 GMT
expires: Thu, 16 Mar 2023 20:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Mar 2022 20:06:38 GMT
content-type: text/html
age: 152409
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F9F4 107 B
122 B 41ms
40ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gmanetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 14:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 41DA 37 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gmanetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 15:11:41 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6956 156 B
142 B 475ms
475ms XHR
text/xml 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22655109307%2FSMG_VidCrunch%2Fpreroll%2Fsyndication_150&description_url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4358217129962718&vpmute=1&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3651058258&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=2735475F-2DF6-4CDA-A260-927D08555810&nel=0&eid=44737475%2C44738438%2C44758374&top=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&url=https%3A%2F%2Fwww.gmanetwork.com%2Fentertainment%2Fcelebritylife%2Fnews%2F81377%2Fhow-and-where-did-the-oktoberfest-originate%2Fstory%3Futm_term%3DOZY%26utm_campaign%3Ddaily-dose%26utm_content%3DThursday_03.17.22%26utm_source%3DCampaigner%26utm_medium%3Demail&dt=1647613923124&cookie=ID%3D8397af614e32fa01-22fd1363dd7b008b%3AT%3D1647613912%3AS%3DALNI_MYegWu2e5KzxP_yvo-y3MrG3mkgoQ&scor=2111830450528238&ged=ve4_td9_tt7_pd9_la9000_er350.1059.504.1359_vi0.0.1200.1600_vp100_ts1_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS