urlscan.io logo urlscan.io
SecurityTrails logo

gcp-cheet-4400-calgaryherald.gdev.postmedia.digital Open in urlscan Pro
34.95.11.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Effective URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Submission: On February 13 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 90 IPs in 7 countries across 77 domains to perform 363 HTTP transactions. The main IP is 34.95.11.30, located in Montreal, Canada and belongs to GOOGLE-PRIVATE-CLOUD, US. The main domain is gcp-cheet-4400-calgaryherald.gdev.postmedia.digital.
TLS certificate: Issued by R3 on February 13th 2022. Valid for: 3 months.
This is the only time gcp-cheet-4400-calgaryherald.gdev.postmedia.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 34.95.11.30 396982 (GOOGLE-PR...)
8 142.251.32.98 15169 (GOOGLE)
3 5 23.221.203.181 16625 (AKAMAI-AS)
1 2620:100:a001::4 19750 (AS-CRITEO)
4 54.192.160.42 16509 (AMAZON-02)
2 18 104.16.68.69 13335 (CLOUDFLAR...)
1 13.225.205.104 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.225.71.110 16509 (AMAZON-02)
1 13.225.205.38 16509 (AMAZON-02)
7 34.149.157.221 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.225.58.39 16509 (AMAZON-02)
4 2600:9000:21e... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 6 13.226.31.94 16509 (AMAZON-02)
1 34.194.161.83 14618 (AMAZON-AES)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
6 151.101.130.133 54113 (FASTLY)
1 34.120.155.137 15169 (GOOGLE)
4 5 15.197.193.217 16509 (AMAZON-02)
5 3.214.92.183 14618 (AMAZON-AES)
4 2a04:4e42:400... 54113 (FASTLY)
2 142.251.35.162 15169 (GOOGLE)
1 2600:1400:900... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 199.232.36.157 54113 (FASTLY)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 99.83.154.140 16509 (AMAZON-02)
2 151.101.194.133 54113 (FASTLY)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 108.174.10.14 14413 (LINKEDIN)
1 2 104.18.101.194 13335 (CLOUDFLAR...)
1 104.244.42.131 13414 (TWITTER)
1 104.244.42.133 13414 (TWITTER)
1 2 2607:f8b0:400... 15169 (GOOGLE)
2 2 2001:438:65:1... 26762 (CNVR-US-EAST)
1 34.73.194.24 396982 (GOOGLE-PR...)
2 3 52.45.33.138 14618 (AMAZON-AES)
5 5 35.211.178.172 15169 (GOOGLE)
10 14 142.251.41.2 15169 (GOOGLE)
3 3 207.198.113.169 13768 (COGECO-PEER1)
1 1 199.38.167.129 54312 (ROCKETFUEL)
44 3.92.156.8 14618 (AMAZON-AES)
3 4 68.67.160.186 29990 (ASN-APPNEX)
4 15 34.98.64.218 15169 (GOOGLE)
2 4 63.251.114.182 12181 (INTERNAP-...)
11 107.23.155.169 14618 (AMAZON-AES)
11 68.67.160.74 29990 (ASN-APPNEX)
2 74.119.119.129 19750 (AS-CRITEO)
1 23.78.210.18 16625 (AKAMAI-AS)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 13 209.54.177.54 16509 (AMAZON-02)
1 4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 5 34.226.104.236 14618 (AMAZON-AES)
12 52.4.155.217 14618 (AMAZON-AES)
2 6 35.190.60.146 15169 (GOOGLE)
2 2 104.126.112.185 16625 (AKAMAI-AS)
6 6 151.101.194.49 54113 (FASTLY)
2 2 54.236.200.174 14618 (AMAZON-AES)
4 4 103.229.205.242 30419 (MEDIAMATH...)
1 3 34.235.23.231 14618 (AMAZON-AES)
1 156.154.202.36 19907 (NEUSTAR-AS6)
1 1 54.81.207.173 14618 (AMAZON-AES)
4 4 52.223.22.214 16509 (AMAZON-02)
2 2 3.229.159.16 14618 (AMAZON-AES)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
1 2 2600:1f18:4e9... 14618 (AMAZON-AES)
4 9 34.199.144.90 14618 (AMAZON-AES)
2 23.221.203.12 16625 (AKAMAI-AS)
2 23.64.109.237 16625 (AKAMAI-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 35.186.253.211 15169 (GOOGLE)
1 1 34.232.92.67 14618 (AMAZON-AES)
1 2 107.178.246.49 15169 (GOOGLE)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
4 23.92.190.74 10913 (INTERNAP-BLK)
1 1 51.255.68.171 16276 (OVH)
1 1 192.184.68.188 14618 (AMAZON-AES)
1 1 34.232.235.22 14618 (AMAZON-AES)
8 2607:f8b0:400... 15169 (GOOGLE)
2 2 64.74.236.63 19024 (INTERNAP-...)
1 104.36.115.113 62713 (AS-PUBMATIC)
3 9 8.43.72.98 26667 (RUBICONPR...)
1 2 185.167.164.42 198622 (ADFORM)
6 8.28.7.83 62713 (AS-PUBMATIC)
1 104.36.115.114 62713 (AS-PUBMATIC)
1 1 75.126.248.142 36351 (SOFTLAYER)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 142.251.4.155 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
1 74.119.119.139 19750 (AS-CRITEO)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2600:9000:21d... 16509 (AMAZON-02)
13 107.22.42.155 14618 (AMAZON-AES)
14 18 2600:9000:21d... 16509 (AMAZON-02)
25 2a04:4e42:400... 54113 (FASTLY)
1 152.199.5.228 15133 (EDGECAST)
2 2607:f8b0:400... 15169 (GOOGLE)
1 8.28.7.84 62713 (AS-PUBMATIC)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
363 90
28    34.95.11.30 (Montreal, Canada)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 30.11.95.34.bc.googleusercontent.com
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
8    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
securepubads.g.doubleclick.net
5    23.221.203.181 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-203-181.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
as-sec.casalemedia.com
ssum.casalemedia.com
1    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
4    54.192.160.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-160-42.ewr53.r.cloudfront.net
c.amazon-adsystem.com
18    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
hb.districtm.io
cdn.districtm.io
dmx.districtm.io
1    13.225.205.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-205-104.ewr50.r.cloudfront.net
cdn.adsafeprotected.com
1    2607:f8b0:4006:822::200a (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3032::ac43:c0b6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    2606:4700:10::6816:49e8 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
1    13.225.71.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-71-110.ewr53.r.cloudfront.net
ak.sail-horizon.com
1    13.225.205.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-205-38.ewr50.r.cloudfront.net
fem.prod.postmedia.digital
7    34.149.157.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
3    2607:f8b0:4006:809::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6810:bbdd (United States)

ASN13335 (CLOUDFLARENET, US)
i.prcdn.co
1    13.225.58.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-58-39.ewr53.r.cloudfront.net
cdn.parsely.com
4    2600:9000:21ea:a400:8:f216:eb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
d395dw5zk780j2.cloudfront.net
1    2607:f8b0:4006:824::2008 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    13.226.31.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-94.ewr53.r.cloudfront.net
sb.scorecardresearch.com
1    34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com
p1.parsely.com
2    2606:4700:10::ac43:835 (United States)

ASN13335 (CLOUDFLARENET, US)
config.lrcontent.com
1    2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
6    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
1    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
5    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
5    3.214.92.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-92-183.compute-1.amazonaws.com
pixel.adsafeprotected.com
4    2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
2    142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
www.googleadservices.com
1    2600:1400:9000::687e:74ca (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    199.232.36.157 (New York, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    2606:4700::6811:b8b1 (United States)

ASN13335 (CLOUDFLARENET, US)
sandbox.tinypass.com
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
2    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
consumer.krxd.net
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
2    104.18.101.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
2    2607:f8b0:4006:806::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2001:438:65:11::1720 (United States)

ASN26762 (CNVR-US-EAST, US)
districtm-match.dotomi.com
1    34.73.194.24 (North Charleston, United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 24.194.73.34.bc.googleusercontent.com
dmx.us-east-34.districtm.io
3    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
5    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
14    142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
cm.g.doubleclick.net
3    207.198.113.169 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    199.38.167.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
44    3.92.156.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-156-8.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
4    68.67.160.186 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
15    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
postmedia-d.openx.net
us-u.openx.net
u.openx.net
4    63.251.114.182 (United States)

ASN12181 (INTERNAP-2BLK, US)
ap.lijit.com
11    107.23.155.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-155-169.compute-1.amazonaws.com
btlr.sharethrough.com
11    68.67.160.74 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 671.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
2    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
1    23.78.210.18 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-210-18.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
13    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    2607:f8b0:4006:823::2004 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:824::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)
c2-sandbox.piano.io
5    34.226.104.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-104-236.compute-1.amazonaws.com
usermatch.krxd.net
12    52.4.155.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-155-217.compute-1.amazonaws.com
beacon.krxd.net
6    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    104.126.112.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-185.deploy.static.akamaitechnologies.com
stags.bluekai.com
6    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    54.236.200.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-200-174.compute-1.amazonaws.com
match.prod.bidr.io
4    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    34.235.23.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-23-231.compute-1.amazonaws.com
ml314.com
1    156.154.202.36 (United States)

ASN19907 (NEUSTAR-AS6, US)
aa.agkn.com
1    54.81.207.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-207-173.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    3.229.159.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-159-16.compute-1.amazonaws.com
pixel.advertising.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    2600:1f18:4e9:5a05:c954:e19:2065:a03a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
9    34.199.144.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-144-90.compute-1.amazonaws.com
match.sharethrough.com
2    23.221.203.12 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-203-12.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    23.64.109.237 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-109-237.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2607:f8b0:4006:80c::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
1    2607:f8b0:4006:80b::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    34.232.92.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-92-67.compute-1.amazonaws.com
sync.ipredictive.com
2    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
4    23.92.190.74 (United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
1    192.184.68.188 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
1    34.232.235.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-235-22.compute-1.amazonaws.com
aorta.clickagy.com
8    2607:f8b0:4006:80c::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
5d3f333cb2b24f898e5d5a8e3a599e19.safeframe.googlesyndication.com
tpc.googlesyndication.com
2    64.74.236.63 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
9    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    185.167.164.42 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    75.126.248.142 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 8e.f8.7e4b.ip4.static.sl-reverse.com
um.simpli.fi
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    142.251.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: gm-in-f155.1e100.net
bid.g.doubleclick.net
6    2607:f8b0:4006:809::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:9000:2140:2400:7:75d4:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.ribn.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
2    2607:f8b0:4006:80a::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2600:9000:21dd:4400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
13    107.22.42.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-42-155.compute-1.amazonaws.com
dt.adsafeprotected.com
18    2600:9000:21da:4400:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
25    2a04:4e42:400::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
ssl.p.jwpcdn.com
prd.jwpltx.com
videos-fms.jwpsrv.com
1    152.199.5.228 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    2607:f8b0:4006:816::200a (Queens, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    2607:f8b0:4006:807::2006 (Queens, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2607:f8b0:4006:816::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
jssdks.mparticle.com
Apex Domain
Subdomains		 Transfer
49 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 654
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
8 KB
36 postmedia.digital
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
fem.prod.postmedia.digital — Cisco Umbrella Rank: 86165
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 68899
414 KB
25 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 1228
consumer.krxd.net — Cisco Umbrella Rank: 1569
usermatch.krxd.net — Cisco Umbrella Rank: 981
beacon.krxd.net — Cisco Umbrella Rank: 371
185 KB
25 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
bid.g.doubleclick.net — Cisco Umbrella Rank: 448
222 KB
23 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3336
pixel.adsafeprotected.com — Cisco Umbrella Rank: 519
static.adsafeprotected.com — Cisco Umbrella Rank: 502
dt.adsafeprotected.com — Cisco Umbrella Rank: 465
216 KB
20 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1093
match.sharethrough.com — Cisco Umbrella Rank: 561
5 KB
19 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2192
entitlements.jwplayer.com — Cisco Umbrella Rank: 3241
52 KB
19 districtm.io
hb.districtm.io — Cisco Umbrella Rank: 70016
cdn.districtm.io — Cisco Umbrella Rank: 1644
dmx.districtm.io — Cisco Umbrella Rank: 1164
dmx.us-east-34.districtm.io — Cisco Umbrella Rank: 14533
21 KB
17 openx.net
postmedia-d.openx.net — Cisco Umbrella Rank: 103793
us-u.openx.net — Cisco Umbrella Rank: 322
u.openx.net — Cisco Umbrella Rank: 636
rtb.openx.net — Cisco Umbrella Rank: 1330
4 KB
17 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 263
s.amazon-adsystem.com — Cisco Umbrella Rank: 266
50 KB
16 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 2922
videos-fms.jwpsrv.com — Cisco Umbrella Rank: 4857
445 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 350
16 KB
14 googlesyndication.com
5d3f333cb2b24f898e5d5a8e3a599e19.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
432 KB
12 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 512
token.rubiconproject.com — Cisco Umbrella Rank: 593
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 935
pixel.rubiconproject.com — Cisco Umbrella Rank: 288
16 KB
11 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 429
image6.pubmatic.com — Cisco Umbrella Rank: 582
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image4.pubmatic.com — Cisco Umbrella Rank: 738
image2.pubmatic.com — Cisco Umbrella Rank: 752
simage4.pubmatic.com — Cisco Umbrella Rank: 1024
26 KB
8 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2468
271 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 598
ce.lijit.com — Cisco Umbrella Rank: 696
7 KB
7 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 739
idsync.rlcdn.com — Cisco Umbrella Rank: 283
id.rlcdn.com — Cisco Umbrella Rank: 548
1 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
1 KB
6 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 5051
identity.mparticle.com — Cisco Umbrella Rank: 2515
jssdks.mparticle.com — Cisco Umbrella Rank: 4790
48 KB
6 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 129
3 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
77 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 59
2 KB
5 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 427
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
as-sec.casalemedia.com — Cisco Umbrella Rank: 1146
ssum.casalemedia.com — Cisco Umbrella Rank: 1125
3 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 736
gum.criteo.com — Cisco Umbrella Rank: 355
mug.criteo.com — Cisco Umbrella Rank: 3197
7 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 265
3 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 439
www.linkedin.com — Cisco Umbrella Rank: 602
px4.ads.linkedin.com — Cisco Umbrella Rank: 5087
4 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
3 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 356
1 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 387
3 KB
4 cloudfront.net
d395dw5zk780j2.cloudfront.net
17 KB
3 ml314.com
ml314.com — Cisco Umbrella Rank: 1357
13 KB
3 google.ca
www.google.ca — Cisco Umbrella Rank: 8810
adservice.google.ca — Cisco Umbrella Rank: 12901
1 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 542
1 KB
3 tinypass.com
sandbox.tinypass.com — Cisco Umbrella Rank: 148996
82 KB
3 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 37875
config.lrcontent.com — Cisco Umbrella Rank: 18192
48 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
imasdk.googleapis.com — Cisco Umbrella Rank: 407
311 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
76 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 529
950 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 523
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 585
734 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 357
887 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 653
959 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 692
849 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
701 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 444
1 KB
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 447
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
426 B
2 dotomi.com
districtm-match.dotomi.com — Cisco Umbrella Rank: 6427
684 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 497
541 B
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2482
475 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
115 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99
16 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2498
p1.parsely.com — Cisco Umbrella Rank: 1996
21 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
17 KB
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 2733
40 B
1 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 44469
4 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 691
656 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2029
658 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 374
522 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 2488
484 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 882
437 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3850
357 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 768
587 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 388
682 B
1 piano.io
c2-sandbox.piano.io — Cisco Umbrella Rank: 941464
2 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 615
744 B
1 t.co
t.co — Cisco Umbrella Rank: 456
336 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 468
458 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 539
6 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 830
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
109 KB
1 prcdn.co
i.prcdn.co — Cisco Umbrella Rank: 77207
25 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2571
43 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 4023
3 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 638
41 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 618
43 KB
363 77
Domain Requested by
44 c2shb.ssp.yahoo.com js-sec.indexww.com
28 gcp-cheet-4400-calgaryherald.gdev.postmedia.digital 1 redirects gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
18 cdn.jwplayer.com 14 redirects gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
cdn.jwplayer.com
ssl.p.jwpcdn.com
14 assets-jpcust.jwpsrv.com
14 cm.g.doubleclick.net 10 redirects us-u.openx.net
ap.lijit.com
eus.rubiconproject.com
13 dt.adsafeprotected.com
13 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
us-u.openx.net
u.openx.net
ap.lijit.com
match.sharethrough.com
cdn.districtm.io
ads.pubmatic.com
eus.rubiconproject.com
12 us-u.openx.net 3 redirects js-sec.indexww.com
us-u.openx.net
u.openx.net
12 beacon.krxd.net gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
cdn.krxd.net
12 dmx.districtm.io 1 redirects hb.districtm.io
cdn.districtm.io
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
11 secure.adnxs.com js-sec.indexww.com
11 btlr.sharethrough.com js-sec.indexww.com
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
8 ssl.p.jwpcdn.com cdn.jwplayer.com
8 securepubads.g.doubleclick.net gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
securepubads.g.doubleclick.net
www.googletagservices.com
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 smartcdn.gprod.postmedia.digital gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
srcdoc
6 sync-tm.everesttech.net 6 redirects
6 cdn.krxd.net fem.prod.postmedia.digital
cdn.krxd.net
6 sb.scorecardresearch.com 2 redirects fem.prod.postmedia.digital
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
5 pixel.rubiconproject.com eus.rubiconproject.com
5 usermatch.krxd.net 5 redirects
5 x.bidswitch.net 5 redirects
5 cdn.districtm.io 1 redirects hb.districtm.io
cdn.districtm.io
s.amazon-adsystem.com
5 pixel.adsafeprotected.com cdn.adsafeprotected.com
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
5 match.adsrvr.org 4 redirects js-sec.indexww.com
4 static.adsafeprotected.com pixel.adsafeprotected.com
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
4 token.rubiconproject.com 3 redirects eus.rubiconproject.com
4 ce.lijit.com ap.lijit.com
4 eb2.3lift.com 4 redirects
4 sync.mathtag.com 4 redirects
4 idsync.rlcdn.com 1 redirects gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
us-u.openx.net
ads.pubmatic.com
4 www.google.com 1 redirects gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 ap.lijit.com 2 redirects js-sec.indexww.com
s.amazon-adsystem.com
4 ib.adnxs.com 3 redirects js-sec.indexww.com
4 identity.mparticle.com jssdkcdns.mparticle.com
4 d395dw5zk780j2.cloudfront.net fem.prod.postmedia.digital
d395dw5zk780j2.cloudfront.net
4 c.amazon-adsystem.com gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
c.amazon-adsystem.com
3 www.gstatic.com cdn.jwplayer.com
www.gstatic.com
3 image2.pubmatic.com ads.pubmatic.com
3 simage2.pubmatic.com ads.pubmatic.com
3 ml314.com 1 redirects gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
ml314.com
3 pixel-sync.sitescout.com 3 redirects
3 ups.analytics.yahoo.com 2 redirects us-u.openx.net
3 px.ads.linkedin.com 3 redirects
3 sandbox.tinypass.com fem.prod.postmedia.digital
sandbox.tinypass.com
3 fonts.gstatic.com fonts.googleapis.com
2 videos-fms.jwpsrv.com ssl.p.jwpcdn.com
2 imasdk.googleapis.com cdn.jwplayer.com
imasdk.googleapis.com
2 www.googletagservices.com securepubads.g.doubleclick.net
2 gum.criteo.com 1 redirects static.criteo.net
2 c1.adform.net 1 redirects ads.pubmatic.com
2 b1sync.zemanta.com 2 redirects
2 creativecdn.com 2 redirects
2 pixel.tapad.com 1 redirects u.openx.net
2 rtb.openx.net 1 redirects u.openx.net
2 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
2 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
2 pr-bh.ybp.yahoo.com 1 redirects us-u.openx.net
2 ad.turn.com 2 redirects
2 pippio.com 2 redirects
2 id.rlcdn.com 1 redirects eus.rubiconproject.com
2 pixel.advertising.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 stags.bluekai.com 2 redirects
2 www.google.ca gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
2 www.facebook.com gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
2 bidder.criteo.com static.criteo.net
2 postmedia-d.openx.net 1 redirects gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
2 districtm-match.dotomi.com 2 redirects
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 p.adsymptotic.com 1 redirects gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
2 consumer.krxd.net cdn.krxd.net
2 api.sail-personalize.com ak.sail-horizon.com
2 connect.facebook.net gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
connect.facebook.net
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 config.lrcontent.com auth.lrcontent.com
1 jssdks.mparticle.com jssdkcdns.mparticle.com
1 s0.2mdn.net imasdk.googleapis.com
1 prd.jwpltx.com
1 simage4.pubmatic.com ads.pubmatic.com
1 entitlements.jwplayer.com cdn.jwplayer.com
1 mug.criteo.com
1 assets.ribn.com gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
1 bid.g.doubleclick.net www.googleadservices.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 um.simpli.fi 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 ssum.casalemedia.com 1 redirects
1 5d3f333cb2b24f898e5d5a8e3a599e19.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 aorta.clickagy.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 sync.ipredictive.com 1 redirects
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.ca securepubads.g.doubleclick.net
1 as-sec.casalemedia.com js-sec.indexww.com
1 u.openx.net s.amazon-adsystem.com
1 tags.rd.linksynergy.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 aa.agkn.com gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
1 c2-sandbox.piano.io sandbox.tinypass.com
1 htlb.casalemedia.com js-sec.indexww.com
1 p.rfihub.com 1 redirects
1 dmx.us-east-34.districtm.io gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
1 t.co gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
1 analytics.twitter.com static.ads-twitter.com
1 px4.ads.linkedin.com 1 redirects
1 www.linkedin.com 1 redirects
1 static.ads-twitter.com gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
1 snap.licdn.com www.googletagmanager.com
1 api.rlcdn.com js-sec.indexww.com
1 jssdkcdns.mparticle.com fem.prod.postmedia.digital
1 p1.parsely.com gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
1 www.googletagmanager.com fem.prod.postmedia.digital
1 cdn.parsely.com gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
1 i.prcdn.co gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
1 fem.prod.postmedia.digital gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
1 ak.sail-horizon.com gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
1 auth.lrcontent.com gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
1 www.npttech.com gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
1 fonts.googleapis.com gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
1 cdn.adsafeprotected.com gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
1 hb.districtm.io gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
1 static.criteo.net gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
1 js-sec.indexww.com gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
363 129
Subject Issuer Validity Valid
gcp-cheet-4400-driving.gdev.postmedia.digital
R3		 2022-02-13 -
2022-05-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.adsafeprotected.com
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
ak.sail-horizon.com
Amazon		 2022-01-06 -
2023-02-02		 a year crt.sh
fem.prod.postmedia.digital
Amazon		 2021-11-08 -
2022-12-06		 a year crt.sh
smartcdn.gprod.postmedia.digital
GTS CA 1D4		 2022-02-12 -
2022-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
jssdkcdns.mparticle.com
R3		 2021-12-27 -
2022-03-27		 3 months crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-30 -
2022-12-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2021-07-07 -
2022-08-08		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-22 -
2022-02-20		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA		 2021-08-19 -
2022-09-18		 a year crt.sh
api.sail-personalize.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2022-07-12		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-24 -
2022-03-23		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-24 -
2022-03-23		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.ml314.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.ribn.com
Amazon		 2021-09-20 -
2022-10-19		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
jwplayer.com
Amazon		 2021-12-29 -
2023-01-25		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-20 -
2022-05-22		 a year crt.sh
entitlements.jwplayer.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-06-30 -
2022-06-30		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
jssdks.mparticle.com
R3		 2021-12-27 -
2022-03-27		 3 months crt.sh

This page contains 33 frames:

Primary Page: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Frame ID: E48AB3F7BD60EE59889CEEE2B75C18D8
Requests: 229 HTTP requests in this frame

Frame: https://d395dw5zk780j2.cloudfront.net/v51.1/xd.html
Frame ID: ED037370328AB8DAA95CA8728AC54710
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 0C24393A502FCE0A161271BC4A53A852
Requests: 10 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 5143E67A8BEE73DDAB9ABB7AD4A3841D
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Frame ID: A040EBB141C9C5ABC6527A38A954AC6F
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Frame ID: D10DAFF16CA4726CE476A4AB46961ADD
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: F7CC3A1282CDE4FFA1DA5297B8276C38
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: E3C10E8A13DD7CAC486016AA7EF88AE7
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: D8287FB01104016103AA839E3EC042F8
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: C39D9ADEA55194FCCFC21C239D82A6E8
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: CC30BFD5E509373910DF2420EDB2EDA8
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=8667337647848647956&ex=districtm
Frame ID: 9C9B40AF150EB29EB5F8A004A4ACE204
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=8667337647848647956&ex=appnexus.com
Frame ID: 584D41BAF4227EC6B78B00E87C867349
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: AAB9675B7CE02BC122ABFD7A9995C7A9
Requests: 7 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Frame ID: 1D2D47F4336184BBFE2285C3EAB96C9C
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=381034751553238883548
Frame ID: 1FD0F49D2954E6F83E442CB6EFE1C519
Requests: 1 HTTP requests in this frame

Frame: https://5d3f333cb2b24f898e5d5a8e3a599e19.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F00FCCD2C38304424A7F0B695EF1272B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B50CEE0F9F832B737628912E36F3FA09
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=308143D1-FDEB-4FE7-9656-E9D50BF2F0F4
Frame ID: E981660F375F52774ADBF35656F9D8FF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YghfnAAFx_jleABB&gdpr=0&gdpr_consent=
Frame ID: 714E1D766866F32B67B9B7C7FDA83706
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=308143D1-FDEB-4FE7-9656-E9D50BF2F0F4&ex=pubmatic.com
Frame ID: E8CEDAB620DD5101F820607A812A5FF6
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Frame ID: F57AE748CCFDA3DF6BF8E81772765E8C
Requests: 2 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: D4D933EA546EA8695B39489F9074413F
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5117682877&chanId=48819301&placementId=5890466615&pubCreative=138379798005&pubOrder=2969284947&cb=1486579913&custom=index&custom2=1&adsafe_par&impId=c439035b-8c6c-11ec-8aeb-02813368eb05
Frame ID: C5791306F93EA1C1D62B06F1C3B8E79E
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOUZwTwQIgSgpi0QPz3PNOEc6MAPIMpwzZLfUOVilObyrd3KvbdHHOSKHLFpg91gY8TyU6Yc9aKRSB9fPAekba5OPaKZSqQTwuHR69qdDJyoMze0eazJT-rhvvd-gSsM2SQZTP6Ee-Jw_9Lm1Rq3iEKYGHlnf_AW0caSitLFWtqmRpUfw01vgsZo8OdSsXKWljlpUZuMQv_v1Z9ndldUQsspEVISN9iN98j-ccUrYnCvkQ7p6szVR4l_N2cwHB1Zqju7Q4LUEgUKYniM2RlMTz5rb2mtALyAnYSLZhGYYceREKL3owmM5XENs8M2GLcTsjAEevzgHJKrMXSHMNA4Oicix8lTOLJJ3IgzOb1qv0hxo4m8Qu&sai=AMfl-YR2BZ86anMG40PF0NPQQwVOlbIH15zvfdniMB_vlyfNETqF2lTix9B1ZNcgIf5LqaUmd8G_9L8M5jCcL4iqHld3p7xGKsjc7ycGwmsn0lhWHG2w8yJttITAqI9ueqDdlEV7fnnxHpaDudKXROjW&sig=Cg0ArKJSzEyaXQKgJFTCEAE&uach_m=[UACH]&adurl=
Frame ID: 8CFB2817D7F3EABAA3FBA61925C3EFF7
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 963E78F1A951588F56E309AC450AE800
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F0325C184CDC3B9BE01858CBB108F65
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5117682877&chanId=48819301&placementId=5888688156&pubCreative=138380233772&pubOrder=2969297994&cb=2092078788&custom=index&custom2=2&adsafe_par&impId=c439035c-8c6c-11ec-8aeb-02813368eb05
Frame ID: 30B0AFD1225B3AAF499E0D80DB493D98
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkNt_Dm4QZCJzVxFWgmVdX-vABpP3xjiN607dIk4p0eIUFovhf0b1WM2sv8QwA1RUywXB_YcT7E6KnyO0Ul5xsanu5ArMPPjfR8P7PewOuKkshkI4kwD77sZm7dhURyQaJ28aF64oqUI8uvLzPlauojxYVTVB4vxCNGxSPG6oN3ArSnRP__ySOTPozAs3p82a-u5rpwEpB-PBfLXfx6OUXDKRKCA7NPxNy018eQC5SFqYFnv4mRu5oVH9hNEFieVMgxvww54GUDPN82HdfIVvgmX9HZiQ6h-bias6y4QeAht4c5aTu_JWT_mmZA_SAcjw8okByk_meA_3q6QBfFw-NpTataoJ8INBILcGgXqvwg4R8KaE5&sai=AMfl-YQH6fRGAb2L-lT3CyIWuT4xy33ZFhNI9U5fBxE7tM0WBsQzXNQc8cZxs9SJanxuSZg-xaBdbUWImk1RITtXWSg2pxrHH-tbvgJ_CKBcfSK2-9T5IojhNWLjKOj0xZ8jXvY7RwjTGHUa5p99eNou&sig=Cg0ArKJSzJXQuhszy-Z9EAE&uach_m=[UACH]&adurl=
Frame ID: B8C571E717863A8B60F1476EE6C8B6CB
Requests: 6 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 238525FD93D3CDEC24988235BFC2ED84
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 85632BD0678DF0C7F0F0BDE7FBFB4DAA
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.498.1_en_ca.html
Frame ID: 88281225667D240614A14950EA6EE70E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A71D538ACD92FB64AE1FB55D7F77F918
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Calgary HeraldCalgary Herald

Page URL History Show full URLs

  1. http://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/ HTTP 308
    https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

363
Requests

79 %
HTTPS

32 %
IPv6

77
Domains

129
Subdomains

90
IPs

7
Countries

3508 kB
Transfer

9762 kB
Size

118
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/ HTTP 308
    https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1644715932034&ns_c=UTF-8&c8=Home%20%7C%20Calgary%20Herald&c7=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1644715932034&ns_c=UTF-8&c8=Home%20%7C%20Calgary%20Herald&c7=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&c9=
Request Chain 90
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1644715932243&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1644715932243&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1747836%26time%3D1644715932243%26url%3Dhttps%253A%252F%252Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1644715932243&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1644715932243&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true&e_ipv6=AQIwA6D4nGiO1AAAAX7wtXxSCHfboDAno7FHvyTvJJw-gVFBTc5INzx9yeaynx7SOGv1P_Pi HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=942fb72d-7d48-4ce2-940d-3eba49869608 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=942fb72d-7d48-4ce2-940d-3eba49869608&_expected_cookie=55b0ea5a07998d74563903e103a963f4
Request Chain 97
  • https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=252CjtrL7GtWyBpclSM2OA2MtU7&rurl=//dmx.us-east-34.districtm.io/s/10007/ HTTP 302
  • https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=2801dabaddde122e&is_secure=true&version=1&networkId=33921&nuid=252CjtrL7GtWyBpclSM2OA2MtU7&rurl=%2F%2Fdmx.us-east-34.districtm.io%2Fs%2F10007%2F HTTP 302
  • https://dmx.us-east-34.districtm.io/s/10007/AAAGdRmxtPtvvQNV9aZrAAAAAAA&expiration=1644802332&nuid=252CjtrL7GtWyBpclSM2OA2MtU7&is_secure=true
Request Chain 98
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=&verify=true HTTP 302
  • https://dmx.districtm.io/s/10057/y-Tj1j2FNE2uFG2ue59WKbYSHcD_wH3T9AL3rLCJk-~A
Request Chain 99
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=252CjtrL7GtWyBpclSM2OA2MtU7 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=252CjtrL7GtWyBpclSM2OA2MtU7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=districtm&bsw_param=9bbb9553-58e5-4e91-8ed3-266e47bf9716&google_hm=OWJiYjk1NTMtNThlNS00ZTkxLThlZDMtMjY2ZTQ3YmY5NzE2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENNTGj5J80ozBeaQH9sSND8&google_cver=1&ssp=districtm&bsw_param=9bbb9553-58e5-4e91-8ed3-266e47bf9716 HTTP 302
  • https://dmx.districtm.io/s/10009/9bbb9553-58e5-4e91-8ed3-266e47bf9716
Request Chain 100
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96 HTTP 302
  • https://dmx.districtm.io/s/10001/b043fb3a-bab3-4bf1-aef7-4979946273f2-62085f9c-4341
Request Chain 101
  • https://p.rfihub.com/cm?pub=36496&in=1 HTTP 302
  • https://dmx.districtm.io/s/10056/2810316551846094141
Request Chain 149
  • https://postmedia-d.openx.net/w/1.0/arj?auid=541008702%2C541008693%2C541008684%2C541008676%2C541008668%2C541008663%2C541008659%2C541008655%2C541008653%2C541008652%2C541008641&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90&ju=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._He3If7er&cache=1644715932382&ttduuid=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7 HTTP 302
  • https://postmedia-d.openx.net/w/1.0/arj?cc=1&auid=541008702%2C541008693%2C541008684%2C541008676%2C541008668%2C541008663%2C541008659%2C541008655%2C541008653%2C541008652%2C541008641&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90&ju=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._He3If7er&cache=1644715932382&ttduuid=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
Request Chain 176
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Request Chain 177
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580448699/?random=1459168097&cv=9&fst=1644715932251&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Calgary%20Herald&auid=219306875.1644715932&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=nF8IYobiEtiToPMPw7iW2As&sscte=1&crd=CNPgGw&eitems=ChEIgNKdkAYQ1eqK-q_tx47nARIdAKp78f5s3i1vI5Bv2bOf9odAAp5J6QDqDbDlGOw HTTP 302
  • https://www.google.com/pagead/1p-conversion/580448699/?random=1459168097&cv=9&fst=1644715932251&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Calgary%20Herald&auid=219306875.1644715932&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=nF8IYobiEtiToPMPw7iW2As&cid=CAQSKQCNIrLMRX_E5fi2lkhxth9B1GMBU5CLoOcGnk6r8IfDsMTo3PWoXnAv&eitems=ChEIgNKdkAYQ1eqK-q_tx47nARIdAKp78f7KmNS8CxNpaJ7IvGSPBiUGoBslKbTPzns&random=1079380286&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.ca/pagead/1p-conversion/580448699/?random=1459168097&cv=9&fst=1644715932251&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Calgary%20Herald&auid=219306875.1644715932&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=nF8IYobiEtiToPMPw7iW2As&cid=CAQSKQCNIrLMRX_E5fi2lkhxth9B1GMBU5CLoOcGnk6r8IfDsMTo3PWoXnAv&eitems=ChEIgNKdkAYQ1eqK-q_tx47nARIdAKp78f7KmNS8CxNpaJ7IvGSPBiUGoBslKbTPzns&random=1079380286&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 183
  • https://usermatch.krxd.net/um/v2?partner=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3FMMmFhaHk HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPxV7X5fp1H8TXJ_bRioitE&google_cver=1
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3FMMmFhaHk HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPxV7X5fp1H8TXJ_bRioitE&google_cver=1
Request Chain 186
  • https://stags.bluekai.com/site/26357?id=OqL2aahy&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOqL2aahy%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?_kuid=OqL2aahy&partner=bluekai&bk_uuid=$_BK_UUID
Request Chain 188
  • https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D&_test=YghfnAAFx_jleABB HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YghfnAAFx_jleABB&_test=YghfnAAFx_jleABB
Request Chain 189
  • https://usermatch.krxd.net/um/v2?partner=beeswax HTTP 302
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OqL2aahy HTTP 303
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OqL2aahy&_bee_ppp=1 HTTP 303
  • https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AABUrk7EEL8AAH6ryNqkLQ
Request Chain 190
  • https://usermatch.krxd.net/um/v2?partner=mediamath HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=OqL2aahy&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=a3736208-5f9d-4f00-ab67-230edaadc1c6
Request Chain 192
  • https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
  • https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OqL2aahy
Request Chain 193
  • https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YghfnIyezY.iUenVdrLf2AAA%26515
Request Chain 194
  • https://sync.srv.stackadapt.com/sync?nid=salesforce HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=Hp3XNg1nSYthDUBPPMR5EJU4mbs
Request Chain 195
  • https://usermatch.krxd.net/um/v2?partner=triplelift&gdpr=0&cmp_cs=&us_privacy=undefined HTTP 302
  • https://eb2.3lift.com/xuid?mid=3587&xuid=OqL2aahy&dongle=13b2&rdir=https://beacon.krxd.net/usermatch.gif?partner%3Dtriplelift%26partner_uid%3D$UID&gdpr=0&cmp_cs=&us_privacy=undefined HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=3587&xuid=OqL2aahy&dongle=13b2&gdpr=0&cmp_cs=&us_privacy=undefined&rdir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dtriplelift%26partner_uid%3D%24UID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=381034751553238883548
Request Chain 200
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=1754dccb-a1aa-04b0-0fbe-7e3a7c6e8c47 HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=1754dccb-a1aa-04b0-0fbe-7e3a7c6e8c47&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=1754dccb-a1aa-04b0-0fbe-7e3a7c6e8c47&apid=UPc4d85059-8c6c-11ec-9b2f-028471d182b5
Request Chain 201
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=6c562024-b487-0899-03e0-3fc3d25619f6 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=7910240af5ad161d734dc03dcb35316819322d5f5ac786acd35de1ba9c4e2387791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3OTEwMjQwYWY1YWQxNjFkNzM0ZGMwM2RjYjM1MzE2ODE5MzIyZDVmNWFjNzg2YWNkMzVkZTFiYTljNGUyMzg3NzkxNDI2YjU0MTdkY2UyMRAAGgwInL-hkAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3OTEwMjQwYWY1YWQxNjFkNzM0ZGMwM2RjYjM1MzE2ODE5MzIyZDVmNWFjNzg2YWNkMzVkZTFiYTljNGUyMzg3NzkxNDI2YjU0MTdkY2UyMRAAGgwInL-hkAYSBAgCEABCAEoA&google_gid=CAESEKpdFaH3xzFboUdWhhl8pYI&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=d29dc20e-a231-4221-a924-819d4be8a442
Request Chain 202
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8667337647848647956
Request Chain 204
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3103328912798622740&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 205
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YghfnAAFx_jleABB
Request Chain 207
  • https://match.adsrvr.org/track/cmf/openx?oxid=39905f42-79c0-3ef9-5c99-bf30ebcd782e&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7&ttd_puid=39905f42-79c0-3ef9-5c99-bf30ebcd782e
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOFw0tjS_X_YLEarrbllLtQ&google_cver=1
Request Chain 214
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8667337647848647956&ex=districtm
Request Chain 215
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8667337647848647956&ex=appnexus.com
Request Chain 216
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 217
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D HTTP 301
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Request Chain 218
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=381034751553238883548
Request Chain 224
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=5sbVftBGh9e67fOHONRClA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 225
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=261c6208-5f9d-4a00-a783-0999ba09fe09
Request Chain 226
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=c4f2b6e1-8c6c-11ec-a6ce-4582b9d74417
Request Chain 227
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=b043fb3a-bab3-4bf1-aef7-4979946273f2-62085f9c-4341&gdpr=0&gdpr_consent=
Request Chain 228
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=3fee2cbe-22c7-037e-1678-27e6d841b922 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=3fee2cbe-22c7-037e-1678-27e6d841b922
Request Chain 229
  • https://ml314.com/csync.ashx?fp=OqL2aahy&person_id=3625099911703822402&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3625099911703822402 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3625099911703822402
Request Chain 231
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTgyMGZkNTRjMjY3ZDZhYjExYTI1YTY4&gdpr=0
Request Chain 232
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=e63aAMuDi0C7XHwfQCjA&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Request Chain 233
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=fmx&bsw_custom_parameter=9bbb9553-58e5-4e91-8ed3-266e47bf9716&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=071806d2-0ede-41e6-8102-689aa59fae30&expires=1&user_group=5&ssp=fmx&bsw_param=9bbb9553-58e5-4e91-8ed3-266e47bf9716 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=9bbb9553-58e5-4e91-8ed3-266e47bf9716&gdpr=&gdpr_consent=
Request Chain 234
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=%{gdpr_consent}&us_privacy=&3pid=hSudhYZ_lNmeLJSNhXuAiosvzo6eLc7c0XhVn4Be
Request Chain 235
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=a820fd54c267d6ab11a25a68&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:a643638e815cf4bb0d313e32e48c12ab
Request Chain 240
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://b1sync.zemanta.com/usersync/sharethrough/ HTTP 302
  • https://stags.bluekai.com/site/23178?id=bzU-u8HTKP9_2o80dcB0&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTEYJTGRRGCNJUEZZW65LSMNSV65LTMVZF62LEHVRHUVJNOU4EQVCLKA4V6MTPHAYGIY2CGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTEYJTGRRGCNJUEZZW65LSMNSV65LTMVZF62LEHVRHUVJNOU4EQVCLKA4V6MTPHAYGIY2CGA HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=bzU-u8HTKP9_2o80dcB0
Request Chain 241
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=YghfnAAFx_jleABB
Request Chain 242
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__ HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YghfnIyezY.iUenVdrLf2AAA%26515
Request Chain 243
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7&gdpr=0&gdpr_consent=
Request Chain 250
  • https://dmx.districtm.io/s/v1/users/10002 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qVXlRMnAwY2t3M1IzUlhlVUp3WTJ4VFRUSlBRVEpOZEZVMyJ9.2SJ6yU0q3yfo6Dxs3S2IeunCIu9vsymnGP_10Y_nC6p3pgbTCwa5JlXr-cLI0SAwvKBlaB27BKydtCBTI1fuLw
Request Chain 251
  • https://c1.adform.net/serving/cookie/match?party=14&cid=308143D1-FDEB-4FE7-9656-E9D50BF2F0F4 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=308143D1-FDEB-4FE7-9656-E9D50BF2F0F4
Request Chain 252
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YghfnAAFx_jleABB&gdpr=0&gdpr_consent=
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MIFD0f3rT-eWVunVC_Lw9A%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 255
  • https://idsync.rlcdn.com/420486.gif?partner_uid=308143D1-FDEB-4FE7-9656-E9D50BF2F0F4 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6c562024-b487-0899-03e0-3fc3d25619f6
Request Chain 256
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=26a66208-5f9d-4a00-bb88-e3519b32765e
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzA4MTQzRDEtRkRFQi00RkU3LTk2NTYtRTlENTBCRjJGMEY0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENnJNMUOMnYAgKMcqumPXIM&google_cver=1
Request Chain 259
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:983B279EBD374698BAAD0301ECEDFA99
Request Chain 260
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3103328912798622740&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 261
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
Request Chain 262
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KZKLEG2U-28-EZK2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=KZKLEG2U-28-EZK2&ex=d-rubiconproject.com&status=ok
Request Chain 264
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2I1MjgzMDRhNTQ2YWZhZGYwYTIxYmQxZjc4Y2JlN2ZhNzI2YjZkOA
Request Chain 265
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/4BiV21FNKdRrwY-cyrkUtcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5135930305140114813
Request Chain 266
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YghfnAAFx_jleABB
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBSnQIrYhIFP8nsWanC2aIM&google_cver=1
Request Chain 268
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d9ae6208-5f9d-4100-b925-a96c5d425bad
Request Chain 269
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7&gdpr=0&gdpr_consent=&expires=30
Request Chain 270
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pLTEVHMlUtMjgtRVpLMg==
Request Chain 277
  • https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 278
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=postmedia.digital&sn=ChromeSyncframe&so=0&topUrl=gcp-cheet-4400-calgaryherald.gdev.postmedia.digital&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=aieFGHxCTmU1RnQrR3J0aCt1czg2UG4yL2pGa1VLVzJjdWN2ZzdRNU5jckFsaG1yNDF3YUVha3I5a0syVmlHWUVmdW1IZ0tKRDBWRlBxMnVGVUg3UUtMMjFVSG5UT2dUU2hERm5uSTBmT3FuNEg4MW9CV0pRNXJRM0lEa3pITnpxdFFVSGRTK2dJaFYvd3lwbFZabzlVdmNQTDMrV25ZZkNlUjZhR3dNVnZXbTFDZ2VCSytSOEsxbG91L2RsMk1Qa2xJQlJ2L2RlTnJya2J6OG1JRjVFSlJuVVlNN1VlWEpqRHlTUzNyc2VYcU1ra1FMM1RWQ2JzSUIxdDJrellQS0w4MWtiVUdpUkZUQk9GVUNpRkpYd1FTYlRLQT09fA&cppv=2
Request Chain 316
  • https://cdn.jwplayer.com/v2/media/9HBenCFU/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/ogbj77ch-320.jpg
Request Chain 317
  • https://cdn.jwplayer.com/v2/media/65NgqOCg/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/q2uzmqjl-320.jpg
Request Chain 318
  • https://cdn.jwplayer.com/v2/media/BI2tHKb0/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/oiuxre47-320.jpg
Request Chain 319
  • https://cdn.jwplayer.com/v2/media/xZFTJ7ec/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/z1dgbbnc-320.jpg
Request Chain 320
  • https://cdn.jwplayer.com/v2/media/BAMySPCR/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/l8ue8s6q-320.jpg
Request Chain 321
  • https://cdn.jwplayer.com/v2/media/Ddyzs6DN/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/2tk3f158-320.jpg
Request Chain 322
  • https://cdn.jwplayer.com/v2/media/PfeoLETe/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/cxdxarze-320.jpg
Request Chain 323
  • https://cdn.jwplayer.com/v2/media/lOvtxKJz/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/ris3tjjq-320.jpg
Request Chain 324
  • https://cdn.jwplayer.com/v2/media/43vMFhPX/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/ec2l27l8-320.jpg
Request Chain 325
  • https://cdn.jwplayer.com/v2/media/RGhS174f/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/i1kd25p8-320.jpg
Request Chain 337
  • https://cdn.jwplayer.com/tracks/1r4ztiXq.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/tracks/1r4ztiXq.vtt
Request Chain 339
  • https://cdn.jwplayer.com/strips/RGhS174f-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/RGhS174f-120.vtt
Request Chain 343
  • https://cdn.jwplayer.com/v2/media/RGhS174f/poster.jpg?width=640 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/i1kd25p8-640.jpg
Request Chain 359
  • https://cdn.jwplayer.com/v2/media/9HBenCFU/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/ogbj77ch-120.jpg

363 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Redirect Chain
  • http://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
  • https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
530 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
75c5d8da88542842de334a31c3a91e1364e27ee64f79a881547fa5f38a7593d3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding user-agent
expires
Sun, 13 Feb 2022 01:37:09 GMT
cache-control
max-age=300
x-frame-options
SAMEORIGIN
x-pmd-backend
cheetah-nginx
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

Date
Sun, 13 Feb 2022 01:31:44 GMT
Content-Type
text/html
Content-Length
164
Connection
keep-alive
Location
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
fdf952dfe3cb748b24a2d9ce13efc130f2dc5a8322c3f3d6b500aabe74cf22e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27128
x-xss-protection
0
server
sffe
etag
"1130 / 499 of 1000 / last-modified: 1644620882"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Feb 2022 01:32:11 GMT
184635-170809562095713.js
js-sec.indexww.com/ht/p/ 		162 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dd1c76236a0bc6523ca984caae25b44df3c0c2eba1323be913cb65dfbac5607f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 13 Feb 2022 01:32:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 13 Feb 2022 00:31:38 GMT
Server
Apache
ETag
"da165c-287ba-5d7db6c4b0cf6"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=132
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
43541
Expires
Sun, 13 Feb 2022 01:34:23 GMT
publishertag.js
static.criteo.net/js/ld/ 		127 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
1edc83f7137848a661dbf5a61dbe4bb3b42fc7d064004560ea0269b45747e7d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 09:04:37 GMT
server
nginx
etag
W/"61f7a625-1fc09"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 14 Feb 2022 01:32:11 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
238a7b88a5b7237a3fde744d5b7a0d8deafbe118e52453771e9e1872cac1b41f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
7lRhf2yzZvvyzk64LWrohHfAViIplBk1
content-encoding
gzip
etag
f1657332112584c2a291a2c0cf3f7f54
age
60
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1JQG16FQP7BD2B7033RM
date
Sun, 13 Feb 2022 01:31:27 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
TtLtHmPl09Yx-6IBF2AUAgrdtmtWQye9mg5U4MnisTaEMeOTdA3Smg==
all.postmedia.js
hb.districtm.io/prod/100549/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.districtm.io/prod/100549/all.postmedia.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
via
1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
2374
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 10 Dec 2020 10:37:54 GMT
server
cloudflare
etag
W/"5f2e83162e71fb84bb30df8f49e91eee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=43200
x-amz-cf-pop
EWR53-P1
cf-ray
6dca4d2a6f238c9c-EWR
x-amz-cf-id
bFT4I-il0g34Vmaug37LHdj2gLNzmqX_Ynexnpd0hhpO4_cj828KOg==
expires
Sun, 13 Feb 2022 13:32:11 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.205.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-205-104.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 04:52:39 GMT
Via
1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
Age
74372
ETag
"51636de3ce868a2172f9e6996c2934e0"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=604800
X-Amz-Cf-Pop
EWR50-C1
Accept-Ranges
bytes
Content-Length
22521
X-Amz-Cf-Id
FaaxUR-XOldyDiKFyX8XLzuQ276J6jFfeJK4V7zFkRQ66B5y-pbGxg==
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aa8c4f5924fd06cbaf5c65fac729f0c3207d1f70534b07fc0915948c41b29d6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Feb 2022 01:16:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 13 Feb 2022 01:32:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Feb 2022 01:32:11 GMT
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c0b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
258
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
JNMEQGQ9NJ9E6X1S
x-amz-id-2
fxImh/8M8kos4PfArLZQ66EMsMP9XUBIudAFPFkNaHH9tQrUf3+tzsmbOphXS4daZ7ig6eUbrKc=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lMISVJcoDcWxoP%2BoQqfRf56%2Bl6HWDpPlM6A3Y2xUFvNUJAp3oM%2Fbo01REPwdznkWU6gIKte5jAEww1EFVdDpvnw38r2AZzCpwmnPsAtO8VEUBNsgWJGwnY4QeQnWgq5auz6iv9oV%2F%2BfnpQ5jK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
6dca4d2ad8db713f-YUL
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		199 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
via
1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
age
256
cf-polished
origSize=1238069
x-cache
Miss from cloudfront
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 05:19:58 GMT
server
cloudflare
etag
W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age= 63072000; includeSubdomains; preload
content-type
application/javascript
cache-control
max-age=14400
x-amz-cf-pop
EWR52-C3
cf-ray
6dca4d2a4a827148-YUL
x-amz-cf-id
UKx_SLTr25mJR9OxZ3Jl1iZpjZMyCaPjbVBPFMpyn7yVrNt_E6CAIg==
cf-bgj
minify
spm.v1.min.js
ak.sail-horizon.com/spm/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-110.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:29:36 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 04:22:34 GMT
server
AmazonS3
age
156
etag
W/"b22b4f4738e8722be1636447be239da2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6840113c714f694919508fbd89b7f29c.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
ciszzo6Fz02xeL4j1JtkRUKKxfqiiVGI5AFDVag5P0vZEEuCaEuLLA==
fem.js
fem.prod.postmedia.digital/v51.1/ 		259 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.prod.postmedia.digital/v51.1/fem.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.205.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-205-38.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79c381d0b010da04e31a1da615ecb7b142984a8fa33f080485a2c109ce064f15

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
gzip
last-modified
Mon, 07 Feb 2022 18:52:49 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
etag
W/"4cc3e49974273ce5cad6c7cb78d3c130"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31536000
x-cache
Miss from cloudfront
x-amz-cf-id
EhtMob-1068Bq1wLSlDmZPCkdInNgv1DF75xFQSeA5DgiM1GG_tjXQ==
via
1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
restaurant.jpg
smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2022/02/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2022/02/restaurant.jpg?quality=90&strip=all&w=466&type=webp
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
2d345be423521964621772497c15458692a59e458d9845b1da7ebe7ed4f5e860

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
calgaryherald
date
Fri, 11 Feb 2022 21:41:25 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
100246
etag
"537bc22cd2d656fdb2b3ed13313159b413499272"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-4zpbt
alt-svc
clear
content-length
52076
wine.jpg
smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2022/02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2022/02/wine.jpg?quality=90&strip=all&w=150&type=webp
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
dc8579d4e27fd792edab20b43256da568b742afa8a59eee5be9508758a1ac366

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
calgaryherald
date
Sat, 12 Feb 2022 02:08:47 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
84204
etag
"9d4edc747c5cc366640c2df0107b4350cc19df1d"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-85q8c
alt-svc
clear
content-length
11922
0210-homeless-camp-9.jpg
smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2022/02/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2022/02/0210-homeless-camp-9.jpg?quality=90&strip=all&w=150&type=webp
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
fb4188bbe32adefafdd351dea0349b9b0a2f033aad8acf226300ff86b2961231

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
calgaryherald
date
Fri, 11 Feb 2022 23:06:58 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
95113
etag
"d95c6e64107408b8350077d4798500add5df6ba2"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-plgxw
alt-svc
clear
content-length
8392
MilkRiverBlockade053.jpg
smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2022/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2022/02/MilkRiverBlockade053.jpg?quality=90&strip=all&w=150&type=webp
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
1739c19317989204e8b73d670b481077d1d5f72888366752841e8738070e6940

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
calgaryherald
date
Sat, 12 Feb 2022 01:05:50 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
87981
etag
"e1f57b81539a2c11201fafdda8d775ff870bf0c5"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-4zpbt
alt-svc
clear
content-length
10886
homeless.5.jpg
smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2022/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2022/02/homeless.5.jpg?quality=90&strip=all&w=150&type=webp
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
64f099de5f67df6f927250c1a22ba37c7d1bbde773bbd326f1f58d03e2541185

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
calgaryherald
date
Fri, 11 Feb 2022 15:16:59 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
123312
etag
"fdf54bf085b18627f66dff76084034d93d83d34e"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-2cjmp
alt-svc
clear
content-length
11514
icon-soc-fb.svg
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/share-icons/ 		775 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/share-icons/icon-soc-fb.svg
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:56:12 GMT
etag
W/"61b9675c-307"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
icon-soc-tw.svg
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/share-icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/share-icons/icon-soc-tw.svg
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:56:12 GMT
etag
W/"61b9675c-6a2"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
icon-soc-yt.svg
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/share-icons/ 		744 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/share-icons/icon-soc-yt.svg
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:56:12 GMT
etag
W/"61b9675c-2e8"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
icon-soc-ig.svg
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/share-icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/share-icons/icon-soc-ig.svg
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:56:12 GMT
etag
W/"61b9675c-76a"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 16:23:56 GMT
x-content-type-options
nosniff
age
378495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 16:23:56 GMT
icon-generic-play.svg
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/common-icon/ 		1 KB
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/common-icon/icon-generic-play.svg?a7724c47fb74
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:56:12 GMT
etag
W/"61b9675c-443"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v24/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v24/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:35:46 GMT
x-content-type-options
nosniff
age
280585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:19:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:35:46 GMT
carousel-previous.svg
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/common-icon/ 		1 KB
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/common-icon/carousel-previous.svg?a7724c47fb74
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:56:12 GMT
etag
W/"61b9675c-4b4"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
carousel-next.svg
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/common-icon/ 		1 KB
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/common-icon/carousel-next.svg?a7724c47fb74
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:56:12 GMT
etag
W/"61b9675c-4b4"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 01:28:42 GMT
x-content-type-options
nosniff
age
173009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 01:28:42 GMT
img
i.prcdn.co/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.prcdn.co/img?cid=1032&page=1&width=200
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bbdd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3898ad7b14c6bd7e9f0e3f517aad0e377593067fd7a393972946dcbc8760359a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
cf-cache-status
HIT
age
796915
cf-polished
degrade=85, origSize=36974, status=webp_bigger
cf-bgj
imgq:85,h2pri
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24930
accept-ranges
bytes
last-modified
Mon, 17 Jan 2022 18:14:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, no-transform
wc
d6
cf-ray
6dca4d2b79194bc5-YUL
expires
Wed, 16 Feb 2022 18:14:34 GMT
postmedia-image-fallback.webp
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/postmedia-image-fallback.webp
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
last-modified
Wed, 15 Dec 2021 03:56:11 GMT
etag
"61b9675b-b76"
x-pmd-backend
cheetah-nginx
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/webp
cache-control
max-age=31104000, public
accept-ranges
bytes
content-length
2934
expires
Wed, 08 Feb 2023 01:32:11 GMT
newsletter-envelope.svg
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/newsletters/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/images/newsletters/logo/newsletter-envelope.svg
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
e592c023e395d520e95efed9c15d14c77d5c101e3ce6b5d71413384508b55d59
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:56:12 GMT
etag
W/"61b9675c-978"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
shared.c6ad62ab506f.js
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/shared.c6ad62ab506f.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
c6ad62ab506ff316366edddb167eec1ec2f6a3b89e00b351164010c1775f1992
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:56:16 GMT
etag
W/"61b96760-5e02"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
main.aebf0e0d15c0.js
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/main.aebf0e0d15c0.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
aebf0e0d15c0130fbe1375e3d5daff30441efea4c2545cc9f69cea6c13bab3a9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:56:16 GMT
etag
W/"61b96760-176b6"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
p.js
cdn.parsely.com/keys/sandbox.calgaryherald.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/sandbox.calgaryherald.com/p.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.58.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-58-39.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
f172d4d7a33ce2857870fee406ebff036c0ec54c578873ec75282344c60f8739

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sat, 12 Feb 2022 20:10:23 GMT
content-encoding
gzip
last-modified
Fri, 29 Oct 2021 19:33:10 GMT
server
nginx
age
19308
etag
W/"617c4c76-df4d"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34d27d5dec8d9c8d04bc61d1e0056be2.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
QWkjCz2XSL9uQUdX3FCodXE8WBn54DHPmhyPgsEK1AEq2O5-9XxyHw==
expires
Sun, 13 Feb 2022 20:10:23 GMT
9a7c27a08915980838a7.js
d395dw5zk780j2.cloudfront.net/v51.1/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d395dw5zk780j2.cloudfront.net/v51.1/chunks/9a7c27a08915980838a7.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v51.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:a400:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d04afc774d80c39a178f6b42d961777a3cec7be7dfe585618d75f02abc515a97

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 19:41:14 GMT
content-encoding
gzip
last-modified
Mon, 07 Feb 2022 18:52:50 GMT
server
AmazonS3
age
453058
etag
W/"3d25530a5100a84944d4cedefbec0c9e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 aaf8cf6e639b571d00317b950854b0bc.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
EqUpXXM1yZMY0clhpk7ZcktlTgO0aZFA_kJXeqY3F9Fr0CzeLdhVhw==
gtm.js
www.googletagmanager.com/ 		482 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v51.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d4abc56c5faf85f411fd516e547eae64ee13788939f050e957a2830d9fb95d01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110897
x-xss-protection
0
last-modified
Sun, 13 Feb 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 13 Feb 2022 01:32:11 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v51.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-94.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 21:49:22 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
13369
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
K5EQyaXI-NEfDzLJAeYTo2aZhdsDltMePgXUMuv13A2mHUkcqQ_YwQ==
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1644715931590&plid=94155712&idsite=sandbox.calgaryherald.com&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&sref=&sts=1644715931584&slts=0&title=Home+%7C+Calgary+Herald&date=Sun+Feb+13+2022+01%3A32%3A11+GMT%2B0000+(GMT)&action=pageview&pvid=60050579&u=pid%3D7ba8f8cc2e7af941ed57adf7cbd80a3d
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-161-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 13 Feb 2022 01:32:11 GMT
Cache-Control
no-cache
Last-Modified
Sunday, 13-Feb-2022 01:32:11 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xd.html
d395dw5zk780j2.cloudfront.net/v51.1/ Frame ED03 		167 B
508 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d395dw5zk780j2.cloudfront.net/v51.1/xd.html
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v51.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:a400:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1aefec411441da454a39e812f8300125bfd117abc33f50f98c124419314da704

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/

Response headers

content-type
text/html
content-length
167
date
Mon, 07 Feb 2022 19:41:14 GMT
last-modified
Mon, 07 Feb 2022 18:52:49 GMT
etag
"1cb7c3921583ebfd6049b00de4ee73de"
cache-control
max-age=31536000
accept-ranges
bytes
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 aaf8cf6e639b571d00317b950854b0bc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
QvNogA7o84q8YAWtHfk-ZmpdKiFrivCAHtt8ROqNDKBz01u9q1Z-WQ==
age
453058
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=682843b1-d3e0-460e-ab90-6556bc31470f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-requested-with
Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
allow
GET, OPTIONS
vary
Origin
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6dca4d2cf928ece2-YUL
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/ 		184 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v51.1/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f7914b4836b5815c4b3dcd79c44fa3390dedf00785d79f90dc7f6c6f38c947c5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
via
1.1 varnish, 1.1 varnish
age
32
x-origin-name
fastlyshield--shield_ssl_cache_iad_kjyo7100147_IAD
x-cache
MISS, HIT
x-cache-hits
0, 6
content-encoding
gzip
content-length
48496
x-served-by
cache-iad-kjyo7100147-IAD, cache-yul12825-YUL
server
Kestrel
x-timer
S1644715932.670223,VS0,VE0
vary
Accept, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 13 Feb 2022 02:31:39 GMT
uepopxd3e.js
cdn.krxd.net/controltag/ 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/uepopxd3e.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v51.1/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
73ee99db41772b6381178027e6084290d586e8453264496db61d7a2d8f7730c4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Sun, 13 Feb 2022 01:32:11 GMT
via
1.1 varnish, 1.1 varnish
age
479
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
5926
x-served-by
config-service-a001-ash-prod.krxd.net, cache-iad-kjyo7100036-IAD, cache-yul12829-YUL
x-response-time
0
x-do-esi
esi
x-timer
S1644715932.672175,VS0,VE1
etag
"18d255a45e37de963363afa7cf621365d487cdad"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 1
appInfo
config.lrcontent.com/ciam/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=682843b1-d3e0-460e-ab90-6556bc31470f
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9a52aae2bc58cbafd518752d6b8b23fb94c786874614924d0366bd61300cda

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
cache-control
max-age=86400
cf-ray
6dca4d2d396aece2-YUL
pubads_impl_2022020801.js
securepubads.g.doubleclick.net/gpt/ 		357 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 18:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
372332
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122244
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:34:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 08 Feb 2023 18:06:39 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		130 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
dd448d83b50042e0093021232dddd423aa3e3efb40daa4552c943d8286264887
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118
x-xss-protection
0
expires
Sun, 13 Feb 2022 01:32:11 GMT
identity
api.rlcdn.com/api/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ 		109 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184635
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
66dcc2162ae7d45cf8620faa053c95672e4848654641aac10688f3d8bb143854

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 15 Mar 2022 01:32:11 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-cache
Miss from cloudfront
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
EpgGXWVbXg7QwC_0KIhLpI8-UtYWNVQBSk1AI9KcpGpP0Qfiimub1A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-amz-cf-pop
EWR53-C3
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
via
1.1 f28d01ff99a9babe0b725f1873c60b2a.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
content-type
application/javascript
x-amz-cf-id
EahcUReHf1ydKB5TA_1zEGtOXLVG-2SY-m9g6h1VVcNV0P1OyZO9vg==
pub
pixel.adsafeprotected.com/services/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B5.5%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B5.5%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B5.5%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B5.5%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-native-8,ss:%5B5.5%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-10,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-native-9,ss:%5B5.5%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-11,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-12,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/calgaryherald.com/index,t:display%7D&slot=%7Bid:ad-13,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/calgaryherald.com/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=124673f6-54f2-9b17-4a5c-06519bfc1fd8&url=https%253A%252F%252Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.92.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-92-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a98a3200b66e9a2b82b2622e28ae07135dd6ebece2f55f0be814056b59e39092

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
x-server-name
app06.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
7b3b1c666ca0ec3aa30815.js
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/7b3b1c666ca0ec3aa30815.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/shared.c6ad62ab506f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
709932d262282e65073a8940fc09fc3fffbeb13682a8190bf8a1e96fc2c59888
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:55:33 GMT
etag
W/"61b96735-3211"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
1bd3027b055930c428798.js
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/1bd3027b055930c428798.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/shared.c6ad62ab506f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
3c59439b4ea6905545d0a5f41278422ee0d3bb3d370b4b8eaea35f306a9e1f63
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:55:33 GMT
etag
W/"61b96735-28b7"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
c21a9b55aee30072973019.js
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/c21a9b55aee30072973019.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/shared.c6ad62ab506f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
65bdb0f68bb734a9ee0412aeb1d9898bd4098339efd43b8356acf19b3d8c3ad5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:55:33 GMT
etag
W/"61b96735-1890"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
02f6fe35cf4ad2674cc916.js
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/02f6fe35cf4ad2674cc916.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/shared.c6ad62ab506f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
6902e79f7c8a801e6c1e25c65fd4dcf30034a12d12dad3286d2f0af4457c9b0c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:55:33 GMT
etag
W/"61b96735-1a84"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
d425b4b71b15e7eb53b310.js
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/d425b4b71b15e7eb53b310.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/shared.c6ad62ab506f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
adaf81788242f9c48cc12172354c5df3e22fdcbcd2c3979dd83b419bb59e3db7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:55:33 GMT
etag
W/"61b96735-2ab4"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
f3500b3ce093146933ed28.js
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/f3500b3ce093146933ed28.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/shared.c6ad62ab506f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
0878df8b9a030066f26276aab6a4e36e509b480ec37fdac609ec3037611267d4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:55:33 GMT
etag
W/"61b96735-25d9"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
732f5d85811fe762c9444.js
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/732f5d85811fe762c9444.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/shared.c6ad62ab506f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
c1613fae297f062becb2e3f0a24314be2a09ba5809d48bd1a2ea5eacb95e18ca
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:55:33 GMT
etag
W/"61b96735-1eaa"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
48cb48fffb4b21371c986.js
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/48cb48fffb4b21371c986.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/shared.c6ad62ab506f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
fe3cd3089faea77abfd92708efafcb5af900dead2bea4d8655a5b879cefc0f05
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:55:33 GMT
etag
W/"61b96735-4c4a"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
a58e8c4ae3847ac9536913.js
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/a58e8c4ae3847ac9536913.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/shared.c6ad62ab506f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
ec5048fe0002a0fd7fdc7141ffd02691784cd09dc8f1adee6783c86d8d5604cb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:55:33 GMT
etag
W/"61b96735-b2ee"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
a4432f52299a2814832e0.js
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/a4432f52299a2814832e0.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/shared.c6ad62ab506f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
35aca60187492b7d4a5dbbc7957660e9c1f61dd1deaa802abbc7697315797f44
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:55:33 GMT
etag
W/"61b96735-19d5"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
0b2413a94440f820750f2.js
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/0b2413a94440f820750f2.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/shared.c6ad62ab506f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
6812b21b80e6f704a793cb5706da0bb2a827835b3354670e0d2986d7e42f8c46
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:55:33 GMT
etag
W/"61b96735-3fb3"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
13b18d97a825ef7f2aa25.js
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/13b18d97a825ef7f2aa25.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/shared.c6ad62ab506f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
f89404f1a1e59763569737c5a67059172b3c734d82bf88fe7f2ad0ce8a247016
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:55:33 GMT
etag
W/"61b96735-38bc"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
93b381519ddb9e49a1f39.js
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/93b381519ddb9e49a1f39.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/shared.c6ad62ab506f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
082636cfdf27cee5a8f0ba9a0a0e866ef4512a6e4b6fe4f362cae2b7d96ce44d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:55:33 GMT
etag
W/"61b96735-32f4"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
c9865c081507bfef703d14.js
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/c9865c081507bfef703d14.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/CACHE/js/shared.c6ad62ab506f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
572f34b8f638197131f8c11bf194150fa8cd8f03dbafe03b37ff5c2946c7aa20
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 03:55:33 GMT
etag
W/"61b96735-24f2"
x-pmd-backend
cheetah-nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000, public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 08 Feb 2023 01:32:11 GMT
index.html
cdn.districtm.io/ids/ Frame 0C24 		116 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
content-type
text/html
cf-ray
6dca4d2e1d108c9c-EWR
age
75947
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
QbK3fgS_c_aOdKw8xrQkj75O_HyoPtLetT57wZ7paJarpOdKcbL0Kg==
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br
v1
dmx.districtm.io/b/ 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6dca4d2e1d148c9c-EWR
access-control-allow-headers
origin, content-type
v1
dmx.districtm.io/b/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6dca4d2e1d168c9c-EWR
access-control-allow-headers
origin, content-type
AngelaGrace11.jpg
smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2022/02/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2022/02/AngelaGrace11.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
d7cd773be9a32af8a37fdec61ee5c561e6b32fc6a2bdf6f4b8b58aa6d7cf0395

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
calgaryherald
date
Sat, 12 Feb 2022 00:08:42 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
91409
etag
"bb3929b3de8c21e3333c1d2337700176c768831a"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-2cjmp
alt-svc
clear
content-length
38670
MERYETA_ODINE.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/02/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2022/02/MERYETA_ODINE.jpg?quality=90&strip=all&w=344&type=webp
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.19.10 /
Resource Hash
304955473b9f7310638570b09a2758de65adaf11d285c61f8fb768b16220a240

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sat, 12 Feb 2022 03:34:35 GMT
via
1.1 google
server
nginx/1.19.10
cache-control
max-age=2592000,public
age
79056
etag
"c794d1fc351dab0d4d229d593215eba3eb56e02b"
vary
Accept
content-type
image/webp
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-64c799cd7-plgxw
alt-svc
clear
content-length
25688
b0a8d692e0f2d945bf56.js
d395dw5zk780j2.cloudfront.net/v51.1/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d395dw5zk780j2.cloudfront.net/v51.1/chunks/b0a8d692e0f2d945bf56.js
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v51.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:a400:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efe645e30b1c609185fa0cb178858f9097e6f4b3407f23feffe6b4087f697cc5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 19:41:14 GMT
content-encoding
gzip
last-modified
Mon, 07 Feb 2022 18:52:50 GMT
server
AmazonS3
age
453058
etag
W/"75db323e22a4eaef2177f44b4722c4c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 aaf8cf6e639b571d00317b950854b0bc.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
YY_9OcKh-ZjXWTLUBo_sp_zqM3N-FvJK4XfWwjt_aZzxJwuWuiSYzw==
xd.js
d395dw5zk780j2.cloudfront.net/v51.1/ Frame ED03 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d395dw5zk780j2.cloudfront.net/v51.1/xd.js
Requested by
Host: d395dw5zk780j2.cloudfront.net
URL: https://d395dw5zk780j2.cloudfront.net/v51.1/xd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:a400:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d984a247beba5abcd72a6b6dd131ae1767b6d0cc76ad1223b33e8e3d5a7e05c0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d395dw5zk780j2.cloudfront.net/v51.1/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 19:41:14 GMT
content-encoding
gzip
last-modified
Mon, 07 Feb 2022 18:52:49 GMT
server
AmazonS3
age
453058
etag
W/"269a198fcd379487531b391a8641fd8a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 aaf8cf6e639b571d00317b950854b0bc.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
JYPNg6F7Fm0vSYF5wu-rWwHErqZcokpDpFzpCQhPumXpxP6OnZO3dA==
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/uepopxd3e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
age
16809241
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
1116415
content-length
84509
x-served-by
cache-yul12829-YUL
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1644715932.884930,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-mp-key
Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Kestrel
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges
bytes
date
Sun, 13 Feb 2022 01:32:11 GMT
via
1.1 varnish
age
667
x-served-by
cache-yul12828-YUL
x-cache
HIT
x-cache-hits
512
x-timer
S1644715932.927376,VS0,VE0
strict-transport-security
max-age=900
identify
identity.mparticle.com/v1/ 		176 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
56420db88c7c268ea372d6bb6125ffd0cdf199bbb86353eb5921ce3b2448f7a8
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-a9588c0ddc27594cabd152e47ffe27ee
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1644715932.938578,VS0,VE27
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-yul12828-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=900
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
bid
c.amazon-adsystem.com/e/dtb/ 		194 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&pid=Vc45DAO4yqITp&cb=0&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-4%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-5%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-6%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-7%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-8%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-10%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-9%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-11%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-12%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-13%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
61a9435112cb68acc5f8da27798416ac4082a71a8ee5d392fb39c30185e4bc73
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
4HMY8S6XZNWJQDYNEEKP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
194
x-amz-cf-id
q-BfgEJEtr-4nq2bSi2gB7XX5ptFHPFDTPzrgIbcbwKTLGj5dUWaXg==
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14884
x-xss-protection
0
server
cafe
etag
16747055602125368176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 13 Feb 2022 01:32:12 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74ca New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 13 Feb 2022 01:32:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=45356
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
2boQdLJTwWPx9mc0qHH9mS0jxsUD+Sl5jXih8kC+W6TpPzNivh1NAKWHWcNGCSuzo9iCo1mQ7/ueq2R2sYqNRQ==
x-fb-trip-id
1512268381
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 13 Feb 2022 01:32:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
gzip
last-modified
Sat, 05 Feb 2022 00:34:56 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000048-IAD, cache-lga21930-LGA
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1644715932034&ns_c=UTF-8&c8=Home%20%7C%20Calgary%20Herald&c7=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1644715932034&ns_c=UTF-8&c8=Home%20%7C%20Calgary%20Herald&c7=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&c9=
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1644715932034&ns_c=UTF-8&c8=Home%20%7C%20Calgary%20Herald&c7=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&c9=
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
13.226.31.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-94.ewr53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
dPJy23ZW373y-zxCM3c8t72_CdnK9xCAeMM3y-wEMkfdbyCZZfuEWw==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1644715932034&ns_c=UTF-8&c8=Home%20%7C%20Calgary%20Herald&c7=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&c9=
content-length
214
x-amz-cf-id
bJGakbFOcWPHVred1g-gE2MLWVsf8U4eJIILDDvFPhYzqNVhTS9VHA==
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 0C24 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 fb134201578e9706e0dd8abdab0f2abf.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
152190
cf-polished
origSize=3302
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
JFK51-C1
cf-ray
6dca4d2f8f9a8c9c-EWR
x-amz-cf-id
eAFQyvDpP0PzfMELvLEVR-hml06ux82vdQ9KWW3mKynTylzMM2bdbw==
expires
Tue, 15 Feb 2022 01:32:12 GMT
load
sandbox.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.tinypass.com/xbuilder/experience/load?aid=YyhZe0iAsu
Requested by
Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v51.1/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89b5eef345a9eba7418951efc606d3d85966629f841b2dbd78964ab72449742e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
EXPIRED
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Coxy77ryxQw
pragma
wn
sandbox-vx-dash-10-13-74-8
last-modified
Fri, 11 Feb 2022 18:51:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=utf-8
server-time
0.007
cache-control
public, max-age=1800
cf-ray
6dca4d2fbbb67154-YUL
expires
Sun, 13 Feb 2022 02:02:12 GMT
/
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/api-root/media/videos/playlists/1feCWPBf/player/json/ 		9 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/api-root/media/videos/playlists/1feCWPBf/player/json/
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/f3500b3ce093146933ed28.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
30.11.95.34.bc.googleusercontent.com
Software
/
Resource Hash
fe26a45c6b9a75bc09d8f6824fc3ffaed7cc84a5ced4c86f4d5224194766574c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:14 GMT
content-encoding
gzip
vary
Accept-Encoding, Accept, Cookie, Origin
x-frame-options
SAMEORIGIN
x-pmd-backend
cheetah-nginx
allow
GET, HEAD, OPTIONS
content-type
application/json
cache-control
max-age=900
strict-transport-security
max-age=15724800; includeSubDomains
expires
Sun, 13 Feb 2022 01:47:14 GMT
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 5143 		805 B
850 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/

Response headers

last-modified
Tue, 21 Feb 2017 17:50:54 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
cache-control
public, max-age=315360000
expires
Fri, 19 Feb 2027 17:50:50 GMT
content-type
text/html
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding
gzip
accept-ranges
bytes
date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 varnish
age
21566451
x-served-by
cache-yul12829-YUL
x-cache
HIT
x-cache-hits
391205
x-timer
S1644715932.136900,VS0,VE0
vary
Accept-Encoding
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
525
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-mp-key
Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Kestrel
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges
bytes
date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 varnish
age
667
x-served-by
cache-yul12828-YUL
x-cache
HIT
x-cache-hits
513
x-timer
S1644715932.141373,VS0,VE0
strict-transport-security
max-age=900
identify
identity.mparticle.com/v1/ 		176 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
400932abd5aa5355a2119ba69c95c9c24099c2eda90a3cb259fbfe460646682e
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-a9588c0ddc27594cabd152e47ffe27ee
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1644715932.153202,VS0,VE38
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-yul12828-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=900
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
simple
api.sail-personalize.com/v1/personalize/ 		256 B
475 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
036fe93e0e1f2e76063faeee408a4ab4c2ca9c5ce0165b0fe623566f65c1a90d

Request headers

x-lib-version
v1.0.1
Accept-Language
en-CA,en;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
content-type
application/json
accept
application/json
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
x-referring-url
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
174
allowedmethods
GET,OPTIONS
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
content-type
text/plain
content-length
18
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow
HEAD,GET,OPTIONS
42fb57ac-2013-45a6-8dad-332d53e17c1b
consumer.krxd.net/consent/get/ 		239 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ddf9e8fa96d1bbbeaf292ca94fc082dde61e4a6be90c87f8b2609fd88edbd4d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 varnish
age
26
x-served-by
consumer-a001-ash-prod.krxd.net, cache-yul12827-YUL
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1644715932.240628,VS0,VE0
content-length
193
x-cache-hits
0, 3
buyers
dmx.districtm.io/s/v1/ Frame 0C24 		562 B
767 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a15ca8b74501f03f8b5ca2eaa01806ec3438932877b8d4188d14efbbfca879c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6dca4d3069228c9c-EWR
access-control-allow-headers
Origin, Content-Type
1685973801652415
connect.facebook.net/signals/config/ 		310 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
164d71d43aa83ecc33b89ef9ad237a7a9b2be7df718968d4516cd6a85ef7442c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
90180
x-xss-protection
0
pragma
public
x-fb-debug
fR70pOFdwTSFv3tnhGMhQi4ZnyGzKXYfEkuA3M5Wizo+LCCfA6duXB3iIMUVr8zgpCkG0HipFtudHdVy/UNBfw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 13 Feb 2022 01:32:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1644715932243&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1644715932243&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1747836%26time%3D1644715932243%26url%3Dhttps%253A%252F%252Fgcp-cheet-4400-calgary...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1644715932243&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1644715932243&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true&e_ipv6=AQIwA6D4n...
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=942fb72d-7d48-4ce2-940d-3eba49869608
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=942fb72d-7d48-4ce2-940d-3eba49869608&_expected_cookie=55b0ea5a07998d74563903e1...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=942fb72d-7d48-4ce2-940d-3eba49869608&_expected_cookie=55b0ea5a07998d74563903e103a963f4
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6dca4d35fc1f5497-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=942fb72d-7d48-4ce2-940d-3eba49869608&_expected_cookie=55b0ea5a07998d74563903e103a963f4
date
Sun, 13 Feb 2022 01:32:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6dca4d358b3d5497-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
adsct
analytics.twitter.com/i/ 		31 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o01de&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=1ae4dead-cb78-40f0-b4a6-24ff2f39c370&tw_document_href=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time
6
date
Sun, 13 Feb 2022 01:32:11 GMT
content-encoding
gzip
server
tsa_b
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
d02407f7a8847ef46a0b03cfea42ee74c402ad032073e85e38733efb2dbca58d
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o01de&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=1ae4dead-cb78-40f0-b4a6-24ff2f39c370&tw_document_href=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time
8
date
Sun, 13 Feb 2022 01:32:11 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
e0a6d15e979f9b4862962a5d03b3f4180ee3e367c4e01fe19d375c86dc6e5fd6
content-length
43
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/990309138/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990309138/?random=1644715932246&cv=9&fst=1644715932246&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Calgary%20Herald&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
202c3b3f9ba500a96bed86e4bf763c27f2d351ac8f8519e90d4314a17a34c65d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/580448699/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/580448699/?random=1644715932251&cv=9&fst=1644715932251&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Calgary%20Herald&auid=219306875.1644715932&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
d3155ad3b5d6f9f605a7d484eba468177fcef689e2bae324ad2591331f258caf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1234
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tinypass.min.js
sandbox.tinypass.com/api/ 		275 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.tinypass.com/api/tinypass.min.js
Requested by
Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/xbuilder/experience/load?aid=YyhZe0iAsu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9563a4ca1e0eb5138d94837e654ed9aed8379ff22cf8a358243071d69c44f740
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
32
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
sandbox-vx-dash-10-13-139-143
last-modified
Wed, 09 Feb 2022 13:08:06 GMT
server
cloudflare
etag
W/"281501-1644412086000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.000
cache-control
public, max-age=1200
cf-ray
6dca4d30eb687144-YUL
expires
Sun, 13 Feb 2022 01:52:12 GMT
uepopxd3e.js
cdn.krxd.net/controltag/ Frame 5143 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/uepopxd3e.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
73ee99db41772b6381178027e6084290d586e8453264496db61d7a2d8f7730c4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 varnish, 1.1 varnish
age
480
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
5926
x-served-by
config-service-a001-ash-prod.krxd.net, cache-iad-kjyo7100036-IAD, cache-yul12829-YUL
x-response-time
0
x-do-esi
esi
x-timer
S1644715932.269453,VS0,VE0
etag
"18d255a45e37de963363afa7cf621365d487cdad"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 2
AAAGdRmxtPtvvQNV9aZrAAAAAAA&expiration=1644802332&nuid=252CjtrL7GtWyBpclSM2OA2MtU7&is_secure=true
dmx.us-east-34.districtm.io/s/10007/ Frame 0C24
Redirect Chain
  • https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=252CjtrL7GtWyBpclSM2OA2MtU7&rurl=//dmx.us-east-34.districtm.io/s/10007/
  • https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=2801dabaddde122e&is_secure=true&version=1&networkId=33921&nuid=252CjtrL7GtWyBpclSM2OA2MtU7&rurl=%2F%2Fdmx.us-east-34.districtm.io%...
  • https://dmx.us-east-34.districtm.io/s/10007/AAAGdRmxtPtvvQNV9aZrAAAAAAA&expiration=1644802332&nuid=252CjtrL7GtWyBpclSM2OA2MtU7&is_secure=true
153 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.us-east-34.districtm.io/s/10007/AAAGdRmxtPtvvQNV9aZrAAAAAAA&expiration=1644802332&nuid=252CjtrL7GtWyBpclSM2OA2MtU7&is_secure=true
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
34.73.194.24 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
24.194.73.34.bc.googleusercontent.com
Software
/
Resource Hash
233532c9d1a858e4d10daa9954c01e720dc9f879e3952dd8fb0317a0b159c40a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
content-length
153
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
//dmx.us-east-34.districtm.io/s/10007/AAAGdRmxtPtvvQNV9aZrAAAAAAA&expiration=1644802332&nuid=252CjtrL7GtWyBpclSM2OA2MtU7&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
y-Tj1j2FNE2uFG2ue59WKbYSHcD_wH3T9AL3rLCJk-~A
dmx.districtm.io/s/10057/ Frame 0C24
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=&verify=true
  • https://dmx.districtm.io/s/10057/y-Tj1j2FNE2uFG2ue59WKbYSHcD_wH3T9AL3rLCJk-~A
100 B
153 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10057/y-Tj1j2FNE2uFG2ue59WKbYSHcD_wH3T9AL3rLCJk-~A
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
139ffd6a5b702f2545be8fe8aefc8f2369ab714396a0405a87b4700b894589f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Sun, 13 Feb 2022 01:32:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6dca4d32cd5d8c9c-EWR

Redirect headers

location
https://dmx.districtm.io/s/10057/y-Tj1j2FNE2uFG2ue59WKbYSHcD_wH3T9AL3rLCJk-~A
date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
9bbb9553-58e5-4e91-8ed3-266e47bf9716
dmx.districtm.io/s/10009/ Frame 0C24
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=252CjtrL7GtWyBpclSM2OA2MtU7
  • https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=252CjtrL7GtWyBpclSM2OA2MtU7
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=districtm&bsw_param=9bbb9553-58e5-4e91-8ed3-266e47bf9716&google_hm=OWJiYjk1NTMtNThlNS00ZTkxLThlZDMtMjY2ZTQ3YmY5NzE2
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENNTGj5J80ozBeaQH9sSND8&google_cver=1&ssp=districtm&bsw_param=9bbb9553-58e5-4e91-8ed3-266e47bf9716
  • https://dmx.districtm.io/s/10009/9bbb9553-58e5-4e91-8ed3-266e47bf9716
92 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10009/9bbb9553-58e5-4e91-8ed3-266e47bf9716
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b071b0fbc519207f843c08a571834e122605ae165027e0b7248105f9119df03a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Sun, 13 Feb 2022 01:32:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6dca4d34c9218c9c-EWR

Redirect headers

Location
//dmx.districtm.io/s/10009/9bbb9553-58e5-4e91-8ed3-266e47bf9716
Date
Sun, 13 Feb 2022 01:32:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
b043fb3a-bab3-4bf1-aef7-4979946273f2-62085f9c-4341
dmx.districtm.io/s/10001/ Frame 0C24
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96
  • https://dmx.districtm.io/s/10001/b043fb3a-bab3-4bf1-aef7-4979946273f2-62085f9c-4341
106 B
153 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10001/b043fb3a-bab3-4bf1-aef7-4979946273f2-62085f9c-4341
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0953e8587b4d3f456def7baa43541252831c2cf537d4a08283c4c053b21c53f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Sun, 13 Feb 2022 01:32:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6dca4d32cd5a8c9c-EWR

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dmx.districtm.io/s/10001/b043fb3a-bab3-4bf1-aef7-4979946273f2-62085f9c-4341
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
2810316551846094141
dmx.districtm.io/s/10056/ Frame 0C24
Redirect Chain
  • https://p.rfihub.com/cm?pub=36496&in=1
  • https://dmx.districtm.io/s/10056/2810316551846094141
75 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10056/2810316551846094141
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77e5b64cb7cda3eb0dd87c6ee90345415779173d5d7227c13a16bb2d4491d2d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Sun, 13 Feb 2022 01:32:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6dca4d31cb828c9c-EWR

Redirect headers

Location
https://dmx.districtm.io/s/10056/2810316551846094141
Date
Sun, 13 Feb 2022 01:32:12 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame 5143 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/uepopxd3e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
gzip
age
16809242
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
1116418
content-length
84509
x-served-by
cache-yul12829-YUL
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1644715932.284984,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
42fb57ac-2013-45a6-8dad-332d53e17c1b
consumer.krxd.net/consent/get/ Frame 5143 		224 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
31a1e7a237feb46f70d1e9bdc90d28841316553dca63a803b27818b4b8f52c40

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a001-ash-prod.krxd.net, cache-yul12827-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1644715932.348963,VS0,VE20
content-length
185
x-cache-hits
0, 0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9690030174749856249c7bb06a0010&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
d0795db6dfdb5ac582882bdadfcbd4d26775f3256f39323652224c3b8df6d3b8

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9690030174749856249c7bb44d0013&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
228cbdef38d722982f4daf04fae7d5b87bf1cb33101dac4561667a387272dae0

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9690030174749856249c7bb1e30011&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a29c393f7fd4077f869f22e38d5a7a514910048a34aedafc6da9f9e0a34f4150

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9690030174749856249c7bb3240012&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e77a37af607bf99b22fc2a2a70ffe899e8398cc30adbc6bbe256d580a76ebf47

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7baf58014f&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4455f15f5752282f54bc3d872b3f3554c529bc09d10f19d204ab4b359b725cc8

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bac21014c&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e0bdae819a90b96ef507c14440eacd2a79f88810933b3ebff6f9f068f2ae80b5

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bad31014d&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b6b95b5344868617d92c9f22345419e424be58a2f9718d0a474c40aab2337b50

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bae41014e&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
87ee34daf7197cb690ec820f174a093eb9d482bf50ba880272e2c0e41e153488

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bd7490169&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
c235b2af769e31bbe24d135da09be1fe42e819fa6c9d39a94d10eee1217c7228

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bd61b0168&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f31ce571e6335548c0ade22cba6116bbbac0f1b5c52acbb40a0ff81272482973

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9690030174749856249c7bda3b0018&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
5adf89a50bbb478ef9ccdf238d782776f692618deee2408242e9549660e197b4

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bd887016a&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
52103002cd1867b22217e972c182c11e2058eaaadbfd9987d6fffec58623a9df

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bd4e40167&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b781a31a98241d84c1a1b45704bbd44eaa60d6e0ad29834afc4108ac8ce46c82

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bd1500164&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
5b6843b1caa9e50c39a1c6030e1cc85d1820757bf6cfd864ca27508f78ba69cf

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bd2780165&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f52cfc740dc87fca205610844d811bf31b99c626e6b3a9ea4c9b6fb1fb6c8802

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bd3b00166&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
93b48cdf8e2b5cce2e5b0affc899ace31bd902bbd99dbe8fe71134e244aa1ceb

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bcca80160&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
8e025507b949d2aa1be12fbe98dc853b5aaf93a1481282caa43a06c1de0a500e

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bd02a0163&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
30f4fb5b57eb0c1fb612b559a2a74d1b3008aacbbf23b51d5c80a57cb866b99a

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bcefc0162&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4aa8ed608a24ccfb43e2a213a56187ef633d5ae12ac2a2204b19b7c164f8df05

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bcdd50161&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4d19d5104490d22e460777b332d14d1a6b99baae2074d3549e454d21e8890a16

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bca67015e&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6f592b184a12156f7118bb5c9b38bf823a853c9c174c9aa1ce1ff4bdd61324a8

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bcb86015f&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
508cd501db50aeacdc8a4102e20cbbaf51750ccc354a272eb6d90e709c437957

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bc944015d&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b432e30dea76142bb9ec7666c30b4aeaa6b4c7b229520a008d4315a3eb6453cc

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bc822015c&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7345d9f74e207ead5bd1005dcfabc879b1e54a7d0fd9aa47c68c8f831fa31293

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bc5e4015a&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ddb063149b04e2efad8d004fd6d654259c2a68dc1ad5cff8843855071823c3e9

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bc701015b&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b0dae257780ecf276635acf2db525bd91977e8a0aa57beb8ecf8a7bb042d3284

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bc45a0159&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
bee50f17c1310be96251c881d4c468a0a205ca2af32654ffd5124fc812048c5b

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bc2f60158&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
2c3f885b20bcf4a153f649924a0eab160b4de4b50e482b7c5a6a7526cb2bcc0d

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9690030174749856249c7bc1da0017&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
d9671f1630dc1f903b63a7606abf1db85a807ae0a74f48f7de689c5a412e84a6

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9690030174749856249c7bbf590015&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
9d37bc04a40a0929aa43543b15d0dec69009e2467cd73e7a96c5ddc944b640b4

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9690030174749856249c7bc09d0016&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
837d9f67c83db3287a1288dadffe3012fa0118b1102e45f44e6c7509857d2d8b

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bbe200157&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
cb82f584fa4d9c0113b292bdcb1047cf7f9ad2a206c409efa64a7f65410ff76f

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9690030174749856249c7bbbf40014&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
9f69215daa205adebc852fe0f89bde7de33265cc190b92d8479c3f40c97a1f40

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bb9b80154&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
5808d1d1d342bfc1cfc7e927f7c2ff819d8076c44f63d2c2e0ca555fe2ba3ca4

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bbac60155&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f36b3a464ac73ea3bff08cc52e17ccc362a66829ccc16789693986f03d2fadb5

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bbd0f0156&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6d23334aac401b9a57492b688886d294161ba860eae32ac5c132df50eb8ccea3

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bb8980153&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b2de98727761f0f98b36ab6ba001308661b26ead3e6edd6fd769aab312433f13

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bb6760151&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
1617bae3b8835c1ca77413d83ed92afdc83c772e5466d7158803e893c3468276

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bb5600150&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7a4ad8b06c7ab90c1ba9934a90b9fbded3114fd2fbaa1ba62d55b2c3b50ddc67

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bb78f0152&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
3df18ce8fddb0bf84d710891c1acfecb133ab2ce4699b077af8d51d7abbfb766

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7bab18014b&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e8143cf5b46074d704206a2c48488dc0ef7c29d6ee077720179753d0138f1c90

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7ba9070149&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
9e53ba5d1361d2e2c991d719e3bac1c66d49d857ca36b0ef232d8711aeba378f

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7baa06014a&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
079c0fd3df1f0a348f756e70b4051c4bd5059fa9dd2993a5fed2fc728532be48

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7026a300f0&pos=8a9694c0017474985ad89c7ba8000148&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0c9540a2fd3cead6b5f9ead2468ed7787bed0b21b62041b93288b00755461524

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
fdeb01a6056938c5b849db077ccf3a85778ff72b569df2bb3bacf823d8c8b890
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 13 Feb 2022 01:32:12 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 675.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2d2ad900-4b91-4ac8-838d-617f4d1f6d63
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
postmedia-d.openx.net/w/1.0/
Redirect Chain
  • https://postmedia-d.openx.net/w/1.0/arj?auid=541008702%2C541008693%2C541008684%2C541008676%2C541008668%2C541008663%2C541008659%2C541008655%2C541008653%2C541008652%2C541008641&aus=300x250%2C728x90%2...
  • https://postmedia-d.openx.net/w/1.0/arj?cc=1&auid=541008702%2C541008693%2C541008684%2C541008676%2C541008668%2C541008663%2C541008659%2C541008655%2C541008653%2C541008652%2C541008641&aus=300x250%2C728...
232 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/arj?cc=1&auid=541008702%2C541008693%2C541008684%2C541008676%2C541008668%2C541008663%2C541008659%2C541008655%2C541008653%2C541008652%2C541008641&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90&ju=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._He3If7er&cache=1644715932382&ttduuid=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
b5f4dca800344e19da7882dd1c4a1453bd36ef5cdfd63a1bc3cf9bac9cc2790f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 google
server
OXGW/17.1.0
location
https://postmedia-d.openx.net/w/1.0/arj?cc=1&auid=541008702%2C541008693%2C541008684%2C541008676%2C541008668%2C541008663%2C541008659%2C541008655%2C541008653%2C541008652%2C541008641&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90&ju=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._He3If7er&cache=1644715932382&ttduuid=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
bid
ap.lijit.com/rtb/ 		64 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?callback=window.headertag.SovrnHtb.adResponseCallback&br=%7B%22id%22%3A%22_SYBn1s1y%22%2C%22site%22%3A%7B%22domain%22%3A%22gcp-cheet-4400-calgaryherald.gdev.postmedia.digital%22%2C%22page%22%3A%22%2F%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22SBRwVyH1%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695529%22%7D%2C%7B%22id%22%3A%22OmlbOjxc%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695530%22%7D%2C%7B%22id%22%3A%22bSrJYMJl%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695531%22%7D%2C%7B%22id%22%3A%22N6KHS4hQ%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695532%22%7D%2C%7B%22id%22%3A%22ZpXA9DfY%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695525%22%7D%2C%7B%22id%22%3A%22u27kKLWZ%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695526%22%7D%2C%7B%22id%22%3A%22nB9dXMn8%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695527%22%7D%2C%7B%22id%22%3A%22Z8tk3y5M%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695528%22%7D%2C%7B%22id%22%3A%2221Vupgmv%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695521%22%7D%2C%7B%22id%22%3A%22aPQAkRHe%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695522%22%7D%2C%7B%22id%22%3A%22b1GZADIH%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695523%22%7D%2C%7B%22id%22%3A%22cbtXqbxL%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695524%22%7D%2C%7B%22id%22%3A%227ievbifX%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695517%22%7D%2C%7B%22id%22%3A%22rbDzpol0%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695518%22%7D%2C%7B%22id%22%3A%22Lhgw2V5a%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695519%22%7D%2C%7B%22id%22%3A%227tafDPig%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695520%22%7D%2C%7B%22id%22%3A%22lRRxKLtl%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695513%22%7D%2C%7B%22id%22%3A%22CnYLvCF8%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695514%22%7D%2C%7B%22id%22%3A%22G1i3mZB4%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695515%22%7D%2C%7B%22id%22%3A%22OaIHc7kq%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695516%22%7D%2C%7B%22id%22%3A%22NwJyt0Gr%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695509%22%7D%2C%7B%22id%22%3A%22Fg8ylVQZ%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695510%22%7D%2C%7B%22id%22%3A%22eO3jrwpT%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695511%22%7D%2C%7B%22id%22%3A%22IiYrewyQ%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695512%22%7D%2C%7B%22id%22%3A%22m4KGOuj9%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695504%22%7D%2C%7B%22id%22%3A%225QHziXaM%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695506%22%7D%2C%7B%22id%22%3A%22iUsumVeV%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695507%22%7D%2C%7B%22id%22%3A%22u12s6h7m%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695508%22%7D%2C%7B%22id%22%3A%22oYj1S7Hq%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695500%22%7D%2C%7B%22id%22%3A%22RnmSdHJz%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695501%22%7D%2C%7B%22id%22%3A%22Kxh9a6D0%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695502%22%7D%2C%7B%22id%22%3A%22SPv727Yl%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695503%22%7D%2C%7B%22id%22%3A%22CDcAdS0s%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695496%22%7D%2C%7B%22id%22%3A%220ErLVHm7%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695497%22%7D%2C%7B%22id%22%3A%22kqBywezZ%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695498%22%7D%2C%7B%22id%22%3A%22zxCyXRGH%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695499%22%7D%2C%7B%22id%22%3A%22l9WQai92%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695492%22%7D%2C%7B%22id%22%3A%22kSAgrQjz%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695493%22%7D%2C%7B%22id%22%3A%220FHb9oCD%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695494%22%7D%2C%7B%22id%22%3A%22Q1CMm4XC%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695495%22%7D%2C%7B%22id%22%3A%22PmfezAL8%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695488%22%7D%2C%7B%22id%22%3A%22pERpNj0X%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695489%22%7D%2C%7B%22id%22%3A%22RYBzBCUh%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22695490%22%7D%2C%7B%22id%22%3A%22lt9moj1z%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22695491%22%7D%5D%7D
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN12181 (INTERNAP-2BLK, US),
Reverse DNS
Software
/
Resource Hash
ad3c8644ae3fd8a5b259dbe17116c01e4b4c0133046e908df3db84822736babf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 13 Feb 2022 01:32:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
84
v1
btlr.sharethrough.com/t6oivhQt/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=phgozIpy43AGzn0NuGV1iGBZ&bidId=_g9zz61QF&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1644715932384&secure=true&ttduid=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.155.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-155-169.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Date
Sun, 13 Feb 2022 01:32:12 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=XGJZ9xoGNBN9psO7UpK1dyzS&bidId=_lA3naZYI&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1644715932385&secure=true&ttduid=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.155.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-155-169.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Date
Sun, 13 Feb 2022 01:32:12 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=UoEItdBnI5N12bzJwDc1Y7US&bidId=_DNIpbsz4&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1644715932385&secure=true&ttduid=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.155.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-155-169.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Date
Sun, 13 Feb 2022 01:32:12 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=a28g3kX7oAdpZaEP1D2OWOqA&bidId=_Xgzs9TCk&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1644715932386&secure=true&ttduid=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.155.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-155-169.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Date
Sun, 13 Feb 2022 01:32:12 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=Ax9Zt9IqvxgP3hBo1j09fiee&bidId=_a4hb1xol&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1644715932386&secure=true&ttduid=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.155.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-155-169.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Date
Sun, 13 Feb 2022 01:32:12 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=B0dsnIVgvMuXuj87dLl8tu6e&bidId=_R88FssLr&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1644715932387&secure=true&ttduid=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.155.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-155-169.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Date
Sun, 13 Feb 2022 01:32:12 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=f9JP91E6rm5HhGkV4g8mC95C&bidId=_l48L4HuX&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1644715932387&secure=true&ttduid=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.155.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-155-169.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Date
Sun, 13 Feb 2022 01:32:12 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=4OLDzznD3KZB14OmuqBUxd0n&bidId=_cFOOa8W6&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1644715932388&secure=true&ttduid=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.155.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-155-169.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Date
Sun, 13 Feb 2022 01:32:12 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=AYzFt2Q9WFwKbOLIPA0wbq0f&bidId=_C1j9J7Jt&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1644715932388&secure=true&ttduid=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.155.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-155-169.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Date
Sun, 13 Feb 2022 01:32:12 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=gugyxTlIGK4BMxZiywe74AWM&bidId=_B03fgHat&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1644715932388&secure=true&ttduid=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.155.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-155-169.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Date
Sun, 13 Feb 2022 01:32:12 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=y5QdSRPTzBAhKvEhqdH51DZi&bidId=_VUagdJ2K&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1644715932389&secure=true&ttduid=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.155.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-155-169.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Date
Sun, 13 Feb 2022 01:32:12 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
jpt
secure.adnxs.com/ 		0
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=18715565&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=cG5qt2OW&psa=0&promo_sizes=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.74 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
671.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 671.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
95849e7b-0f73-4941-9ac8-6a044ce6bedc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		100 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=18715562&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=026CDAnC&psa=0&promo_sizes=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.74 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
671.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1b28a03dbb722904ff0e6578ca0646e0a180a6b44ee11a3713dc872408141ef5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 671.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
96c1841d-f8cf-49dd-9845-8ae92bb046cd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
100
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		0
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=18715559&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=tZ1YJ32g&psa=0&promo_sizes=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.74 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
671.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 671.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
00d13d83-afbb-498f-b6a3-e019739ecfcf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		0
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=18715556&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=hg569mLz&psa=0&promo_sizes=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.74 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
671.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 671.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
33dd7d89-0843-4f58-9567-6c81ca282949
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		0
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=18715554&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=Y7s82ua9&psa=0&promo_sizes=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.74 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
671.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 671.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
d966039a-873b-49d4-9700-35de519cb705
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		0
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=18715551&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=wEO9M7Zn&psa=0&promo_sizes=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.74 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
671.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 671.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
eb5c3434-2fec-4f36-b775-195d23f5c16a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		100 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=18715547&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=tEFSALRT&psa=0&promo_sizes=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.74 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
671.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
37c499542971f376a6816bc413bbfe75df2c69bbf214214de8e401c88ee6e747
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 671.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
2dc8d5d6-77fb-4e66-aac9-95c1bfce99f2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
100
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		100 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=18715545&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=nnbt0zg4&psa=0&promo_sizes=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.74 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
671.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d88385cc9120cc60cd1cf073148ca59a2059682edcdbb89c9e8f9f083b8f6fb8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 671.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
28c374c8-fcc0-49ec-ae3d-55a4df6e1ddc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
100
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		100 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=18715542&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=u48slUWD&psa=0&promo_sizes=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.74 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
671.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
75751aa9218516264f3948aa1666e89d5529af5fbc2f4df5688fcd62d87937e8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 671.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
3c818978-7975-47bc-ba0a-c641f2061c56
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
100
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		100 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=18715539&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=ygvVXwjJ&psa=0&promo_sizes=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.74 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
671.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
01ba6d90bb6ec62ba72c280d300a8c270865c646f7ea1d27fd2fce2ce42fe887
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 671.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
164e2d70-fb16-44da-bf95-813120e4b585
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
100
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		100 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?id=18715537&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=EnrSZAUk&psa=0&promo_sizes=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.74 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
671.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
68217b5bb2fe20310beed32900d8539b4001001313d7322cc7c0cfba21036d8c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 671.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
ed95ad49-b2db-4dda-8e58-fc415b3233f9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
100
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=119&profileId=154&cb=55069708311
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cygnus
htlb.casalemedia.com/ 		78 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?v=7.2&s=191262&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2208500909%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2237%22%2C%22siteID%22%3A%22473822%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2238%22%2C%22siteID%22%3A%22473808%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2239%22%2C%22siteID%22%3A%22473819%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2233%22%2C%22siteID%22%3A%22473821%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2234%22%2C%22siteID%22%3A%22473802%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2235%22%2C%22siteID%22%3A%22473810%22%7D%7D%5D%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2229%22%2C%22siteID%22%3A%22473804%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2230%22%2C%22siteID%22%3A%22473814%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2231%22%2C%22siteID%22%3A%22473801%22%7D%7D%5D%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2225%22%2C%22siteID%22%3A%22473825%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2226%22%2C%22siteID%22%3A%22473817%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2227%22%2C%22siteID%22%3A%22473816%22%7D%7D%5D%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2221%22%2C%22siteID%22%3A%22473811%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2222%22%2C%22siteID%22%3A%22473812%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22473813%22%7D%7D%5D%7D%2C%22id%22%3A%225%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2217%22%2C%22siteID%22%3A%22473798%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2218%22%2C%22siteID%22%3A%22473797%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2219%22%2C%22siteID%22%3A%22473799%22%7D%7D%5D%7D%2C%22id%22%3A%226%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2213%22%2C%22siteID%22%3A%22473793%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2214%22%2C%22siteID%22%3A%22473794%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2215%22%2C%22siteID%22%3A%22473795%22%7D%7D%5D%7D%2C%22id%22%3A%227%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%229%22%2C%22siteID%22%3A%22473783%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2210%22%2C%22siteID%22%3A%22473781%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22siteID%22%3A%22473787%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2212%22%2C%22siteID%22%3A%22473792%22%7D%7D%5D%7D%2C%22id%22%3A%228%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%225%22%2C%22siteID%22%3A%22473791%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%226%22%2C%22siteID%22%3A%22473788%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%227%22%2C%22siteID%22%3A%22473786%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%228%22%2C%22siteID%22%3A%22473790%22%7D%7D%5D%7D%2C%22id%22%3A%229%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%221%22%2C%22siteID%22%3A%22473784%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22473789%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22473782%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%224%22%2C%22siteID%22%3A%22473785%22%7D%7D%5D%7D%2C%22id%22%3A%2210%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a15b02f9-b5e7-4723-a3f4-bf06f40f96f7%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-02-13T01%3A32%3A11%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22at%22%3A1%7D
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.210.18 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-210-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a038d3d5e53a985f5ebcb5445cc3b8e435bfe2ba468f627604fd7cbbbb8d1256

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
server
Apache
content-type
text/javascript
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
78
x-ak-client-geo
19
expires
Sun, 13 Feb 2022 01:32:12 GMT
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&rl=&if=false&ts=1644715932426&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22514537319740368%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22503487844400487%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221042784969583558%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22858678751523779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221127243281129742%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22497819211464386%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1644715932423.113371096&it=1644715932238&coo=false&rqm=GET
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sun, 13 Feb 2022 01:32:12 GMT
iu3
s.amazon-adsystem.com/ Frame A040
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
275 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5bfee1a430ede5828fcb00547e58f4121e6758b35517b4ee1b5387067a2e65e9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/

Response headers

Server
Server
Date
Sun, 13 Feb 2022 01:32:12 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
275
Connection
keep-alive
x-amz-rid
HV7VAXYKP1B6BVTNHK0R
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Sun, 13 Feb 2022 01:32:12 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
3479ERYYTAMDM2ZJ0D38
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
/
www.google.ca/pagead/1p-conversion/580448699/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580448699/?random=1459168097&cv=9&fst=1644715932251&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
  • https://www.google.com/pagead/1p-conversion/580448699/?random=1459168097&cv=9&fst=1644715932251&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
  • https://www.google.ca/pagead/1p-conversion/580448699/?random=1459168097&cv=9&fst=1644715932251&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-conversion/580448699/?random=1459168097&cv=9&fst=1644715932251&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Calgary%20Herald&auid=219306875.1644715932&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=nF8IYobiEtiToPMPw7iW2As&cid=CAQSKQCNIrLMRX_E5fi2lkhxth9B1GMBU5CLoOcGnk6r8IfDsMTo3PWoXnAv&eitems=ChEIgNKdkAYQ1eqK-q_tx47nARIdAKp78f7KmNS8CxNpaJ7IvGSPBiUGoBslKbTPzns&random=1079380286&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H3
Server
2607:f8b0:4006:824::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.ca/pagead/1p-conversion/580448699/?random=1459168097&cv=9&fst=1644715932251&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Calgary%20Herald&auid=219306875.1644715932&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=nF8IYobiEtiToPMPw7iW2As&cid=CAQSKQCNIrLMRX_E5fi2lkhxth9B1GMBU5CLoOcGnk6r8IfDsMTo3PWoXnAv&eitems=ChEIgNKdkAYQ1eqK-q_tx47nARIdAKp78f7KmNS8CxNpaJ7IvGSPBiUGoBslKbTPzns&random=1079380286&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get.js
sandbox.tinypass.com/api/v3/anon/captcha/ 		153 B
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=YyhZe0iAsu
Requested by
Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
523bacab835ec240eb30370e7bbf9c29d7d45e982d9abe07dea337341ca88464
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Coxy77rq1eO
pragma
wn
sandbox-vx-dash-10-13-10-141
last-modified
Sun, 13 Feb 2022 01:32:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.008
cache-control
public, max-age=1200
cf-ray
6dca4d328d8d7144-YUL
expires
Sun, 13 Feb 2022 01:52:12 GMT
execute
c2-sandbox.piano.io/xbuilder/experience/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2-sandbox.piano.io/xbuilder/experience/execute?aid=YyhZe0iAsu
Requested by
Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a862fca557bc4e7a452b113716faae4cee60e60579280d31ca1d9a972bec554
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
vn0ggs8cov
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
6dca4d32cd937142-YUL
/
www.google.com/pagead/1p-user-list/990309138/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/990309138/?random=1644715932246&cv=9&fst=1644714000000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Calgary%20Herald&async=1&fmt=3&is_vtc=1&random=791454247&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/990309138/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/990309138/?random=1644715932246&cv=9&fst=1644714000000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Calgary%20Herald&async=1&fmt=3&is_vtc=1&random=791454247&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
bidder.criteo.com/csm/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
usermatch.gif
beacon.krxd.net/ Frame 5143
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=google
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3FMMmFhaHk
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPxV7X5fp1H8TXJ_bRioitE&google_cver=1
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPxV7X5fp1H8TXJ_bRioitE&google_cver=1
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-155-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
cache-control
private, no-cache, no-store
x-request-time
D=18 t=1644715932
x-served-by
beacon-n019-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPxV7X5fp1H8TXJ_bRioitE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 5143
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3FMMmFhaHk
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPxV7X5fp1H8TXJ_bRioitE&google_cver=1
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPxV7X5fp1H8TXJ_bRioitE&google_cver=1
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-155-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1644715932
x-served-by
beacon-n025-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPxV7X5fp1H8TXJ_bRioitE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
379708.gif
idsync.rlcdn.com/ Frame 5143 		42 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=OqL2aahy
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 5143
Redirect Chain
  • https://stags.bluekai.com/site/26357?id=OqL2aahy&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOqL2aahy%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
  • https://beacon.krxd.net/usermatch.gif?_kuid=OqL2aahy&partner=bluekai&bk_uuid=$_BK_UUID
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?_kuid=OqL2aahy&partner=bluekai&bk_uuid=$_BK_UUID
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-155-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1644715932
x-served-by
beacon-n033-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?_kuid=OqL2aahy&partner=bluekai&bk_uuid=$_BK_UUID
Date
Sun, 13 Feb 2022 01:32:12 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
p
sb.scorecardresearch.com/ Frame 5143 		64 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OqL2aahy&rn=1644715933
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-94.ewr53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
0tkKRjifD9ajuyhoz8R49eX_QRrpoFou3Cw7UZcln7rJJL_CUcK0Ww==
usermatch.gif
beacon.krxd.net/ Frame 5143
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D&_test=YghfnA...
  • https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YghfnAAFx_jleABB&_test=YghfnAAFx_jleABB
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YghfnAAFx_jleABB&_test=YghfnAAFx_jleABB
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-155-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1644715932
x-served-by
beacon-n028-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644715933.741846,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YghfnAAFx_jleABB&_test=YghfnAAFx_jleABB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame 5143
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=beeswax
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OqL2aahy
  • https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=OqL2aahy&_bee_ppp=1
  • https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AABUrk7EEL8AAH6ryNqkLQ
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AABUrk7EEL8AAH6ryNqkLQ
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-155-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
cache-control
private, no-cache, no-store
x-request-time
D=20 t=1644715933
x-served-by
beacon-n024-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AABUrk7EEL8AAH6ryNqkLQ
Date
Sun, 13 Feb 2022 01:32:12 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
usermatch.gif
beacon.krxd.net/ Frame 5143
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=mediamath
  • https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=OqL2aahy&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D
  • https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=a3736208-5f9d-4f00-ab67-230edaadc1c6
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=a3736208-5f9d-4f00-ab67-230edaadc1c6
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-155-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1644715933
x-served-by
beacon-n003-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Sun, 13 Feb 2022 01:32:13 GMT
Server
MT3 4133 baa842e master nrt-pixel-x21 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=a3736208-5f9d-4f00-ab67-230edaadc1c6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 13 Feb 2022 01:32:12 GMT
tag.aspx
ml314.com/ Frame 5143 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?1312022
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.23.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-23-231.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
300b9ba11e041384aafe746b81adbac891f04890e6d71728d572df9073610076

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 13 Feb 2022 01:32:12 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=86400
transfer-encoding
chunked
Connection
keep-alive
g.js
aa.agkn.com/adscores/ Frame 5143
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=neustar
  • https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OqL2aahy
43 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OqL2aahy
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
HTTP/1.1
Server
156.154.202.36 , United States, ASN19907 (NEUSTAR-AS6, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
Server
AAWebServer
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Type
image/gif
Access-Control-Allow-Headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
Content-Length
43
Expires
0

Redirect headers

location
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OqL2aahy
date
Sun, 13 Feb 2022 01:32:12 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a003-ash-prod.krxd.net
usermatch.gif
beacon.krxd.net/ Frame 5143
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1
  • https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YghfnIyezY.iUenVdrLf2AAA%26515
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YghfnIyezY.iUenVdrLf2AAA%26515
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-155-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1644715933
x-served-by
beacon-n021-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YghfnIyezY.iUenVdrLf2AAA%26515
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
283
Expires
Sun, 13 Feb 2022 01:32:12 GMT
usermatch.gif
beacon.krxd.net/ Frame 5143
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=salesforce
  • https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=Hp3XNg1nSYthDUBPPMR5EJU4mbs
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=Hp3XNg1nSYthDUBPPMR5EJU4mbs
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-155-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
cache-control
private, no-cache, no-store
x-request-time
D=23 t=1644715932
x-served-by
beacon-n005-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=Hp3XNg1nSYthDUBPPMR5EJU4mbs
Date
Sun, 13 Feb 2022 01:32:12 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usermatch.gif
beacon.krxd.net/ Frame 5143
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=triplelift&gdpr=0&cmp_cs=&us_privacy=undefined
  • https://eb2.3lift.com/xuid?mid=3587&xuid=OqL2aahy&dongle=13b2&rdir=https://beacon.krxd.net/usermatch.gif?partner%3Dtriplelift%26partner_uid%3D$UID&gdpr=0&cmp_cs=&us_privacy=undefined
  • https://eb2.3lift.com/xuid?ld=1&mid=3587&xuid=OqL2aahy&dongle=13b2&gdpr=0&cmp_cs=&us_privacy=undefined&rdir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dtriplelift%26partner_uid%3D%24UID
  • https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=381034751553238883548
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=381034751553238883548
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-155-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1644715933
x-served-by
beacon-n009-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=381034751553238883548
date
Sun, 13 Feb 2022 01:32:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
us-u.openx.net/w/1.0/ Frame D10D 		1 KB
1012 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
820d3966ce2af70c2052f1bedfb389780514a9175de60de25015198a96e411e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 13 Feb 2022 01:32:12 GMT
content-type
text/html
content-length
672
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pr
s.amazon-adsystem.com/v3/ Frame F7CC 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
bed79e22634d48c6e53d084c7dc1ac8e7ed34377df61478f7020d89248124ea1
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t

Response headers

Server
Server
Date
Sun, 13 Feb 2022 01:32:12 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
2044
Connection
keep-alive
x-amz-rid
WG55KAMGTTXEBSQ1F1WN
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
users
dmx.districtm.io/s/v1/ Frame 0C24 		0
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6dca4d3458638c9c-EWR
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
cf-ray
6dca4d33fd3e1871-EWR
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
sync
ups.analytics.yahoo.com/ups/58294/ Frame D10D
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=1754dccb-a1aa-04b0-0fbe-7e3a7c6e8c47
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=1754dccb-a1aa-04b0-0fbe-7e3a7c6e8c47&verify=true
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=1754dccb-a1aa-04b0-0fbe-7e3a7c6e8c47&apid=UPc4d85059-8c6c-11ec-9b2f-028471d182b5
0
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=1754dccb-a1aa-04b0-0fbe-7e3a7c6e8c47&apid=UPc4d85059-8c6c-11ec-9b2f-028471d182b5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=1754dccb-a1aa-04b0-0fbe-7e3a7c6e8c47&apid=UPc4d85059-8c6c-11ec-9b2f-028471d182b5
date
Sun, 13 Feb 2022 01:32:12 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
458249.gif
idsync.rlcdn.com/ Frame D10D
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=6c562024-b487-0899-03e0-3fc3d25619f6
  • https://pippio.com/api/sync?pid=5324&it=1&iv=7910240af5ad161d734dc03dcb35316819322d5f5ac786acd35de1ba9c4e2387791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3OTEwMjQwYWY1YWQxNjFkNzM0ZGMwM2RjYjM1MzE2ODE5MzIyZDVmNWFjNzg2YWNkMzVkZTFiYTljNGUyMzg3NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3OTEwMjQwYWY1YWQxNjFkNzM0ZGMwM2RjYjM1MzE2ODE5MzIyZDVmNWFjNzg2YWNkMzVkZTFiYTljNGUyMzg3NzkxNDI2YjU0MTdkY2UyMRAAGgwInL-hkAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=d29dc20e-a231-4221-a924-819d4be8a442
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=d29dc20e-a231-4221-a924-819d4be8a442
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Feb 2022 01:32:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=d29dc20e-a231-4221-a924-819d4be8a442
date
Sun, 13 Feb 2022 01:32:13 GMT
via
1.1 google
x-samesite
secure
alt-svc
clear
content-length
111
content-type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame D10D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8667337647848647956
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8667337647848647956
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 675.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
d315d9aa-0162-4584-9794-6d6e61a78f2e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8667337647848647956
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame D10D 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=6146233f-656a-8503-9c97-3da783feb3ce
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9KG266TCDDJDJAMS6SRW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D10D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3103328912798622740&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3103328912798622740&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3103328912798622740&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 13 Feb 2022 01:32:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame D10D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YghfnAAFx_jleABB
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YghfnAAFx_jleABB
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644715933.753016,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YghfnAAFx_jleABB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ad573906-e96c-acb0-6d4e-a9c5149ab567
pr-bh.ybp.yahoo.com/sync/openx/ Frame D10D 		43 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/ad573906-e96c-acb0-6d4e-a9c5149ab567?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:c954:e19:2065:a03a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame D10D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=39905f42-79c0-3ef9-5c99-bf30ebcd782e&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7&ttd_puid=39905f42-79c0-3ef9-5c99-bf30ebcd782e
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7&ttd_puid=39905f42-79c0-3ef9-5c99-bf30ebcd782e
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7&ttd_puid=39905f42-79c0-3ef9-5c99-bf30ebcd782e
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
293
pixel
cm.g.doubleclick.net/ Frame D10D 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTVmZjhjODgtYjBiNy02MDVkLTQ5NzktZTU4OTIxMmZiNjRl
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D10D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOFw0tjS_X_YLEarrbllLtQ&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOFw0tjS_X_YLEarrbllLtQ&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOFw0tjS_X_YLEarrbllLtQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
match.sharethrough.com/jwumXNuB/v1/ Frame E3C1 		427 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.144.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-144-90.compute-1.amazonaws.com
Software
/
Resource Hash
c8b7c117f389b4a75dbc3e1c571cf01480ce1249080aed7897dd52e3310046f4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
content-length
427
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D828 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=87695
expires
Mon, 14 Feb 2022 01:53:47 GMT
date
Sun, 13 Feb 2022 01:32:12 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C39D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 13 Feb 2022 01:32:12 GMT
Connection
keep-alive
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame CC30 		676 B
742 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
58082f5dc7f4d5bb5267b04d538abe2a18fdde4b5636985ab3b1f8291196be66

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 13 Feb 2022 01:32:12 GMT
content-type
text/html
content-length
424
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame 9C9B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm
  • https://s.amazon-adsystem.com/ecm3?id=8667337647848647956&ex=districtm
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=8667337647848647956&ex=districtm
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Sun, 13 Feb 2022 01:32:12 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
SHC7WJZ2CF8PG1H0WNRS
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Sun, 13 Feb 2022 01:32:12 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=8667337647848647956&ex=districtm
AN-X-Request-Uuid
4f272d43-83e0-4e06-84b1-bdb4c03e1cd8
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 675.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
ecm3
s.amazon-adsystem.com/ Frame 584D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=8667337647848647956&ex=appnexus.com
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=8667337647848647956&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Sun, 13 Feb 2022 01:32:12 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
936CWF3QMWGGR0KR7YEZ
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Sun, 13 Feb 2022 01:32:12 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=8667337647848647956&ex=appnexus.com
AN-X-Request-Uuid
2fa62abd-680b-4bfe-8b80-23becacb8688
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 675.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
amazon
ap.lijit.com/beacon/ Frame AAB9
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN12181 (INTERNAP-2BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
10031e68a35eaa4e0131eb184927354ebd18ba52b979b919a9300d1cca3eb56b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
nginx
Date
Sun, 13 Feb 2022 01:32:12 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap7ewr1

Redirect headers

Server
nginx
Date
Sun, 13 Feb 2022 01:32:12 GMT
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap7ewr1
index.html
cdn.districtm.io/ids/ Frame 1D2D
Redirect Chain
  • https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
  • https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
116 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Sun, 13 Feb 2022 01:32:12 GMT
content-type
text/html
cf-ray
6dca4d3438458c9c-EWR
age
75948
last-modified
Thu, 20 May 2021 02:18:27 GMT
via
1.1 959ac13ef19fa38a0d3684985f996ffc.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id
pUzTOJ65TlCjew0RSnu1dIN_MIZ-bOsTg1hk7ZO8hWnTVFuTyEdsPA==
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
vary
Accept-Encoding
server
cloudflare
content-encoding
br

Redirect headers

date
Sun, 13 Feb 2022 01:32:12 GMT
location
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
cf-ray
6dca4d33ff788c9c-EWR
cache-control
max-age=3600
expires
Sun, 13 Feb 2022 02:32:12 GMT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
ecm3
s.amazon-adsystem.com/ Frame 1FD0
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=381034751553238883548
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=381034751553238883548
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Sun, 13 Feb 2022 01:32:12 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
HHS3AYXVNKS3P2NB7BFV
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Sun, 13 Feb 2022 01:32:12 GMT
content-length
0
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=381034751553238883548
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
utsync.ashx
ml314.com/ Frame 5143 		270 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=748&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fcdn.krxd.net%2Fpartnerjs%2Fxdi%2Fproxy.3d2100fd7107262ecb55ce6847f01fa5.html%23!kxcid%3Duepopxd3e%26kxt%3Dhttps%253A%252F%252Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%26kxcl%3Dcdn%26kxp%3D&pv=1644715932792_aktkj71gb&bl=en-us&cb=6888589&return=https%3A%2F%2Fml314.com%2Fcsync.ashx%3Ffp%3DOqL2aahy%26person_id%3D%5BPersonID%5D%26eid%3D748%26return%3Dhttps%253A%252F%252Fbeacon.krxd.net%252Fusermatch.gif%253Fpartner%253Dmadisonlogic%2526partner_uid%253D%5BPersonID%5D&ht=&d=&dc=&si=1644715932792_aktkj71gb&cid=&s=1600x1200&rp=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?1312022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.23.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-23-231.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7195725b023fffcce2eece2c346f203036bbe5c7f43316093daee1e9ff74b3dc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:11 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
333
Expires
0
headerstats
as-sec.casalemedia.com/ 		0
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=191262&u=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-170809562095713.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:13 GMT
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.187], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
X-CS-CLIENT-GEO
19
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
19
Expires
Sun, 13 Feb 2022 01:32:13 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Feb 2022 01:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame CC30 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=6146233f-656a-8503-9c97-3da783feb3ce
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
K8RPKSFA08K6KN4BMWFP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame CC30
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=5sbVftBGh9e67fOHONRClA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
c4s90anb9pgu3ivl3uihh0r9dli2cens

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame CC30
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=261c6208-5f9d-4a00-a783-0999ba09fe09
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=261c6208-5f9d-4a00-a783-0999ba09fe09
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 13 Feb 2022 01:32:13 GMT
Server
MT3 4133 baa842e master nrt-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=261c6208-5f9d-4a00-a783-0999ba09fe09
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 13 Feb 2022 01:32:12 GMT
sd
us-u.openx.net/w/1.0/ Frame CC30
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=c4f2b6e1-8c6c-11ec-a6ce-4582b9d74417
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=c4f2b6e1-8c6c-11ec-a6ce-4582b9d74417
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=c4f2b6e1-8c6c-11ec-a6ce-4582b9d74417
Date
Sun, 13 Feb 2022 01:32:12 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
c4f2b6e2-8c6c-11ec-a6ce-4582b9d74417
sd
us-u.openx.net/w/1.0/ Frame CC30
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=b043fb3a-bab3-4bf1-aef7-4979946273f2-62085f9c-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=b043fb3a-bab3-4bf1-aef7-4979946273f2-62085f9c-4341&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=b043fb3a-bab3-4bf1-aef7-4979946273f2-62085f9c-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame CC30
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=3fee2cbe-22c7-037e-1678-27e6d841b922
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=3fee2cbe-22c7-037e-1678-27e6d841b922
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=3fee2cbe-22c7-037e-1678-27e6d841b922
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=3fee2cbe-22c7-037e-1678-27e6d841b922
date
Sun, 13 Feb 2022 01:32:12 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
usermatch.gif
beacon.krxd.net/ Frame 5143
Redirect Chain
  • https://ml314.com/csync.ashx?fp=OqL2aahy&person_id=3625099911703822402&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3625099911703822402
  • https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3625099911703822402
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3625099911703822402
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Server
52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-155-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1644715933
x-served-by
beacon-n023-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Sun, 13 Feb 2022 01:32:12 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Location
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3625099911703822402
Cache-Control
private
Connection
keep-alive
Content-Length
211
Expires
Sun, 13 Feb 2022 20:32:12 GMT
ecm3
s.amazon-adsystem.com/ Frame AAB9 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=a820fd54c267d6ab11a25a68&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VTPAPW0YZ9FEAWZDCR78
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AAB9
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTgyMGZkNTRjMjY3ZDZhYjExYTI1YTY4&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTgyMGZkNTRjMjY3ZDZhYjExYTI1YTY4&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 13 Feb 2022 01:32:12 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTgyMGZkNTRjMjY3ZDZhYjExYTI1YTY4&gdpr=0
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
merge
ce.lijit.com/ Frame AAB9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=e63aAMuDi0C7XHwfQCjA&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=e63aAMuDi0C7XHwfQCjA&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:13 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=e63aAMuDi0C7XHwfQCjA&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT, Sun, 13 Feb 2022 01:32:13 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame AAB9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=fmx&bsw_custom_parameter=9bbb9553-58e5-4e91-8ed3-266e47bf9716&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=071806d2-0ede-41e6-8102-689aa59fae30&expires=1&user_group=5&ssp=fmx&bsw_param=9bbb9553-58e5-4e91-8ed3-266e47bf9716
  • https://ce.lijit.com/merge?pid=26&3pid=9bbb9553-58e5-4e91-8ed3-266e47bf9716&gdpr=&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=9bbb9553-58e5-4e91-8ed3-266e47bf9716&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:13 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=9bbb9553-58e5-4e91-8ed3-266e47bf9716&gdpr=&gdpr_consent=
Date
Sun, 13 Feb 2022 01:32:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame AAB9
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=%{gdpr_consent}&us_privacy=&3pid=hSudhYZ_lNmeLJSNhXuAiosvzo6eLc7c0XhVn4Be
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=%{gdpr_consent}&us_privacy=&3pid=hSudhYZ_lNmeLJSNhXuAiosvzo6eLc7c0XhVn4Be
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=%{gdpr_consent}&us_privacy=&3pid=hSudhYZ_lNmeLJSNhXuAiosvzo6eLc7c0XhVn4Be
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame AAB9
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=a820fd54c267d6ab11a25a68&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:a643638e815cf4bb0d313e32e48c12ab
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:a643638e815cf4bb0d313e32e48c12ab
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.74 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:13 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 13 Feb 2022 01:32:13 GMT
server
Aorta/20220128.132aca1
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=c:a643638e815cf4bb0d313e32e48c12ab
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-18-147.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
ads
securepubads.g.doubleclick.net/gampad/ 		768 KB
72 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1094699920395747&correlator=3183689579937883&output=ldjh&output=ldjh&gdfp_req=1&vrg=2022020801&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220213&iu_parts=3081%2Ccalgaryherald.com%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&ppid=00000000ppidn4259252538988998224&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc439035b-8c6c-11ec-8aeb-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc439035c-8c6c-11ec-8aeb-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc439035d-8c6c-11ec-8aeb-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc439035e-8c6c-11ec-8aeb-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc439035f-8c6c-11ec-8aeb-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%7Cloc%3D4%26amznbid%3D2%26amznp%3D2%26id%3Dc4390360-8c6c-11ec-8aeb-02813368eb05%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc4390361-8c6c-11ec-8aeb-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D5%26amznbid%3D2%26amznp%3D2%26id%3Dc4390362-8c6c-11ec-8aeb-02813368eb05%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc4390363-8c6c-11ec-8aeb-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D6%26amznbid%3D2%26amznp%3D2%26id%3Dc4390364-8c6c-11ec-8aeb-02813368eb05%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc4390365-8c6c-11ec-8aeb-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D7%26amznbid%3D2%26amznp%3D2%26id%3Dc4390366-8c6c-11ec-8aeb-02813368eb05%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc4390367-8c6c-11ec-8aeb-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D8%26amznbid%3D2%26amznp%3D2%26id%3Dc4390368-8c6c-11ec-8aeb-02813368eb05%7Cloc%3D10%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc4390369-8c6c-11ec-8aeb-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D9%26amznbid%3D2%26amznp%3D2%26id%3Dc439036a-8c6c-11ec-8aeb-02813368eb05%7Cloc%3D11%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc439036b-8c6c-11ec-8aeb-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D12%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc439036c-8c6c-11ec-8aeb-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D13%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dc439036d-8c6c-11ec-8aeb-02813368eb05%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70&eri=1&cust_params=no_pol%3Dtrue%26page%3Dindex%26pr%3Dch%26sensitive%3Dn%26negative%3Dn%26ck%3Dindex%26imp%3Dindex%26kuid%3D%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_UNSCORED_PG&cookie_enabled=1&bc=31&abxe=1&dt=1644715932946&lmt=1644715932&dlt=1644715931185&idt=727&frm=20&biw=1600&bih=1200&oid=2&adxs=200%2C797%2C797%2C200%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C200%2C200&adys=277%2C1362%2C2357%2C3787%2C4128%2C4701%2C4469%2C5028%2C4810%2C5351%2C5151%2C5692%2C5492%2C6051%2C5833%2C6388%2C6174%2C6515%2C6856&adks=3199675837%2C1402885347%2C220084952%2C3199675824%2C3199675825%2C2635138225%2C3199675830%2C2635138224%2C3199675831%2C2635138227%2C3199675828%2C2635138226%2C3199675829%2C2635138229%2C2015669890%2C2635138228%2C2015670013%2C2015670012%2C2015670015&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&vis=1&scr_x=0&scr_y=0&psz=1600x250%7C1600x250%7C1600x250%7C1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C1600x250%7C1600x250&msz=1600x250%7C1600x250%7C1600x250%7C1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C1600x250%7C1600x250&ga_vid=2095629809.1644715933&ga_sid=1644715933&ga_hid=1721184073&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C1600%2C1600&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
c381d1f2080db4d36c34a08b6f4fc19b1c180127e9df8776e04d3e55e687f717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73347
x-xss-protection
0
google-lineitem-id
5890466615,5888688156,-1,-1,-1,5819687022,-1,5865062061,5681750329,5906773187,5845703252,5900230719,-1,5900230719,-1,5885818547,-1,5845708031,5887549810
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138379798005,138380233772,-1,-1,-1,138381041260,-1,138379685240,138348154321,138380153470,138373129848,138379291044,-1,138379268081,-1,138381132508,-1,138373530955,138378392442
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5d3f333cb2b24f898e5d5a8e3a599e19.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F00F 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5d3f333cb2b24f898e5d5a8e3a599e19.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Feb 2022 01:32:13 GMT
expires
Mon, 13 Feb 2023 01:32:13 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usync.js
eus.rubiconproject.com/ Frame C39D 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.109.237 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-109-237.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
704b665a1627ab64c9f33ea57726b09b16fe21efd7c2501db85bd932ff4b4a55

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sun, 13 Feb 2022 01:32:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54766
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Sun, 13 Feb 2022 16:44:59 GMT
ecm3
s.amazon-adsystem.com/ Frame E3C1 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=2973c7ab-8b7d-48a3-999a-2acbfcf8b152
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:13 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6N9Y1D95WVKVK32H0TGJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame E3C1
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://b1sync.zemanta.com/usersync/sharethrough/
  • https://stags.bluekai.com/site/23178?id=bzU-u8HTKP9_2o80dcB0&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTE...
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=bzU-u8HTKP9_2o80dcB0
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=bzU-u8HTKP9_2o80dcB0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.199.144.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-144-90.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:13 GMT
P3p
CP="We do not support P3P header."
Location
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=bzU-u8HTKP9_2o80dcB0
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
136
Expires
Thu, 01 Dec 1994 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame E3C1
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A
  • https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=YghfnAAFx_jleABB
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=YghfnAAFx_jleABB
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.199.144.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-144-90.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644715933.085365,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=YghfnAAFx_jleABB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
match.sharethrough.com/sync/ Frame E3C1
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YghfnIyezY.iUenVdrLf2AAA%26515
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YghfnIyezY.iUenVdrLf2AAA%26515
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.199.144.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-144-90.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YghfnIyezY.iUenVdrLf2AAA%26515
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
307
Expires
Sun, 13 Feb 2022 01:32:13 GMT
v1
match.sharethrough.com/sync/ Frame E3C1
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7&gdpr=0&gdpr_consent=
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.199.144.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-144-90.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 1D2D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
via
1.1 fb134201578e9706e0dd8abdab0f2abf.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
152191
cf-polished
origSize=3302
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
JFK51-C1
cf-ray
6dca4d358a488c9c-EWR
x-amz-cf-id
eAFQyvDpP0PzfMELvLEVR-hml06ux82vdQ9KWW3mKynTylzMM2bdbw==
expires
Tue, 15 Feb 2022 01:32:13 GMT
/
www.facebook.com/tr/ Frame B50C 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/

Response headers

content-type
text/plain
access-control-allow-origin
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Sun, 13 Feb 2022 01:32:13 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D828 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=71561398&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
485086eae6d9ea8ec9f0c64950625c89edd2126737a458e528f20158100c9d20

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1569
content-type
text/html; charset=UTF-8
users
dmx.districtm.io/s/v1/ Frame 0C24 		0
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6dca4d360afe8c9c-EWR
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.districtm.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
cf-ray
6dca4d35aff61871-EWR
access-control-allow-origin
https://cdn.districtm.io
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-max-age
14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
khaos.jpg
token.rubiconproject.com/ Frame C39D 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
b3266a43228eaeab48f59934ee9159da
Content-Type
image/jpg
ecm3
s.amazon-adsystem.com/ Frame 1D2D
Redirect Chain
  • https://dmx.districtm.io/s/v1/users/10002
  • https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qVXlRMnAwY2t3M1IzUlhlVUp3WTJ4VFRUSlBRVEpOZEZVMyJ9.2SJ6yU0q3yfo6Dxs3S2Ieu...
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qVXlRMnAwY2t3M1IzUlhlVUp3WTJ4VFRUSlBRVEpOZEZVMyJ9.2SJ6yU0q3yfo6Dxs3S2IeunCIu9vsymnGP_10Y_nC6p3pgbTCwa5JlXr-cLI0SAwvKBlaB27BKydtCBTI1fuLw
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:13 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Y2HZFB8K3C9DGFEC2WQJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 13 Feb 2022 01:32:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qVXlRMnAwY2t3M1IzUlhlVUp3WTJ4VFRUSlBRVEpOZEZVMyJ9.2SJ6yU0q3yfo6Dxs3S2IeunCIu9vsymnGP_10Y_nC6p3pgbTCwa5JlXr-cLI0SAwvKBlaB27BKydtCBTI1fuLw
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6dca4d35ead78c9c-EWR
access-control-allow-headers
Origin, Content-Type
content-length
0
match
c1.adform.net/serving/cookie/ Frame E981
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=308143D1-FDEB-4FE7-9656-E9D50BF2F0F4
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=308143D1-FDEB-4FE7-9656-E9D50BF2F0F4
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=308143D1-FDEB-4FE7-9656-E9D50BF2F0F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 13 Feb 2022 01:32:13 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sun, 13 Feb 2022 01:32:13 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=308143D1-FDEB-4FE7-9656-E9D50BF2F0F4
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 714E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YghfnAAFx_jleABB&gdpr=0&gdpr_consent=
1 B
233 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YghfnAAFx_jleABB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 13 Feb 2022 01:32:13 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
10:0:435
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YghfnAAFx_jleABB&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Sun, 13 Feb 2022 01:32:13 GMT
via
1.1 varnish
x-served-by
cache-yul12832-YUL
x-cache
HIT
x-cache-hits
0
x-timer
S1644715933.129506,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
ecm3
s.amazon-adsystem.com/ Frame E8CE 		43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=308143D1-FDEB-4FE7-9656-E9D50BF2F0F4&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Sun, 13 Feb 2022 01:32:13 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
7SDSDTK0CE8EGK3B2VG3
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D828
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MIFD0f3rT-eWVunVC_Lw9A%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-203-12.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=87694
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Mon, 14 Feb 2022 01:53:47 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
396846.gif
idsync.rlcdn.com/ Frame D828
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=308143D1-FDEB-4FE7-9656-E9D50BF2F0F4
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6c562024-b487-0899-03e0-3fc3d25619f6
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6c562024-b487-0899-03e0-3fc3d25619f6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Feb 2022 01:32:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 13 Feb 2022 01:32:13 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6c562024-b487-0899-03e0-3fc3d25619f6
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
SPug
image4.pubmatic.com/AdServer/ Frame D828
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=26a66208-5f9d-4a00-bb88-e3519b32765e
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=26a66208-5f9d-4a00-bb88-e3519b32765e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 13 Feb 2022 01:32:13 GMT
Server
MT3 4133 baa842e master nrt-pixel-x4 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=26a66208-5f9d-4a00-bb88-e3519b32765e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 13 Feb 2022 01:32:12 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D828
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzA4MTQzRDEtRkRFQi00RkU3LTk2NTYtRTlENTBCRjJGMEY0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug018:0:394
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D828
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENnJNMUOMnYAgKMcqumPXIM&google_cver=1
42 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENnJNMUOMnYAgKMcqumPXIM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug019:0:438
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENnJNMUOMnYAgKMcqumPXIM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D828
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:983B279EBD374698BAAD0301ECEDFA99
42 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:983B279EBD374698BAAD0301ECEDFA99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug002:0:455
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sun, 13 Feb 2022 01:32:13 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:983B279EBD374698BAAD0301ECEDFA99
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 12 Feb 2022 01:32:13 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D828
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3103328912798622740&gdpr=0&gdpr_consent=&us_privacy=
1 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3103328912798622740&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug004:0:413
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3103328912798622740&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame D828
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
42 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug016:0:452
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
ecm3
s.amazon-adsystem.com/ Frame C39D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KZKLEG2U-28-EZK2
  • https://s.amazon-adsystem.com/ecm3?id=KZKLEG2U-28-EZK2&ex=d-rubiconproject.com&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=KZKLEG2U-28-EZK2&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Feb 2022 01:32:13 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
72363HENE883EWCFPH0G
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=KZKLEG2U-28-EZK2&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
Expires
0
709414.gif
id.rlcdn.com/ Frame C39D 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Feb 2022 01:32:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pixel
cm.g.doubleclick.net/ Frame C39D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2I1MjgzMDRhNTQ2YWZhZGYwYTIxYmQxZjc4Y2JlN2ZhNzI2YjZkOA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2I1MjgzMDRhNTQ2YWZhZGYwYTIxYmQxZjc4Y2JlN2ZhNzI2YjZkOA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2I1MjgzMDRhNTQ2YWZhZGYwYTIxYmQxZjc4Y2JlN2ZhNzI2YjZkOA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame C39D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/4BiV21FNKdRrwY-cyrkUtcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5135930305140114813
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5135930305140114813
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
Content-Type
image/gif

Redirect headers

date
Sun, 13 Feb 2022 01:32:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5135930305140114813
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame C39D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YghfnAAFx_jleABB
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YghfnAAFx_jleABB
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644715933.285817,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YghfnAAFx_jleABB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame C39D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBSnQIrYhIFP8nsWanC2aIM&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBSnQIrYhIFP8nsWanC2aIM&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBSnQIrYhIFP8nsWanC2aIM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame C39D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d9ae6208-5f9d-4100-b925-a96c5d425bad
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d9ae6208-5f9d-4100-b925-a96c5d425bad
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
Content-Type
image/gif

Redirect headers

Date
Sun, 13 Feb 2022 01:32:13 GMT
Server
MT3 4133 baa842e master nrt-pixel-x18 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d9ae6208-5f9d-4100-b925-a96c5d425bad
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 13 Feb 2022 01:32:12 GMT
tap.php
pixel.rubiconproject.com/ Frame C39D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a15b02f9-b5e7-4723-a3f4-bf06f40f96f7&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
pixel
cm.g.doubleclick.net/ Frame C39D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pLTEVHMlUtMjgtRVpLMg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pLTEVHMlUtMjgtRVpLMg==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pLTEVHMlUtMjgtRVpLMg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
syncframe
gum.criteo.com/ Frame F57A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2437
date
Sun, 13 Feb 2022 01:32:13 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
optout_check
beacon.krxd.net/ 		82 B
241 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.postmedia.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-155-217.compute-1.amazonaws.com
Software
/
Resource Hash
80100165d0a4c113b1cbbc6491be185967d69c8eba790a15615cc92d3bc82c70

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=27 t=1644715933
x-served-by
beacon-n007-ash-prod.krxd.net
content-type
text/javascript
get
cdn.krxd.net/userdata/ 		364 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=42fb57ac-2013-45a6-8dad-332d53e17c1b&technographics=1&callback=Krux.ns.postmedia.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eed4bd34ed96011c6a10a2ed3957f53e6781365214951d4ba1bdc3105dbd8c51

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Sun, 13 Feb 2022 01:32:13 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a009-ash-prod.krxd.net, cache-yul12829-YUL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1644715934.736224,VS0,VE21
content-length
280
x-cache-hits
0, 0
pixel
bid.g.doubleclick.net/xbbe/ Frame D4D9 		0
434 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gm-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 13 Feb 2022 01:32:13 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc65ad91bccaffd0640bd0f85f314e50765e80ace431fc3a4893687b26e4d734
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Feb 2022 01:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9885
x-xss-protection
0
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:2400:7:75d4:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 23:11:12 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
AmazonS3
age
8464
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 71963481e8787829babadbbb735376ee.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
3jSpT___yL0q6SdhFblAlpbBe3hbobrBNaX0VUR50lPJzYyYuCfM-g==
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/10276888/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.226.31.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-94.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:06:04 GMT
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
1570
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR53-C2
accept-ranges
bytes
content-length
0
x-amz-cf-id
_hk7JdfEMwH8TdFe8SbiTPN1ronpFrti_t7smIkolWDVFmAljBcKEQ==

Redirect headers

date
Sun, 13 Feb 2022 01:32:13 GMT
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
rPFieotNB0MpfZTMbhhVRMIBIx6pHSU8s0ntjJl88TmlNf7wK06FqQ==
sid
mug.criteo.com/ Frame F57A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=postmedia.digital&sn=ChromeSyncframe&so=0&topUrl=gcp-cheet-4400-calgaryherald.gdev.postmedia.digital&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=aieFGHxCTmU1RnQrR3J0aCt1czg2UG4yL2pGa1VLVzJjdWN2ZzdRNU5jckFsaG1yNDF3YUVha3I5a0syVmlHWUVmdW1IZ0tKRDBWRlBxMnVGVUg3UUtMMjFVSG5UT2dUU2hERm5uSTBmT3FuNEg4MW9CV0pRNXJRM0lEa3...
433 B
629 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=aieFGHxCTmU1RnQrR3J0aCt1czg2UG4yL2pGa1VLVzJjdWN2ZzdRNU5jckFsaG1yNDF3YUVha3I5a0syVmlHWUVmdW1IZ0tKRDBWRlBxMnVGVUg3UUtMMjFVSG5UT2dUU2hERm5uSTBmT3FuNEg4MW9CV0pRNXJRM0lEa3pITnpxdFFVSGRTK2dJaFYvd3lwbFZabzlVdmNQTDMrV25ZZkNlUjZhR3dNVnZXbTFDZ2VCSytSOEsxbG91L2RsMk1Qa2xJQlJ2L2RlTnJya2J6OG1JRjVFSlJuVVlNN1VlWEpqRHlTUzNyc2VYcU1ra1FMM1RWQ2JzSUIxdDJrellQS0w4MWtiVUdpUkZUQk9GVUNpRkpYd1FTYlRLQT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
7d74ffb97706ec5f3501a98d242bb3d12254e262882c44d60b59543f578c3ff6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5101
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:12 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=aieFGHxCTmU1RnQrR3J0aCt1czg2UG4yL2pGa1VLVzJjdWN2ZzdRNU5jckFsaG1yNDF3YUVha3I5a0syVmlHWUVmdW1IZ0tKRDBWRlBxMnVGVUg3UUtMMjFVSG5UT2dUU2hERm5uSTBmT3FuNEg4MW9CV0pRNXJRM0lEa3pITnpxdFFVSGRTK2dJaFYvd3lwbFZabzlVdmNQTDMrV25ZZkNlUjZhR3dNVnZXbTFDZ2VCSytSOEsxbG91L2RsMk1Qa2xJQlJ2L2RlTnJya2J6OG1JRjVFSlJuVVlNN1VlWEpqRHlTUzNyc2VYcU1ra1FMM1RWQ2JzSUIxdDJrellQS0w4MWtiVUdpUkZUQk9GVUNpRkpYd1FTYlRLQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1856
content-length
541
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Feb 2022 01:32:13 GMT
jload
pixel.adsafeprotected.com/ Frame C579 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5117682877&chanId=48819301&placementId=5890466615&pubCreative=138379798005&pubOrder=2969284947&cb=1486579913&custom=index&custom2=1&adsafe_par&impId=c439035b-8c6c-11ec-8aeb-02813368eb05
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.92.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-92-183.compute-1.amazonaws.com
Software
/
Resource Hash
f87bcb7d4faa7711017e59f26ea25071c602896b5eec735a01c0ed382f7a1af4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:13 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8CFB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOUZwTwQIgSgpi0QPz3PNOEc6MAPIMpwzZLfUOVilObyrd3KvbdHHOSKHLFpg91gY8TyU6Yc9aKRSB9fPAekba5OPaKZSqQTwuHR69qdDJyoMze0eazJT-rhvvd-gSsM2SQZTP6Ee-Jw_9Lm1Rq3iEKYGHlnf_AW0caSitLFWtqmRpUfw01vgsZo8OdSsXKWljlpUZuMQv_v1Z9ndldUQsspEVISN9iN98j-ccUrYnCvkQ7p6szVR4l_N2cwHB1Zqju7Q4LUEgUKYniM2RlMTz5rb2mtALyAnYSLZhGYYceREKL3owmM5XENs8M2GLcTsjAEevzgHJKrMXSHMNA4Oicix8lTOLJJ3IgzOb1qv0hxo4m8Qu&sai=AMfl-YR2BZ86anMG40PF0NPQQwVOlbIH15zvfdniMB_vlyfNETqF2lTix9B1ZNcgIf5LqaUmd8G_9L8M5jCcL4iqHld3p7xGKsjc7ycGwmsn0lhWHG2w8yJttITAqI9ueqDdlEV7fnnxHpaDudKXROjW&sig=Cg0ArKJSzEyaXQKgJFTCEAE&uach_m=[UACH]&adurl=
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Feb 2022 01:32:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 8CFB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Feb 2022 01:28:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8CFB 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38562
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644410386637351"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Feb 2022 01:32:14 GMT
l
www.google.com/ads/measurement/ Frame 8CFB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUQo4X6gIc-7hvnslqkBr5Q3jnEX_7b8ghNr2ZC3RJVwNGeBvcu2GvBVf8s0O4j0migo83jVyzPSSTxjs2fEfSdHMb4g
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
15245913857699236446
tpc.googlesyndication.com/simgad/ Frame 8CFB 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15245913857699236446
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3774f24cbef06430febec76ef6f57b8e3f75d2d91a5ad16e23135351c87004b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 06 Feb 2022 03:34:28 GMT
x-content-type-options
nosniff
age
597465
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136357
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 15:50:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 06 Feb 2023 03:34:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 963E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 12 Feb 2022 14:03:17 GMT
expires
Sun, 12 Feb 2023 14:03:17 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
41336
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1F03 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ce9b6a67dff69b03b35a4859e1fa67cf6998c2c9d1982e8c5f4ae4fe9454470f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J+aWfiLTOvYC8OdefvDEmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Feb 2022 01:32:13 GMT
date
Sun, 13 Feb 2022 01:32:13 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-J+aWfiLTOvYC8OdefvDEmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel.gif
beacon.krxd.net/ 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=uepopxd3e&_kpid=42fb57ac-2013-45a6-8dad-332d53e17c1b&_kcp_s=calgaryherald_desktop&_kcp_d=postmedia.digital&_knifr=11&_kua_kx_tz=0&geo_country=ca&geo_region=qc&geo_dma=124462&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_mpid=-4259252538988998224&_kua_ad_light_user=false&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=ca&_kua_kx_geo_region=qc&_kua_kx_geo_dma=124462&_kua_kx_whistle=0&_kpa_domain=postmedia.digital&_kpa_page_type=index&_kpa_calgaryherald_desktop_page_type=index&_kpa_main_category=index&_kpa_env=test&_kpa_view_type=HTML&_kpa_paywall_whitelist=false&t_navigation_type=0&t_dns=0&t_tcp=26&t_http_request=-1&t_http_response=25&t_content_ready=26704&t_window_load=28788&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=w4z4kaepw&_kurl_=https%3A%2F%2Fedmontonjournal.com%2Fnews%2Fpolitics%2Falbertas-latest-fiscal-update-to-be-released-tuesday%2F&userdata_user=OqL2aahy%2Cw4z4kaepw&sview=1&kplt0=41818&kplt1=42920&kplt2=42921&kplt3=42922&kplt4=45977&kplt5=46302&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F42fb57ac-2013-45a6-8dad-332d53e17c1b%2C64%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C45%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C46
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.155.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-155-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:13 GMT
cache-control
private, no-cache, no-store
x-request-time
D=103 t=1644715933
x-served-by
beacon-n037-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
jload
pixel.adsafeprotected.com/ Frame 30B0 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5117682877&chanId=48819301&placementId=5888688156&pubCreative=138380233772&pubOrder=2969297994&cb=2092078788&custom=index&custom2=2&adsafe_par&impId=c439035c-8c6c-11ec-8aeb-02813368eb05
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.92.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-92-183.compute-1.amazonaws.com
Software
/
Resource Hash
34564b7c51a52ab44875ea706f23f33ce9288d24999d8ac611f4678640aaae53

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:14 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B8C5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkNt_Dm4QZCJzVxFWgmVdX-vABpP3xjiN607dIk4p0eIUFovhf0b1WM2sv8QwA1RUywXB_YcT7E6KnyO0Ul5xsanu5ArMPPjfR8P7PewOuKkshkI4kwD77sZm7dhURyQaJ28aF64oqUI8uvLzPlauojxYVTVB4vxCNGxSPG6oN3ArSnRP__ySOTPozAs3p82a-u5rpwEpB-PBfLXfx6OUXDKRKCA7NPxNy018eQC5SFqYFnv4mRu5oVH9hNEFieVMgxvww54GUDPN82HdfIVvgmX9HZiQ6h-bias6y4QeAht4c5aTu_JWT_mmZA_SAcjw8okByk_meA_3q6QBfFw-NpTataoJ8INBILcGgXqvwg4R8KaE5&sai=AMfl-YQH6fRGAb2L-lT3CyIWuT4xy33ZFhNI9U5fBxE7tM0WBsQzXNQc8cZxs9SJanxuSZg-xaBdbUWImk1RITtXWSg2pxrHH-tbvgJ_CKBcfSK2-9T5IojhNWLjKOj0xZ8jXvY7RwjTGHUa5p99eNou&sig=Cg0ArKJSzJXQuhszy-Z9EAE&uach_m=[UACH]&adurl=
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Feb 2022 01:32:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame B8C5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Feb 2022 01:28:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B8C5 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38562
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644410386637351"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Feb 2022 01:32:14 GMT
1716834108954887116
tpc.googlesyndication.com/simgad/ Frame B8C5 		246 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1716834108954887116
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8bd74675f5e2c18b5b0696ac8e7e00cfc90675eae571204e406f8298eb3da69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 05:18:40 GMT
x-content-type-options
nosniff
age
504814
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
251448
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 21:43:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 07 Feb 2023 05:18:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8CFB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstf-zzzx0NEvCgM1sHi_5fplBMZLTI-6w4DgxQ-ZnTVlMHVy_9P7vCwzCAtLvjFWFaqIjV1Y9MhAiL5_KfWsTY_70rVq2YbxAboDaDgN3tAZ0kltBvr2W_8pyITxYRxBaLjQpH9sX7dPxnn5KYlBlEtMiPM_W34-Et0PzLrwNYdXDEXa_8fd6j6v6j5qDA9fKyz-Px74G1xdYf4JJXYPXzZWHmzsgEx4uVpHwU5q4eo8AxMmWzZOLSCvD-yFS1bcrAL40bvHxNjHHaEb1K4WZLVlwSnknH30SdcCT-35c97BQ-aw90fpecQk7Yxq0ugCRrZNRK-MerYvF0-MYuok-FYU1I6s35J4_Ap1q8TJqQ7KmPdw6X0C3I&sai=AMfl-YSpMH7bqxnRA_4RJOntXybM2rL456bVHe9Lq05I2zjK-znX5UgsKHTrznCi0mngcoo__LYNFSQ3QBRducDee3aCjw67VnzWr-9xcaePFcxP6gMn3mitnXYFyXomYzBhlq-q5B_gSQm37ldXUcEj&sig=Cg0ArKJSzEO5HLZ0auiFEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Feb 2022 01:32:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 13 Feb 2022 01:32:14 GMT
truncated
/ Frame 8CFB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
587a56ec5e8f866a6f7e879bd3ee2c298d9b847059b58fe200092eb1b5f5e85f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
main.gr.19.8.288.js
static.adsafeprotected.com/ Frame C579 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.288.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5117682877&chanId=48819301&placementId=5890466615&pubCreative=138379798005&pubOrder=2969284947&cb=1486579913&custom=index&custom2=1&adsafe_par&impId=c439035b-8c6c-11ec-8aeb-02813368eb05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
165b5695a4f6ce4b89483d4b901d48beb06cc7e40176c06f4c8ce59288b67b1a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 22:00:18 GMT
content-encoding
gzip
age
185517
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 10 Feb 2022 21:45:16 GMT
server
AmazonS3
etag
W/"402e5c9413f63380ec2c1e4a334eb639"
vary
Accept-Encoding
x-amz-version-id
XS79VCB8oF3MNJxGUTORCdfw6UGRtz_1
via
1.1 58138fe3ecbee18734b57632af81590a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
content-type
application/javascript
x-amz-cf-id
4BVFCUCyXtfeW91pMxIMAYzprTejTTgM9GbQJg8Ny25mfCbam90Zdg==
main.gr.19.8.288.js
static.adsafeprotected.com/ Frame 30B0 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.288.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=5117682877&chanId=48819301&placementId=5888688156&pubCreative=138380233772&pubOrder=2969297994&cb=2092078788&custom=index&custom2=2&adsafe_par&impId=c439035c-8c6c-11ec-8aeb-02813368eb05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
165b5695a4f6ce4b89483d4b901d48beb06cc7e40176c06f4c8ce59288b67b1a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 22:00:18 GMT
content-encoding
gzip
age
185517
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 10 Feb 2022 21:45:16 GMT
server
AmazonS3
etag
W/"402e5c9413f63380ec2c1e4a334eb639"
vary
Accept-Encoding
x-amz-version-id
XS79VCB8oF3MNJxGUTORCdfw6UGRtz_1
via
1.1 58138fe3ecbee18734b57632af81590a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
content-type
application/javascript
x-amz-cf-id
rXrkoowE0bg98VEBvsjvFUyIge6a7HKL04jTHm6XDgxvvTrhtS00QQ==
sodar
pagead2.googlesyndication.com/pagead/ Frame 1F03 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020801&jk=1094699920395747&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame B8C5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAAdHkHfjP_Rqp_GeW9_DY6GRlxZha50cyDxQKa_wesoE7eiYHaCuqx2b8IetLgEnqDsaAkrH5BfcP0HmRhGhp1UjZWq5ZmlffVd1YVRcX2nSVnHKJjqRsVySBt643GpALK-vt96Ok92WCi2ng3qFbsbcp2tQx65P6JYvFMDwswy8JHyIbxvrCDkyIGlVKW5uL6_2GurrWqL5Cqx6OlnLV0APVT86gfOu0xZ_M9Q07nXWbOYnTrQAaIc2-1Xb3LvT3y-EQ4QfjVIBUS0Q-Ed0c9YiKoC5VuvADM6l_lKWi_xWAVUdH65a-w2rpfU7TrwZx5DJcyIPQCz-_y6ouMlRReMJvLq6AnVidd1Np5btLSLoF7T7-YhE&sai=AMfl-YSNBE4ESrWmF2Q-rgqj5nRbzRK4H8FeUVkN88rZXeiYpxDljtmgu-pR6nIJj4dcC9mGyqnZZ_39tfyv11yKfuC8W8B1hdtfmVvOgI4WMzx0MvUVQ-DjzZ-pqTnQ11IJgSy-7ji08om4lLv6rBw9&sig=Cg0ArKJSzH0DcsGdW6v2EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Feb 2022 01:32:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 13 Feb 2022 01:32:14 GMT
truncated
/ Frame B8C5 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72fdbb0661eef304bebad438fce57f79172f902a7bacdbcffebe71c01ec8a06b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
pagead2.googlesyndication.com/bg/ Frame 963E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:44:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
71265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13554
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Feb 2023 05:44:29 GMT
sca.17.5.12.js
static.adsafeprotected.com/ Frame 2385 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 03:16:10 GMT
content-encoding
gzip
age
6732965
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 58138fe3ecbee18734b57632af81590a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
content-type
application/javascript
x-amz-cf-id
V4XTG11weNNpOE36UarxQKq82McVCch8e-AYpAfqiVsldv9-mbKaZg==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=970x250&pubId=5117682877&chanId=48819301&placementId=5890466615&pubCreative=138379798005&pubOrder=2969284947&cb=1486579913&custom=index&custom2=1&adsafe_par&impId=c439035b-8c6c-11ec-8aeb-02813368eb05&adsafe_url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:45568c3f-6dd3-fcb3-3f0a-e9304b70fbf5,c:43NOXf,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-f9859d94c-k26zd,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:100,fm:sXhqrHh+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a%7C1b%7C1c1,idMap:19*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:131,oid:c585325c-8c6c-11ec-9fec-e2bcc6badd74,v:19.8.288,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.92.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-92-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:14 GMT
x-server-name
app03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=45568c3f-6dd3-fcb3-3f0a-e9304b70fbf5&tv=%7Bc:43NOXh,pingTime:-8,time:132,type:l,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:133,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:130,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B28~100%5D,as:%5B28~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sXhqrHh+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a%7C1b%7C1c1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.42.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-42-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:14 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=45568c3f-6dd3-fcb3-3f0a-e9304b70fbf5&tv=%7Bc:43NOXL,pingTime:0,time:162,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:130%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:162,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:130,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~100%5D,as:%5B57~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sXhqrHh+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a%7C1b%7C1c1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.42.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-42-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:14 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=45568c3f-6dd3-fcb3-3f0a-e9304b70fbf5&tv=%7Bc:43NOXX,pingTime:-2,time:174,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:232,beZ:233,mfA:332,cmA:334,inA:334,inZ:341,prA:341,prZ:351,si:363,poA:365,poZ:383,cmZ:383,mfZ:383,loA:395,loZ:397,ltA:406,ltZ:406%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:130%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:174,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:130,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B69~100%5D,as:%5B69~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sXhqrHh+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a%7C1b%7C1c1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/3081/calgaryherald.com/index_0,google_ads_iframe_/3081/calgaryherald.com/index_0__container__,ad-1,ad__inner-1,main-content%5D,sinceFw:40,readyFired:true%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.42.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-42-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:14 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 8563 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 03:16:10 GMT
content-encoding
gzip
age
6732965
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 58138fe3ecbee18734b57632af81590a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
content-type
application/javascript
x-amz-cf-id
NYEfnFbYP_yAZrrqd3f9Sp8eL7GJlbu7BD--MtbYubw5aMcQNRJ7TQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=970x250&pubId=5117682877&chanId=48819301&placementId=5888688156&pubCreative=138380233772&pubOrder=2969297994&cb=2092078788&custom=index&custom2=2&adsafe_par&impId=c439035c-8c6c-11ec-8aeb-02813368eb05&adsafe_url=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:d90ae140-d420-29a3-51a8-fd1c890b8454,c:43NOZc,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-f9859d94c-sw6g2,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:315.1237.970.250,am:i,cc:315.1237.970.250,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:213,fm:sXhqrHJ+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1b%7C1c*.928934%7C1c1,idMap:1c*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:223,oid:c595fbb0-8c6c-11ec-a882-324a18093aeb,v:19.8.288,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.92.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-92-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:14 GMT
x-server-name
app13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d90ae140-d420-29a3-51a8-fd1c890b8454&tv=%7Bc:43NOZd,pingTime:-8,time:224,type:l,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:224,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:223,wc:0.0.1600.1200,ac:315.1237.970.250,am:i,cc:315.1237.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B10~0%5D,as:%5B10~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sXhqrHJ+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1b%7C1c*.928934%7C1c1,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.42.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-42-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:14 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d90ae140-d420-29a3-51a8-fd1c890b8454&tv=%7Bc:43NP09,pingTime:-2,time:282,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:101,beZ:103,mfA:314,cmA:315,inA:315,inZ:316,prA:316,prZ:320,si:325,poA:325,poZ:334,cmZ:334,mfZ:334,loA:364,loZ:365,ltA:383,ltZ:383%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:970,h:250,t:223%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:282,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:223,wc:0.0.1600.1200,ac:315.1237.970.250,am:i,cc:315.1237.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B68~0%5D,as:%5B68~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sXhqrHJ+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1b%7C1c*.928934%7C1c1,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/3081/calgaryherald.com/index_1,google_ads_iframe_/3081/calgaryherald.com/index_1__container__,ad-2,ad__inner-2,main-content%5D,sinceFw:57,readyFired:true%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.42.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-42-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:14 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
generate_204
tpc.googlesyndication.com/ Frame 963E 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ZsvAKw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=45568c3f-6dd3-fcb3-3f0a-e9304b70fbf5&tv=%7Bc:43NP1O,time:413,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:413,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:130,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B308~100%5D,as:%5B308~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:112,fm:sXhqrHh+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a%7C1b%7C1c.928934%7C1c1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.42.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-42-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:14 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020801&jk=1094699920395747&bg=!EhGlEVXNAAbAtJCDwLQ7ACkAdvg8WtsI3ZEM8BDdLSQgevBTYqFBwmOLSmX9cLdWLZdciGLZIpQ8WAIAAADdUgAAAAJoAQcKAKRi0U4o2ijC2l0-F3y1A4Fh-4R15C1lrRBR23a_ZzCP8z3ySrG4L9RgMTXN2wIBZQtfYjgL15WWxuPMz7uxdr-NqtirWeMiXFu771Re7l3a6PLiIvysVt9kTcRlIaFVUoBEw8-EBCAAMwtUg01Hs7yANr6gBnV0SY5goVvrvgUandgq5pEhFd3fPcmSUtRzbN3F4Dm3c_P9D4WWXQb6x63xmZgRMJkC2g6H8_gLZTL9hk9H4HpSEoYUCXixVa8EhruM2ZBTn7VE7BDtOKzmwX3qfwN5dsIW3LVDSgawi5eLiGBT6SQTNWxTRibZxVk6WMcB3JDLledK9LhIBRHGJKt11RIND3BWPOr8_ByowgdNDvqeWIkay0hPwR2aw8P7hVQgEymMhRYAwzK2e_vDkuSJkLDTRQ2Hb2nsoMtnL-NGq8wQlWeS4kdq47gU8tlFiVp4cTA8GhmXGV9_GzOtTmgPYQpcqyHXvSokCIupIZ8o4SK6wbaLEle7szGQ73_hq5kwfz-e9eBk7EKvdXGLt8wSX3vHb76aa_RZB95VxJ0BW7ePyqoCW3D5wcXEddSgIK8LFMusofEzpVk5l4ILkerfEYfNkAjyl-lwDpYv55T4xXeExC0kfJoQoFMihW6UAsGQrS-lJqrKoGvdIW0l1twJJt5_L-4-iRMGtuF1rp1tuxmxUIEzSqJi8gd9HMzbGyhlPn0-RGhFOyN2mR5NdksvsietmwhWNurd0wPFyaLaAyR7HvjqD9v3uCGQ_YMtNyvjsgttuQxLlChu3mGWwBErdrMSEWbNL393U4J5yIakh5AA_73Mg9Q8GXyY9alVlHZkeLCYElaMKXZ9rHkX4X0RjYLGn9e9-e-x2Vo2V_CcPJWjMXi-cQWiR7N-MA44JRCldwgz0zixfF4Fk5igZi8CsIzDS4S_hDTOt4EAbr-cGNjGZUJtKf8Zzdhi6bUZ4pheydE6jLKqwJRdonLkzZyhSpFexfpIW2I95lnE_XKmDcJlfMCnTBgpKNakBo3BwINyDZ6TlmxjuYzFnbNyB99D54-iTA66eIGHNdexG4N8V_kdtKWpdptXJbZGW5YHOhAfMC9Do18sMLozY6M9LD1fyNRvu58jwuizx0niqzVR9V16F-LQKXMmlFpsC67ZI0L02bnSTu-SXZ4R1Lbq_eLqlPIseMTJD2OHQhUbtFdimoU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d90ae140-d420-29a3-51a8-fd1c890b8454&tv=%7Bc:43NP21,time:398,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:398,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:223,wc:0.0.1600.1200,ac:315.1237.970.250,am:i,cc:315.1237.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B184~0%5D,as:%5B184~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:43,fm:sXhqrHJ+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1b%7C1c*.928934%7C1c1,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.42.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-42-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:14 GMT
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=45568c3f-6dd3-fcb3-3f0a-e9304b70fbf5&tv=%7Bc:43NP4f,pingTime:-10,time:564,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1644715934714%7C%7C4ffac8281900235cae7ae9c07b1b4b9c%7C%7C920bd99aa4265c459f442b819dba176b%7C%7Cbbe8f17ddca1d25de808f3f8588a68f7%7C%7C9d5ff7a790b8da6b2bf14a81b3a73aa9%7C%7C1beb434c54d113253460521447bd0116%7C%7Cb807374ee7295719dd4038535923f354%7C%7C30392476f9f407f108b744bb45b2f076%7C%7C1629390669%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.42.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-42-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:14 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ogbj77ch-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/9HBenCFU/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/ogbj77ch-320.jpg
32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/ogbj77ch-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0b5eae5cacecfab875d39933a39a9e991e55ea803eefd8b33ea930eeed0d08e0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:14 GMT
content-encoding
gzip
age
530
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
32444
x-served-by
cache-iad-kjyo7100178-IAD, cache-yul12831-YUL
access-control-allow-origin
*
last-modified
Thu, 10 Feb 2022 20:41:50 GMT
server
nginx
x-timer
S1644715935.908246,VS0,VE1
etag
"8c5371579ba116b402f11d29e713565b"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Sun, 13 Feb 2022 01:29:39 GMT
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
server
openresty
age
155
location
https://assets-jpcust.jwpsrv.com/thumbnails/ogbj77ch-320.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-amz-cf-pop
EWR53-C1
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
964sOQblPQP22folKSlMv-j7CNEHxbH89OrQ-smuFNoTDknVB6jJoQ==
q2uzmqjl-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/65NgqOCg/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/q2uzmqjl-320.jpg
25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/q2uzmqjl-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
97cc23628e90fbf9578bf30e820d7281c3c6eb022d2e069c6151064a6c7c1d48

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:14 GMT
content-encoding
gzip
age
810
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
25211
x-served-by
cache-iad-kjyo7100140-IAD, cache-yul12831-YUL
access-control-allow-origin
*
last-modified
Wed, 09 Feb 2022 20:58:27 GMT
server
nginx
x-timer
S1644715935.908347,VS0,VE0
etag
"5523278a068c535da9c1787bafcb8685"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 2

Redirect headers

date
Sun, 13 Feb 2022 01:29:39 GMT
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
server
openresty
age
155
location
https://assets-jpcust.jwpsrv.com/thumbnails/q2uzmqjl-320.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-amz-cf-pop
EWR53-C1
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
9etSmKKsRG_puL28rS2P6h0doYfMTEoxjgKNYoifgM-BEB0QG8tg8Q==
oiuxre47-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/BI2tHKb0/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/oiuxre47-320.jpg
18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/oiuxre47-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
14db4d359ec75f6bee5c24d7218c189f88ef14ef8eb766456a99db547d01db07

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:14 GMT
content-encoding
gzip
age
201
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
18562
x-served-by
cache-iad-kjyo7100095-IAD, cache-yul12831-YUL
access-control-allow-origin
*
last-modified
Wed, 09 Feb 2022 19:21:16 GMT
server
nginx
x-timer
S1644715935.908406,VS0,VE1
etag
"e49ef37c0898f4e94f8d7e4da5314a83"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Sun, 13 Feb 2022 01:29:40 GMT
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
server
openresty
age
154
location
https://assets-jpcust.jwpsrv.com/thumbnails/oiuxre47-320.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-amz-cf-pop
EWR53-C1
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
qGJkisLfALVtwWBhLT2BpBwddz801sg-VPOemeMOF7oIADegdineqw==
z1dgbbnc-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/xZFTJ7ec/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/z1dgbbnc-320.jpg
16 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/z1dgbbnc-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
22589e21ad2dacf5ef332a93fab7bb7576f4468a207b0706404e1a15fbc7b2ef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:14 GMT
content-encoding
gzip
age
810
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
15092
x-served-by
cache-iad-kcgs7200072-IAD, cache-yul12831-YUL
access-control-allow-origin
*
last-modified
Wed, 09 Feb 2022 02:06:25 GMT
server
nginx
x-timer
S1644715935.908719,VS0,VE1
etag
"ac5c21e153aecdeabf642d42efaf1d7e"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Sun, 13 Feb 2022 01:29:44 GMT
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
server
openresty
age
150
location
https://assets-jpcust.jwpsrv.com/thumbnails/z1dgbbnc-320.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-amz-cf-pop
EWR53-C1
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
RX5kXwXSZjHCa3473Dft_G81xuJ2s1RFqNMrV-h4ugrUeEbd7TSrag==
l8ue8s6q-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/BAMySPCR/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/l8ue8s6q-320.jpg
26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/l8ue8s6q-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b40e613b9a34d0630dae7f86028c2eea3f230efe027a41976005dcb49c4709c7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:14 GMT
content-encoding
gzip
age
201
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
26918
x-served-by
cache-iad-kjyo7100064-IAD, cache-yul12831-YUL
access-control-allow-origin
*
last-modified
Wed, 09 Feb 2022 00:03:37 GMT
server
nginx
x-timer
S1644715935.908712,VS0,VE1
etag
"c72fea84f33d94c771271ddf16c59956"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Sun, 13 Feb 2022 01:29:44 GMT
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
server
openresty
age
150
location
https://assets-jpcust.jwpsrv.com/thumbnails/l8ue8s6q-320.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-amz-cf-pop
EWR53-C1
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
AE0T5bQtA4voD92XD1MxhV4R0c8faxumKbemCblb-8DKi8eWkeHMjw==
2tk3f158-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/Ddyzs6DN/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/2tk3f158-320.jpg
30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/2tk3f158-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
689402d90c9d60dfe1f1d82aedf6d8ab79519cf3cf9ace0aad9753caf79ec06b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:14 GMT
content-encoding
gzip
age
201
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
30431
x-served-by
cache-iad-kiad7000053-IAD, cache-yul12831-YUL
access-control-allow-origin
*
last-modified
Tue, 08 Feb 2022 21:50:30 GMT
server
nginx
x-timer
S1644715935.908691,VS0,VE1
etag
"16d719bac8ad2654d42b20c355b8474e"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Sun, 13 Feb 2022 01:29:46 GMT
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
server
openresty
age
148
location
https://assets-jpcust.jwpsrv.com/thumbnails/2tk3f158-320.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-amz-cf-pop
EWR53-C1
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
soBtMLswAqrQEeH3BJUikoYCinUqbDpNmUCxct7OpOm5A_NcL6UEBw==
cxdxarze-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/PfeoLETe/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/cxdxarze-320.jpg
26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/cxdxarze-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c067cbc7ea5f1cc0fcc4534a40f3133dcf537baf7b96c8de226831740d767ec8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:14 GMT
content-encoding
gzip
age
458
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
26743
x-served-by
cache-iad-kjyo7100110-IAD, cache-yul12831-YUL
access-control-allow-origin
*
last-modified
Sat, 05 Feb 2022 20:45:25 GMT
server
nginx
x-timer
S1644715935.966831,VS0,VE1
etag
"10fedb3ccc4d3b18fdc826c0d18cd514"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 4

Redirect headers

date
Sun, 13 Feb 2022 01:32:14 GMT
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/cxdxarze-320.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
T6CFR5D2-ETtH16yM97sPHiMx2pyl0PMMuy9Kg8MmFyyky4aj4cJgg==
ris3tjjq-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/lOvtxKJz/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/ris3tjjq-320.jpg
20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/ris3tjjq-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
920704d04ce8ef10e2fd3580457c0d55534d9331287d3476633088fdf60b221c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:14 GMT
content-encoding
gzip
age
810
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
20047
x-served-by
cache-iad-kjyo7100150-IAD, cache-yul12831-YUL
access-control-allow-origin
*
last-modified
Fri, 04 Feb 2022 00:15:12 GMT
server
nginx
x-timer
S1644715935.947768,VS0,VE1
etag
"298bea921dce239ec9ae426fd26389a2"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Sun, 13 Feb 2022 01:29:46 GMT
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
server
openresty
age
148
location
https://assets-jpcust.jwpsrv.com/thumbnails/ris3tjjq-320.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-amz-cf-pop
EWR53-C1
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
sngBPWh2ZGlPNBk3tfo9lfhjlZK6ytgyrYxJOl7nhPte-kdnFcH3yQ==
ec2l27l8-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/43vMFhPX/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/ec2l27l8-320.jpg
23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/ec2l27l8-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a7dd95bcd89992b3f0c22c6595e1fde08bd2ed952f56f30452e2e6d8f492e5c4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:14 GMT
content-encoding
gzip
age
877
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
22971
x-served-by
cache-iad-kcgs7200158-IAD, cache-yul12831-YUL
access-control-allow-origin
*
last-modified
Thu, 03 Feb 2022 21:02:09 GMT
server
nginx
x-timer
S1644715935.948295,VS0,VE1
etag
"fe1a84668986f237a5333da755742973"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Sun, 13 Feb 2022 01:29:46 GMT
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
server
openresty
age
148
location
https://assets-jpcust.jwpsrv.com/thumbnails/ec2l27l8-320.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-amz-cf-pop
EWR53-C1
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
vD1mPuKZsJNWPa-ABGe4-m7jjOOj8DXC3XyE3w7MTVftKr0quUhQFQ==
i1kd25p8-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/RGhS174f/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/i1kd25p8-320.jpg
18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/i1kd25p8-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ce9ea63f0bf9771a6876590ebd9fba9893ec95f07d3b029a91a11ebf20b495e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:14 GMT
content-encoding
gzip
age
201
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
18113
x-served-by
cache-iad-kiad7000128-IAD, cache-yul12831-YUL
access-control-allow-origin
*
last-modified
Thu, 10 Feb 2022 23:47:02 GMT
server
nginx
x-timer
S1644715935.948162,VS0,VE1
etag
"2b8635d2b8f5363b8bcb4dc3da2b1b03"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Sun, 13 Feb 2022 01:29:47 GMT
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
server
openresty
age
147
location
https://assets-jpcust.jwpsrv.com/thumbnails/i1kd25p8-320.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-amz-cf-pop
EWR53-C1
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
O26c8r_SmAi4e1dUS7rV4co0pjgCZrtkZd8Ebrlu-RslLvEmCgO64w==
IrYAVodh.js
cdn.jwplayer.com/libraries/ 		112 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/IrYAVodh.js
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/d425b4b71b15e7eb53b310.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:4400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
8a51c459b7a64e5655ce8e1a6003c9bb14e54fc5cb5f8828c12998656e004615

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:31:28 GMT
content-encoding
gzip
server
openresty
age
46
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
x-amz-cf-pop
EWR53-C1
content-length
40310
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
x-amz-cf-id
sanSTsOg9lZ1GzH9zf0S724BUux807OB3YrKSIXikkYGCBG1K3vtfA==
expires
Sun, 13 Feb 2022 01:33:58 GMT
1feCWPBf
cdn.jwplayer.com/v2/media/ 		51 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/media/1feCWPBf
Requested by
Host: gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
URL: https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/9.1.0/websites/js/0b2413a94440f820750f2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:4400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
fe74d9ad0e39fa25a47d269d292da6be259b3b9ee3856925fbbc8f11bd52458d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:31:41 GMT
content-encoding
gzip
server
openresty
age
34
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-amz-cf-pop
EWR53-C1
content-length
69
via
1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)
x-amz-cf-id
g5Y3A-_lTx58VVZA20_MRdkeXgQiUpqWaNxvyCIs6aAhN081DhXehQ==
expires
Sun, 13 Feb 2022 01:33:16
googima.js
ssl.p.jwpcdn.com/player/plugins/googima/v/8.10.0/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/plugins/googima/v/8.10.0/googima.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49024b11d9bc8562883dfba5e78f983b304ebe8ecbe452b6aebc19678a649cd5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
age
2016328
x-cache
HIT
content-length
21956
via
1.1 varnish
x-served-by
cache-yul12831-YUL
last-modified
Thu, 13 Jan 2022 21:14:24 GMT
server
AmazonS3
x-timer
S1644715935.065150,VS0,VE0
etag
"5acfb4f9d0449bcbfc0e8e5cce2f9dbb"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
637116
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.24.3/ 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.3/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aefe09194c600df28a1d55fd7148031678d5d7a19d337d532cb4efcecff81869

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
age
597
x-cache
HIT
content-length
18658
via
1.1 varnish
x-served-by
cache-yul12831-YUL
last-modified
Wed, 02 Feb 2022 23:47:03 GMT
server
AmazonS3
x-timer
S1644715935.065211,VS0,VE0
etag
"f50a9a91be4569c9271626978d999b7a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
21619
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.24.3/ 		309 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.3/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5cf7b01e9bad3d3a9da846f6be9bde1e9e50625bc4c0c19ef3f2cc52ab0278b7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
age
812438
x-cache
HIT
content-length
81490
via
1.1 varnish
x-served-by
cache-yul12831-YUL
last-modified
Wed, 02 Feb 2022 23:46:53 GMT
server
AmazonS3
x-timer
S1644715935.065346,VS0,VE0
etag
"a99512d5317fbe4cd7b8949ad229be5a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
448267
1feCWPBf
cdn.jwplayer.com/v2/playlists/ 		48 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/1feCWPBf
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:4400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
4fd6de4b6589a6a8ff819c1c64387cc6e1ca93a1f7cb836d61cba906de606c35

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:31:41 GMT
content-encoding
gzip
server
openresty
age
34
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-amz-cf-pop
EWR53-C1
content-length
5349
via
1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)
x-amz-cf-id
Y4rvlI8fos9qQPRwLKVRvAasFWlNlPo_t9iUc0AV5cJpfBOGY3BhGQ==
expires
Sun, 13 Feb 2022 01:32:23
EP4j6LNJEeu2Q2J+7u8ONQ.json
entitlements.jwplayer.com/ 		69 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/EP4j6LNJEeu2Q2J+7u8ONQ.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.5.228 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/790E) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
last-modified
Sun, 13 Feb 2022 01:00:11 GMT
server
ECAcc (nya/790E)
age
1924
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=12000
accept-ranges
bytes
content-length
75
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c493e2454c7473d746982a8a8cccc744120ffa456955fd7e69ed2c5b34bba9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122263
x-xss-protection
0
expires
Sun, 13 Feb 2022 01:32:15 GMT
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.24.3/ 		387 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.3/provider.hlsjs.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bfe57a23d8ef229c88a3d24babf237122d897f8f6f43e69c6cc4ebe14896687

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
age
812438
x-cache
HIT
content-length
113210
via
1.1 varnish
x-served-by
cache-yul12831-YUL
last-modified
Wed, 02 Feb 2022 23:46:58 GMT
server
AmazonS3
x-timer
S1644715935.137796,VS0,VE0
etag
"ba7d083531c284e20d19b93345e56932"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
280593
SPug
simage4.pubmatic.com/AdServer/ Frame D828 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 8CFB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuf3kDkU8BF6qzbUEHR0JDeQIQIp3xoCTn5Gj33Y8rgJJH8tFvBY-O3j5Uaotep4S7THkOzbu2CJTTSQG-TV9fCO4LXR_q55jlVeZHmJ_uy9ldWh4k2&sig=Cg0ArKJSzNvXBZCBPruQEAE&id=lidar2&mcvt=1003&p=152,315,402,1285&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220209&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3199675837&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644715933912&rpt=224&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1r4ztiXq.vtt
assets-jpcust.jwpsrv.com/tracks/
Redirect Chain
  • https://cdn.jwplayer.com/tracks/1r4ztiXq.vtt
  • https://assets-jpcust.jwpsrv.com/tracks/1r4ztiXq.vtt
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/tracks/1r4ztiXq.vtt
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
04a9d1e0e044c59ee3d9644a7684a20660e6903c61f62bd4abcfd711d81c90d5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
age
425
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
2205
x-served-by
cache-iad-kiad7000113-IAD, cache-yul12824-YUL
access-control-allow-origin
*
last-modified
Thu, 10 Feb 2022 23:51:39 GMT
server
nginx
x-timer
S1644715935.296727,VS0,VE15
etag
"bbc931b5cfb545c0f613c3e9f919c8fa"
vary
Accept-Encoding
content-type
text/vtt
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Sun, 13 Feb 2022 01:32:15 GMT
via
1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-C1
location
https://assets-jpcust.jwpsrv.com/tracks/1r4ztiXq.vtt
x-cache
Miss from cloudfront
content-type
text/html
access-control-allow-origin
*
content-length
166
x-amz-cf-id
PJb7Rgdj_UkEh8LEdC3d1Lfj7qjpZ7j-bcijqgmTHbuLRXaSG_SUDA==
polyfills.webvtt.js
ssl.p.jwpcdn.com/player/v/8.24.3/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.3/polyfills.webvtt.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d892f19dba31160274b74eb7c62fb2b6a89efc5e4da75144ec1d0ed0b15e5a08

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
age
812330
x-cache
HIT
content-length
4217
via
1.1 varnish
x-served-by
cache-yul12831-YUL
last-modified
Wed, 02 Feb 2022 23:46:57 GMT
server
AmazonS3
x-timer
S1644715935.205511,VS0,VE0
etag
"b1a4b5503966baf298808d6672771831"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
65518
RGhS174f-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/RGhS174f-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/RGhS174f-120.vtt
5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/RGhS174f-120.vtt
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cc571d5e3b93898e373f09f0dbccd2bbfd8e241aa56a35a1685470e47b09b927

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
age
426
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
876
x-served-by
cache-iad-kcgs7200156-IAD, cache-yul12824-YUL
access-control-allow-origin
*
last-modified
Thu, 10 Feb 2022 23:47:21 GMT
server
nginx
x-timer
S1644715935.299539,VS0,VE1
etag
"fe63a18c1b35092f17e87e044f724894"
vary
Accept-Encoding
content-type
text/vtt
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Sun, 13 Feb 2022 01:31:18 GMT
via
1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)
server
openresty
age
57
location
https://assets-jpcust.jwpsrv.com/strips/RGhS174f-120.vtt
x-cache
Hit from cloudfront
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
EWR53-C1
content-length
166
x-amz-cf-id
OQ28IgsJmzVChWO6zSc3RsM5-hkqDh6CfjsrreY6VJ2qLE9CAyOayA==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.24.3/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.3/provider.cast.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cd7eab92dcc04e7057d83a115c54de3d28e12634131e390fc005a06a2071a53

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
age
812437
x-cache
HIT
content-length
9002
via
1.1 varnish
x-served-by
cache-yul12831-YUL
last-modified
Wed, 02 Feb 2022 23:46:58 GMT
server
AmazonS3
x-timer
S1644715935.249933,VS0,VE0
etag
"b3fd54f5e5702e3206bb36d2483ea577"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
118643
related.js
ssl.p.jwpcdn.com/player/v/8.24.3/ 		109 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.3/related.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb5e2ea41114aac7cc85db465754f2f71644dc601ff16689ac1c3afbddc66138

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
age
812437
x-cache
HIT
content-length
25207
via
1.1 varnish
x-served-by
cache-yul12831-YUL
last-modified
Wed, 02 Feb 2022 23:47:01 GMT
server
AmazonS3
x-timer
S1644715935.250054,VS0,VE0
etag
"3244e814aba5e28b2d0b25b5fa10fbcf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
363956
RGhS174f.m3u8
cdn.jwplayer.com/manifests/ 		2 KB
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/manifests/RGhS174f.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.3/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:4400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
1709a90f916b32d51ac83bddf435fbce9c2afcf78c9aa5bba4599fe6e0cbb9f9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:29:56 GMT
content-encoding
gzip
server
openresty
age
139
x-cache
Hit from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, max-stale=180
x-amz-cf-pop
EWR53-C1
content-length
471
via
1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)
x-amz-cf-id
-96FBZ3NY0a9XJ-muqLAMU9wP03L2UpKbwayXDzWfmtWagCGJ6gLwQ==
expires
Sun, 13 Feb 2022 01:36:59 GMT
i1kd25p8-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/RGhS174f/poster.jpg?width=640
  • https://assets-jpcust.jwpsrv.com/thumbnails/i1kd25p8-640.jpg
43 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/i1kd25p8-640.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
65a84221357c08b04f0c3ac8a245d66f0cf023ac9e9e5a55e42871b51433d6ee

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
age
417
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
41329
x-served-by
cache-iad-kiad7000057-IAD, cache-yul12831-YUL
access-control-allow-origin
*
last-modified
Thu, 10 Feb 2022 23:47:02 GMT
server
nginx
x-timer
S1644715935.300330,VS0,VE16
etag
"b49502f240c987c28f15f3ba0f1e00b3"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Sun, 13 Feb 2022 01:32:15 GMT
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/i1kd25p8-640.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
BQJunRyTQGf0cdjLvvd93v5pugKg6l_pIdGFa5uR_x2qApTX1n3OLg==
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=1914427205&e=e&n=8430070131254677&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=JzulZX9f&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=10gtuowmy999&i=0&id=RGhS174f&lid=uoo88i1qx1tj&lsa=set&mt=0&pbd=1&pbr=1&pgi=jzsis1i26tzs&ph=1&pid=IrYAVodh&pii=0&pl=282&plc=20&pli=839zti185rbk&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Home%20%7C%20Calgary%20Herald&pu=https%3A%2F%2Fgcp-cheet-4400-calgaryherald.gdev.postmedia.digital%2F&pv=8.24.3&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=COVID-19%20Update%3A%201363%20New%20Cases%2C%20More%20Rapid%20Tests%20Delivered&tv=3.38.0&vb=1&vi=1&vl=90&wd=501&ab=1&cae=0&cb=1&cdid=player-1&cme=0&dd=1&flc=0&fv=&ga=0&lng=en-CA&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FRGhS174f.m3u8&pbc=0&pd=2&pdr=&plng=en-CA&plt=28850&pni=0&po=0&rf=%2F%2Fcdn.jwplayer.com%2Fv2%2Fplaylists%2FuzU5KAZg%3Frelated_media_id%3DMEDIAID&sp=0&st=190&sa=1644715935244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-served-by
cache-yul12831-YUL
x-cache
MISS
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=d90ae140-d420-29a3-51a8-fd1c890b8454&tv=%7Bc:43NPdd,pingTime:-10,time:1092,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1644715934714%7C%7C4ffac8281900235cae7ae9c07b1b4b9c%7C%7C920bd99aa4265c459f442b819dba176b%7C%7Cbbe8f17ddca1d25de808f3f8588a68f7%7C%7C9d5ff7a790b8da6b2bf14a81b3a73aa9%7C%7C1beb434c54d113253460521447bd0116%7C%7Cb807374ee7295719dd4038535923f354%7C%7C30392476f9f407f108b744bb45b2f076%7C%7C1629390669,sca:%7Bspg:45568c3f-6dd3-fcb3-3f0a-e9304b70fbf5%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.42.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-42-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:15 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
RGhS174f-33887832.mp4.m3u8
videos-fms.jwpsrv.com/0_62090723_0xbb5aec34ca1e2026508333c0b8d9d0459b87af8d/content/conversions/ReDAXyY4/videos/ 		4 KB
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-fms.jwpsrv.com/0_62090723_0xbb5aec34ca1e2026508333c0b8d9d0459b87af8d/content/conversions/ReDAXyY4/videos/RGhS174f-33887832.mp4.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.3/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
86cd59bb97bf565aee7bdab245971948eb6c32e9033b0a7dc831614a097e30e8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
via
1.1 varnish, 1.1 varnish
x-backend
https://s3-external-1.amazonaws.com
age
178437
x-cache
HIT, HIT
fastly-stats
otfp=1
content-encoding
gzip
content-length
367
x-served-by
cache-iad-kjyo7100146-IAD, cache-yul12820-YUL
server
otfp
x-timer
S1644715935.317890,VS0,VE1
etag
"x4vJWAkMFGgZL-nHomVy3_PpOnH92ItrObSJfnXbrZo96RABRgQyKsrm55vdCAE2aG7k4OVDKoxvf358mJn8d4Z4KzgV"
vary
Accept-Encoding
content-type
application/x-mpegurl
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-cache-hits
1, 1
bridge3.498.1_en_ca.html
imasdk.googleapis.com/js/core/ Frame 8828 		585 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.498.1_en_ca.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e56823f3139580f0c079fdff0735151140bfeb477472cf67ce8d075cb1a7ddc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194651
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 09 Feb 2022 00:03:16 GMT
expires
Thu, 09 Feb 2023 00:03:16 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 08 Feb 2022 23:54:13 GMT
content-type
text/html
age
350939
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 13 Feb 2022 01:32:15 GMT
vttparser.js
ssl.p.jwpcdn.com/player/v/8.24.3/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.3/vttparser.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b1ba116afcfc07575273fd85029b04ff45cd35f5104e04f14da964b6722f547

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
age
812219
x-cache
HIT
content-length
1973
via
1.1 varnish
x-served-by
cache-yul12831-YUL
last-modified
Wed, 02 Feb 2022 23:47:00 GMT
server
AmazonS3
x-timer
S1644715935.353986,VS0,VE0
etag
"7c60181c41eea514b914876f96d439ae"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
69908
RGhS174f-33887832.mp4-1.ts
videos-fms.jwpsrv.com/0_62090723_0xbb5aec34ca1e2026508333c0b8d9d0459b87af8d/content/conversions/ReDAXyY4/videos/ 		159 KB
159 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-fms.jwpsrv.com/0_62090723_0xbb5aec34ca1e2026508333c0b8d9d0459b87af8d/content/conversions/ReDAXyY4/videos/RGhS174f-33887832.mp4-1.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.3/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
1b7b592ee9e8e65a08121040a795201b39942e5186981058654efad0d89b82b8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
via
1.1 varnish, 1.1 varnish
x-backend
https://s3-external-1.amazonaws.com
age
174191
x-cache
HIT, HIT
fastly-stats
otfp=1
content-length
162808
x-served-by
cache-iad-kcgs7200089-IAD, cache-yul12820-YUL
x-fastly-otfp-info
ss=0.000 sl=4.000 vl=350.667 rs=640x360
server
otfp
x-timer
S1644715935.361084,VS0,VE2
etag
"nerz429v2I13vMKNHvKUNE9fxkQd6qrWvm2r3VtNiqQFGO9SOsQqAxNLah1FBwd8whqELekUaCydL8MGIJb212W9RBsB"
content-type
video/mp2t
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-cache-hits
1, 1
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=45568c3f-6dd3-fcb3-3f0a-e9304b70fbf5&tv=%7Bc:43NPeP,pingTime:1,time:1220,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:130%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1220,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:130,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1115~100%5D,as:%5B1115~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:29,fm:sXhqrHh+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a%7C1b%7C1c.928934%7C1c1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.42.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-42-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:15 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=45568c3f-6dd3-fcb3-3f0a-e9304b70fbf5&tv=%7Bc:43NPeQ,pingTime:1,time:1221,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:130%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1221,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:130,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1116~100%5D,as:%5B1116~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:29,fm:sXhqrHh+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a%7C1b%7C1c.928934%7C1c1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.42.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-42-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:15 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=45568c3f-6dd3-fcb3-3f0a-e9304b70fbf5&tv=%7Bc:43NPeQ,pingTime:1,time:1221,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:130%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1221,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:130,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1116~100%5D,as:%5B1116~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:29,fm:sXhqrHh+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a%7C1b%7C1c.928934%7C1c1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.42.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-42-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:15 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Feb 2022 01:32:15 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A71D 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 00:56:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 13 Feb 2022 01:56:25 GMT
268775a4-eb07-4482-89f9-62a2d332ced7
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/ 		87 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/268775a4-eb07-4482-89f9-62a2d332ced7
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4cd5d51c0d2dc754d6e756033204ff2e492c722eef0ba69624210a14ec94f5e1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
88592
Content-Type
text/javascript
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12390
x-xss-protection
0
last-modified
Mon, 06 Jul 2020 23:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="chrome-dongle"
expires
Sun, 13 Feb 2022 01:32:15 GMT
cast_sender.js
www.gstatic.com/eureka/clank/98/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/98/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 15:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15480
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:03:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Sun, 13 Feb 2022 15:36:51 GMT
ogbj77ch-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/9HBenCFU/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/ogbj77ch-120.jpg
7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/ogbj77ch-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4a72dda34ffb865b3a4bfbbf7b384810ea05a0a5c50d2904c61f80df4165c6a9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 01:32:15 GMT
content-encoding
gzip
age
662
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
7544
x-served-by
cache-iad-kjyo7100052-IAD, cache-yul12831-YUL
access-control-allow-origin
*
last-modified
Thu, 10 Feb 2022 20:41:50 GMT
server
nginx
x-timer
S1644715936.944037,VS0,VE0
etag
"0a5329870c90c4ec573d2317dd080037"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 2

Redirect headers

date
Sun, 13 Feb 2022 01:31:03 GMT
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
server
openresty
age
72
location
https://assets-jpcust.jwpsrv.com/thumbnails/ogbj77ch-120.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-amz-cf-pop
EWR53-C1
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Clu5oMb3nnaOd5__ixNTCsgwaHvbAZpA-fqJDXzDIu7KsMswM0ow0A==
events
jssdks.mparticle.com/v3/JS/us1-a9588c0ddc27594cabd152e47ffe27ee/ 		42 B
287 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-a9588c0ddc27594cabd152e47ffe27ee/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
dfb79453fa41801659e76c41203c818eaf214f741549ec23e26f72c492bd7d95

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 13 Feb 2022 01:32:17 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1644715937.095061,VS0,VE16
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by
cache-yul12831-YUL
vary
Accept-Encoding
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=45568c3f-6dd3-fcb3-3f0a-e9304b70fbf5&tv=%7Bc:43NQgr,pingTime:5,time:5164,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:130%7D%5D,es:0,sc:1,ha:1,fgad:0,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5164,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:130,wc:0.0.1600.1200,ac:315.152.970.250,am:i,cc:315.152.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5059~100%5D,as:%5B5059~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:79,fm:sXhqrHh+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a%7C1b%7C1c.928934%7C1c1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.42.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-42-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 01:32:19 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 function| structuredClone function| setNptTechAdblockerCookie object| script object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| PARSELY function| BlockAdBlock object| blockAdBlock object| webpackJsonpFrontEndModules object| tp object| FrontEndModules object| googletag object| aax object| apstag function| Krux object| dataLayer object| KruxDataLayer function| _typeof object| __iasPET object| mParticle object| webpackChunkdjango_content_services object| ggeac object| google_js_reporting_queue object| headertag object| Criteo function| headertag_render object| pbjs function| sovrn_render boolean| apstagLOADED object| districtmHeader object| diagPixSentCodes object| __iasAdRefreshConfig object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_119 object| Criteo_119 string| iasScores object| regeneratorRuntime undefined| google_measure_js_timing function| udm_ object| _comscore object| COMSCORE object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| _linkedin_data_partner_id function| fbq function| _fbq function| twq function| onYouTubeIframeAPIReady object| vf object| vfQ object| gtm_data_layer object| Sailthru object| twttr function| lintrk boolean| _already_called_lintrk function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp object| PianoESPConfig object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| Ribn object| GoogleGcLKhOms object| __IntegralASExec object| google_image_requests object| jwDefaults object| webpackChunkjwplayer function| jwplayer object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_2923 function| WebVTT object| closure_lm_955544 object| cast

118 Cookies

Domain/Path Name / Value
.prcdn.co/ Name: __cfruid
Value: 52e1d8fed31cc80028391c712e329a563e84092d-1644715931
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/ Name:
Value: test
.postmedia.digital/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/%22%2C%22sref%22:%22%22%2C%22sts%22:1644715931584%2C%22slts%22:0}
.postmedia.digital/ Name: _parsely_visitor
Value: {%22id%22:%22pid=7ba8f8cc2e7af941ed57adf7cbd80a3d%22%2C%22session_count%22:1%2C%22last_session_ts%22:1644715931584}
.adsrvr.org/ Name: TDID
Value: a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/ Name: __adblocker
Value: false
.postmedia.digital/ Name: _gcl_au
Value: 1.1.219306875.1644715932
.scorecardresearch.com/ Name: UID
Value: 1E625add2de0e314f0b99d01644715932
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/ Name: x-id
Value: {"data":{"id":"fgbvnrjn2i699wz5t5eribkvrvu19qsfi","updated":1644715932075},"exp":604800000,"ts":1644715932077,"mac":-1538005256}
d395dw5zk780j2.cloudfront.net/ Name: x-id
Value: {"data":{"id":"fgbvnrjn2i699wz5t5eribkvrvu19qsfi","updated":1644715932075},"exp":604800000,"ts":1644715932101,"mac":-1537982378}
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1644715932103,"mac":1192549093}
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/ Name: sailthru_pageviews
Value: 1
.postmedia.digital/ Name: mprtcl-v4_767FC2FC
Value: {'gs':{'ie':1|'dt':'us1-a9588c0ddc27594cabd152e47ffe27ee'|'av':'1.0.0'|'cgid':'cb2afa67-8fc5-4029-bae2-72b6f4cabf15'|'das':'d891e25c-8028-4f43-bb2b-7417d59dcb46'|'csm':'WyItNDI1OTI1MjUzODk4ODk5ODIyNCJd'|'sid':'CDF49B6F-2700-499C-AFDA-33AA874C7E1A'|'les':1644715932137|'ssd':1644715931894}|'l':1|'-4259252538988998224':{'fst':1644715932050|'ui':'eyIwIjoiZmdidm5yam4yaTY5OXd6NXQ1ZXJpYmt2cnZ1MTlxc2ZpIn0='}|'cu':'-4259252538988998224'}
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/ Name: sailthru_visitor
Value: 6aec5571-35f3-4bd0-864b-b1822e04e53c
.krxd.net/ Name: _kuid_
Value: OqL2aahy
.linkedin.com/ Name: li_sugr
Value: 942fb72d-7d48-4ce2-940d-3eba49869608
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&d53d7ed2-9f70-4885-8ccf-ad74e1a18f09"
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2221:u=1:x=1:i=1644715932:t=1644802332:v=2:sig=AQGszdOzaYnR-XK2AiEVyPgYuBtltT1C"
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNrIwNDA2NDM1NbQwMTOwNDE0MRTiM9R1DgjOqEzPNPQrdyuR4jU0MzExNzS1NDYyNjEHAKG0i9o0AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAGsS5DU0MzExNzS1NDYyNjEHAInX1eYQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNrIwNDA2NDM1NbQwMTOwNDE0MRTiM9R1DgjOqEzPNPQrdysBAMqRe9UlAAAA
.sitescout.com/ Name: ssi
Value: b043fb3a-bab3-4bf1-aef7-4979946273f2#1644715932353
.twitter.com/ Name: personalization_id
Value: "v1_LXmK+QzrrN61Q4M6Kb7XAw=="
.dotomi.com/ Name: DotomiTest
Value: 2801dabaddde122e
.t.co/ Name: muc_ads
Value: 310eb286-d0f2-46a0-93b1-80037f88d9b7
.postmedia.digital/ Name: _fbp
Value: fb.1.1644715932423.113371096
.openx.net/ Name: i
Value: ea3c601b-d047-010e-064f-77d88fea4bd3|1644715932
.yahoo.com/ Name: A3
Value: d=AQABBJxfCGICEK282uS4BgXm5Vre5mBgQjIFEgEBAQGxCWISYgAAAAAA_eMAAA&S=AQAAAqU35K98QJMNuldDnwlHpQk
.facebook.com/ Name: fr
Value: 0LlyBXqKjpy79PYvs..BiCF-c...1.0.BiCF-c.
.linkedin.com/ Name: UserMatchHistory
Value: AQLURqASmI2SIgAAAX7wtXs_mRiLBj5LkzuBibtATVLkUcYWZczRvtQITYCwUsStpO3P3k_t6Ia5DQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLy9EG9MIjlZwAAAX7wtXs_tK70nVaqHkvYDmmhha8PUcPlTaLCc7Fa-610tmsIB8GAqvN7zAyQtADZc7ELRg
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GVJmp>6=!]tbP6j2F-XstGt!@Dju$q#F#
.bidswitch.net/ Name: tuuid
Value: 9bbb9553-58e5-4e91-8ed3-266e47bf9716
.bidswitch.net/ Name: c
Value: 1644715932
.bidswitch.net/ Name: tuuid_lu
Value: 1644715932
.doubleclick.net/ Name: IDE
Value: AHWqTUkZIK9MG6PURg7bwUvzwx7HpD3mEOeIi_KqJhF2ErzNduzIqdpS3kWsSTuH
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital/ Name: __pnahc
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A6v6jThnEkwZqVVJASWk0vY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.piano.io/ Name: __cf_bm
Value: LplD0S6RlPuv1XtPGj1pS9zig7Mmd_PbJyXT6vWhrzw-1644715932-0-AUGWg1kq7rEGk4G7pVFIXKhZ3m0bPGxeNQmac9n3Tc8rZXib+sfN1irRx4N8VP2VYRxA2ORlyEpz9YeNcnsluMg=
.postmedia.digital/ Name: __tbc
Value: %7Bkpex%7DdGm9vGapJOD6gLIcZz9QcAe1YZN6e6JYhwwRr74zH_BaHSyUbcx6dkULgKUzuT0eg_q3MkkDUFmx5ZadwCL7YJEqunRCewCIxsb0DywhFA4
.postmedia.digital/ Name: __pat
Value: -18000000
.postmedia.digital/ Name: __pvi
Value: %7B%22id%22%3A%22v-2022-02-13-01-32-12-556-xS03lTk2uIzf6chA-7f37f111401289c9fc77183a0c79c9c1%22%2C%22domain%22%3A%22.postmedia.digital%22%2C%22time%22%3A1644715932693%7D
.postmedia.digital/ Name: xbc
Value: %7Bkpex%7DXHME1y-p3bXxNOK8FYQtTW2t2oQGK2kd6n23MhRI5Q0
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&202202130132122808f7ee-9223-4fd1-8c02-5a8e7e30438fAQGgh9ymn_uB6numw0M-8KRzyX7PDeW1"
.adnxs.com/ Name: icu
Value: ChgIgoE9EAoYASABKAEwnL-hkAY4AUABSAEQnL-hkAYYAA..
.adnxs.com/ Name: uuid2
Value: 8667337647848647956
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YghfnAAFx_jleABB
.lijit.com/ Name: ljt_reader
Value: a820fd54c267d6ab11a25a68
.openx.net/ Name: univ_id
Value: 537072971|a15b02f9-b5e7-4723-a3f4-bf06f40f96f7|1644715932803046
.openx.net/ Name: pd
Value: v2|1644715932|mmiKbwuYvPvMeSgahEgKkWg2f8kegy
.ml314.com/ Name: u
Value: aHR0cHM6Ly9jZG4ua3J4ZC5uZXQvcGFydG5lcmpzL3hkaS9wcm94eS4zZDIxMDBmZDcxMDcyNjJlY2I1NWNlNjg0N2YwMWZhNS5odG1sIyFreGNpZD11ZXBvcHhkM2Uma3h0PWh0dHBzJTNBJTJGJTJGZ2NwLWNoZWV0LTQ0MDAtY2FsZ2FyeWhlcmFsZC5nZGV2LnBvc3RtZWRpYS5kaWdpdGFsJmt4Y2w9Y2RuJmt4cD0=
.ml314.com/ Name: pi
Value: 3625099911703822402
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwUbIyNDMxtTQyNTU20lGyMEPlGxmj8SHyJuamloYgvgmKfC0AnNUQXw%3D%3D
.casalemedia.com/ Name: CMID
Value: YghfnIyezY.iUenVdrLf2AAA
.casalemedia.com/ Name: CMPS
Value: 469
.sharethrough.com/ Name: stx_user_id
Value: 2973c7ab-8b7d-48a3-999a-2acbfcf8b152
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1e9dd736-0d67-498b-610d-404f3cc47910.7JilN%2F%2FHG5tCzVpkbXccQys0pwRoFQo%2FPQ77FeUyo6Y
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AHp3XNg1nSYthDUBPPMR5EJU4mbs.D1rSH3Vx3zS3vQ1psZhcz7ksUGnx%2Fcc4IhFU%2FjmZ%2Bjk
.3lift.com/ Name: tluid
Value: 381034751553238883548
.advertising.com/ Name: APID
Value: UPc4d85059-8c6c-11ec-9b2f-028471d182b5
.turn.com/ Name: uid
Value: 3103328912798622740
.pippio.com/ Name: did
Value: BbeUc7qN3jCnvBJy
.pippio.com/ Name: didts
Value: 1644715932
.pippio.com/ Name: nnls
Value:
.bidr.io/ Name: bito
Value: AABUrk7EEL8AAH6ryNqkLQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMPRO
Value: 515
.sitescout.com/ Name: _ssuma
Value: eyIxNyI6MTY0NDcxNTkzMjk0Nn0
.tapad.com/ Name: TapAd_TS
Value: 1644715932973
.tapad.com/ Name: TapAd_DID
Value: 32e45c7a-b939-414b-a36e-2b894b7f5d18
.agkn.com/ Name: ab
Value: 0001%3ArJtHr%2BYwOINmIwDoRPkMJc8fwJyF9AgO
.ipredictive.com/ Name: cu
Value: c4f2b6e1-8c6c-11ec-a6ce-4582b9d74417|1644715933024
.analytics.yahoo.com/ Name: IDSYNC
Value: "191l~237d:18za~237d"
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adsymptotic.com/ Name: U
Value: 55b0ea5a07998d74563903e103a963f4
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 308143D1-FDEB-4FE7-9656-E9D50BF2F0F4
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156011:2
.pubmatic.com/ Name: DPSync3
Value: 1645920000%3A197_201%7C1645315200%3A164%7C1644796800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1645920000%3A220_21_13_22_54%7C1645315200%3A2
.pippio.com/ Name: pxrc
Value: CJ2/oZAGEgQIAhAAEgYI7OsBEAA=
.lijit.com/ Name: _ljtrtb_84
Value: c:a643638e815cf4bb0d313e32e48c12ab
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2FJQXJJR0d6STFNa05xZEhKTU4wZDBWM2xDY0dOc1UwMHlUMEV5VFhSVk43b0dOd2lSVGhJeVlqQTBNMlppTTJFdFltRmlNeTAwWW1ZeExXRmxaamN0TkRrM09UazBOakkzTTJZeUxUWXlNRGcxWmpsakxUUXpOREc2QmlBSWwwNFNHMEZCUVVka1VtMTRkRkIwZG5aUlRsWTVZVnB5UVVGQlFVRkJRYm9HS1FpWlRoSWtPV0ppWWprMU5UTXROVGhsTlMwMFpUa3hMVGhsWkRNdE1qWTJaVFEzWW1ZNU56RTJ1Z1lEQ0twT3VnWURDSzVPdWdZRENMQk91Z1lZQ01oT0VoTXlPREV3TXpFMk5UVXhPRFEyTURrME1UUXh1Z1l4Q01sT0VpeDVMVlJxTVdveVJrNUZNblZHUnpKMVpUVTVWMHRpV1ZOSVkwUmZkMGd6VkRsQlRETnlURU5LYXkxK1FRPT0iLCJpYXQiOjE2NDQ3MTU5MzN9.YLrZMVTc8UpuSdJoPOZoWozEjvCHJ2-kKIGPt9gBfEDVP5Djx-3OvzzodJL3XzIeEdEQ5OUyBKeJWNxgf5S34g
.rubiconproject.com/ Name: khaos
Value: KZKLEG2U-28-EZK2
.adform.net/ Name: C
Value: 1
.rlcdn.com/ Name: rlas3
Value: WW+N2s7D78l1y0iCDBrUKlTbt9DJuNxqss3voOBvKbM=
.rlcdn.com/ Name: pxrc
Value: CJy/oZAGEgUI6EcQABIGCLjrARAB
.linksynergy.com/ Name: rmuid
Value: d29dc20e-a231-4221-a924-819d4be8a442
.linksynergy.com/ Name: icts
Value: 2022-02-13T01:32:13Z
.adform.net/ Name: uid
Value: 666847245958727534
.zemanta.com/ Name: zuid
Value: bzU-u8HTKP9_2o80dcB0
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3103328912798622740
.pubmatic.com/ Name: PugT
Value: 1644715933
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YghfnAAFx_jleABB&KRTB&22978-YghfnAAFx_jleABB&KRTB&23194-YghfnAAFx_jleABB&KRTB&23209-YghfnAAFx_jleABB
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-a15b02f9-b5e7-4723-a3f4-bf06f40f96f7&KRTB&22918-a15b02f9-b5e7-4723-a3f4-bf06f40f96f7&KRTB&23031-a15b02f9-b5e7-4723-a3f4-bf06f40f96f7
.casalemedia.com/ Name: CMST
Value: YghfnGIIX50A
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESENnJNMUOMnYAgKMcqumPXIM&KRTB&22987-CAESENnJNMUOMnYAgKMcqumPXIM&KRTB&23025-CAESENnJNMUOMnYAgKMcqumPXIM
.simpli.fi/ Name: suid
Value: 983B279EBD374698BAAD0301ECEDFA99
.creativecdn.com/ Name: u
Value: e63aAMuDi0C7XHwfQCjA
.creativecdn.com/ Name: ts
Value: 1644715933
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:983B279EBD374698BAAD0301ECEDFA99
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFb3BlbngSCwjmycqU1qa3OhAFEhsKDHNoYXJldGhyb3VnaBILCKzi5ZfWprc6EAUSFwoIcHVibWF0aWMSCwj0xaaY1qa3OhAFGAEgAigCMgsI9L2pxeymtzoQBTgBWghwdWJtYXRpY2AC
.nrich.ai/ Name: _nauid
Value: 071806d2-0ede-41e6-8102-689aa59fae30
.quantserve.com/ Name: d
Value: EDkBDQG3Jd-owQA
.quantserve.com/ Name: mc
Value: 62085f9d-5906b-786c3-4caba
.lijit.com/ Name: _ljtrtb_26
Value: 9bbb9553-58e5-4e91-8ed3-266e47bf9716
.lijit.com/ Name: ljtrtb
Value: eJwNyskRgCAMAMBe8pYZc5LQDYHQhGPvuu99gAwGRGaGKjf10iYV2Lw2NzIr6Xmio8EFLv9dY5qwsZejriOZ92bkYirxhTQT3g%2BsVRYA
.lijit.com/ Name: _ljtrtb_86
Value: e63aAMuDi0C7XHwfQCjA
.mathtag.com/ Name: uuid
Value: d9ae6208-5f9d-4100-b925-a96c5d425bad
.rubiconproject.com/ Name: audit
Value: 1|RIzGGUOiM15A64ceJsdaBRCSZaItEs4rhwg9GCxGogIeECEUBMheikaw2Mn3KIt77TzCXFR8/KLqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.criteo.com/ Name: uid
Value: 192b8d98-081b-4b22-98a1-91e4a59387c8
.postmedia.digital/ Name: cto_bundle
Value: iMpgmF9QYW5YQ3NYaU5XVk5KV2VsZ0JNV0plU004aGx2eiUyQm95TFdtblFNbFUzYmVtUk93UkEyR0xxRVQlMkJ0bmxOSlowaHI3Sk5KVFdLbElqdTB1bVBHZmFwOXN4cklCNWFjenlxMkFjWVhjSnElMkJQRE1ad2ZvZllhU1YzJTJCYlQwVU5ScmsyaiUyRm5OUktCdkxTRlR1SjIlMkJaS3ZueUElM0QlM0Q
.postmedia.digital/ Name: __gads
Value: ID=830a964e468ac924:T=1644715933:S=ALNI_Mak3bgUkOFNJbcVYg9eKYY0xL68cA
.pubmatic.com/ Name: SPugT
Value: 1644715936

11 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71)
Message:
Unrecognized feature: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YghfnAAFx_jleABB
Message:
Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)
network error URL: https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=%{gdpr_consent}&us_privacy=&3pid=hSudhYZ_lNmeLJSNhXuAiosvzo6eLc7c0XhVn4Be
Message:
Failed to load resource: the server responded with a status of 500 (Server Error)
network error URL: https://cdn.jwplayer.com/v2/media/1feCWPBf
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5d3f333cb2b24f898e5d5a8e3a599e19.safeframe.googlesyndication.com
aa.agkn.com
ad.turn.com
ads.pubmatic.com
adservice.google.ca
adservice.google.com
ak.sail-horizon.com
analytics.twitter.com
aorta.clickagy.com
ap.lijit.com
api.rlcdn.com
api.sail-personalize.com
as-sec.casalemedia.com
assets-jpcust.jwpsrv.com
assets.ribn.com
auth.lrcontent.com
b1sync.zemanta.com
beacon.krxd.net
bid.g.doubleclick.net
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2-sandbox.piano.io
c2shb.ssp.yahoo.com
cdn.adsafeprotected.com
cdn.districtm.io
cdn.jwplayer.com
cdn.krxd.net
cdn.parsely.com
ce.lijit.com
cm.g.doubleclick.net
config.lrcontent.com
connect.facebook.net
consumer.krxd.net
creativecdn.com
d395dw5zk780j2.cloudfront.net
districtm-match.dotomi.com
dmx.districtm.io
dmx.us-east-34.districtm.io
dsp.nrich.ai
dt.adsafeprotected.com
eb2.3lift.com
entitlements.jwplayer.com
eus.rubiconproject.com
fem.prod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
gcp-cheet-4400-calgaryherald.gdev.postmedia.digital
googleads.g.doubleclick.net
gum.criteo.com
hb.districtm.io
htlb.casalemedia.com
i.prcdn.co
ib.adnxs.com
id.rlcdn.com
identity.mparticle.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
ml314.com
mug.criteo.com
p.adsymptotic.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
postmedia-d.openx.net
pr-bh.ybp.yahoo.com
prd.jwpltx.com
px.ads.linkedin.com
px4.ads.linkedin.com
rtb.openx.net
s.amazon-adsystem.com
s0.2mdn.net
sandbox.tinypass.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
smartcdn.gprod.postmedia.digital
snap.licdn.com
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
static.criteo.net
sync-tm.everesttech.net
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
t.co
tags.rd.linksynergy.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
videos-fms.jwpsrv.com
www.facebook.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.npttech.com
x.bidswitch.net
103.229.205.242
104.126.112.185
104.16.68.69
104.18.101.194
104.244.42.131
104.244.42.133
104.36.115.113
104.36.115.114
107.178.246.49
107.178.254.65
107.22.42.155
107.23.155.169
108.174.10.14
13.225.205.104
13.225.205.38
13.225.58.39
13.225.71.110
13.226.31.94
142.251.32.98
142.251.35.162
142.251.4.155
142.251.41.2
15.197.193.217
151.101.130.133
151.101.194.133
151.101.194.49
152.199.5.228
156.154.202.36
185.167.164.42
185.184.8.65
192.184.68.188
199.232.36.157
199.38.167.129
2001:438:65:11::1720
207.198.113.169
209.54.177.54
23.221.203.12
23.221.203.181
23.64.109.237
23.78.210.18
23.92.190.74
2600:1400:9000::687e:74ca
2600:1f18:4e9:5a05:c954:e19:2065:a03a
2600:9000:2140:2400:7:75d4:e40:93a1
2600:9000:21da:4400:1:a3fa:7cc0:93a1
2600:9000:21dd:4400:8:48e:53c0:93a1
2600:9000:21ea:a400:8:f216:eb80:93a1
2606:4700:10::6816:49e8
2606:4700:10::ac43:835
2606:4700:3032::ac43:c0b6
2606:4700::6810:bbdd
2606:4700::6810:f015
2606:4700::6811:b8b1
2607:f8b0:4006:806::2002
2607:f8b0:4006:807::2006
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::2003
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80c::2002
2607:f8b0:4006:816::2003
2607:f8b0:4006:816::200a
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2004
2607:f8b0:4006:824::2003
2607:f8b0:4006:824::2008
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:1ec:21::14
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:400::626
2a04:4e42:400::645
2a04:4e42:600::645
3.214.92.183
3.229.159.16
3.92.156.8
34.120.155.137
34.149.157.221
34.194.161.83
34.199.144.90
34.226.104.236
34.232.235.22
34.232.92.67
34.235.23.231
34.73.194.24
34.95.11.30
34.98.64.218
34.98.67.3
35.186.253.211
35.190.60.146
35.211.178.172
51.255.68.171
52.223.22.214
52.4.155.217
52.45.33.138
54.192.160.42
54.236.200.174
54.81.207.173
63.251.114.182
64.74.236.63
68.67.160.186
68.67.160.74
74.119.119.129
74.119.119.139
75.126.248.142
8.28.7.83
8.28.7.84
8.43.72.97
8.43.72.98
99.83.154.140
01ba6d90bb6ec62ba72c280d300a8c270865c646f7ea1d27fd2fce2ce42fe887
036fe93e0e1f2e76063faeee408a4ab4c2ca9c5ce0165b0fe623566f65c1a90d
04a9d1e0e044c59ee3d9644a7684a20660e6903c61f62bd4abcfd711d81c90d5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
079c0fd3df1f0a348f756e70b4051c4bd5059fa9dd2993a5fed2fc728532be48
082636cfdf27cee5a8f0ba9a0a0e866ef4512a6e4b6fe4f362cae2b7d96ce44d
0878df8b9a030066f26276aab6a4e36e509b480ec37fdac609ec3037611267d4
0953e8587b4d3f456def7baa43541252831c2cf537d4a08283c4c053b21c53f0
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
0b5eae5cacecfab875d39933a39a9e991e55ea803eefd8b33ea930eeed0d08e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9540a2fd3cead6b5f9ead2468ed7787bed0b21b62041b93288b00755461524
0ce9ea63f0bf9771a6876590ebd9fba9893ec95f07d3b029a91a11ebf20b495e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10031e68a35eaa4e0131eb184927354ebd18ba52b979b919a9300d1cca3eb56b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
139ffd6a5b702f2545be8fe8aefc8f2369ab714396a0405a87b4700b894589f3
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
14db4d359ec75f6bee5c24d7218c189f88ef14ef8eb766456a99db547d01db07
1617bae3b8835c1ca77413d83ed92afdc83c772e5466d7158803e893c3468276
164d71d43aa83ecc33b89ef9ad237a7a9b2be7df718968d4516cd6a85ef7442c
165b5695a4f6ce4b89483d4b901d48beb06cc7e40176c06f4c8ce59288b67b1a
1709a90f916b32d51ac83bddf435fbce9c2afcf78c9aa5bba4599fe6e0cbb9f9
1739c19317989204e8b73d670b481077d1d5f72888366752841e8738070e6940
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61
1aefec411441da454a39e812f8300125bfd117abc33f50f98c124419314da704
1b28a03dbb722904ff0e6578ca0646e0a180a6b44ee11a3713dc872408141ef5
1b7b592ee9e8e65a08121040a795201b39942e5186981058654efad0d89b82b8
1cd7eab92dcc04e7057d83a115c54de3d28e12634131e390fc005a06a2071a53
1edc83f7137848a661dbf5a61dbe4bb3b42fc7d064004560ea0269b45747e7d3
202c3b3f9ba500a96bed86e4bf763c27f2d351ac8f8519e90d4314a17a34c65d
22589e21ad2dacf5ef332a93fab7bb7576f4468a207b0706404e1a15fbc7b2ef
228cbdef38d722982f4daf04fae7d5b87bf1cb33101dac4561667a387272dae0
233532c9d1a858e4d10daa9954c01e720dc9f879e3952dd8fb0317a0b159c40a
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
238a7b88a5b7237a3fde744d5b7a0d8deafbe118e52453771e9e1872cac1b41f
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2bfe57a23d8ef229c88a3d24babf237122d897f8f6f43e69c6cc4ebe14896687
2c3f885b20bcf4a153f649924a0eab160b4de4b50e482b7c5a6a7526cb2bcc0d
2c493e2454c7473d746982a8a8cccc744120ffa456955fd7e69ed2c5b34bba9c
2d345be423521964621772497c15458692a59e458d9845b1da7ebe7ed4f5e860
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
300b9ba11e041384aafe746b81adbac891f04890e6d71728d572df9073610076
304955473b9f7310638570b09a2758de65adaf11d285c61f8fb768b16220a240
30f4fb5b57eb0c1fb612b559a2a74d1b3008aacbbf23b51d5c80a57cb866b99a
31a1e7a237feb46f70d1e9bdc90d28841316553dca63a803b27818b4b8f52c40
34564b7c51a52ab44875ea706f23f33ce9288d24999d8ac611f4678640aaae53
35aca60187492b7d4a5dbbc7957660e9c1f61dd1deaa802abbc7697315797f44
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3774f24cbef06430febec76ef6f57b8e3f75d2d91a5ad16e23135351c87004b2
37c499542971f376a6816bc413bbfe75df2c69bbf214214de8e401c88ee6e747
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
3898ad7b14c6bd7e9f0e3f517aad0e377593067fd7a393972946dcbc8760359a
3b1ba116afcfc07575273fd85029b04ff45cd35f5104e04f14da964b6722f547
3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3c59439b4ea6905545d0a5f41278422ee0d3bb3d370b4b8eaea35f306a9e1f63
3df18ce8fddb0bf84d710891c1acfecb133ab2ce4699b077af8d51d7abbfb766
3e9a52aae2bc58cbafd518752d6b8b23fb94c786874614924d0366bd61300cda
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400932abd5aa5355a2119ba69c95c9c24099c2eda90a3cb259fbfe460646682e
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
4455f15f5752282f54bc3d872b3f3554c529bc09d10f19d204ab4b359b725cc8
485086eae6d9ea8ec9f0c64950625c89edd2126737a458e528f20158100c9d20
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49024b11d9bc8562883dfba5e78f983b304ebe8ecbe452b6aebc19678a649cd5
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a72dda34ffb865b3a4bfbbf7b384810ea05a0a5c50d2904c61f80df4165c6a9
4aa8ed608a24ccfb43e2a213a56187ef633d5ae12ac2a2204b19b7c164f8df05
4b6ec8e4117f4e9ad3afe9e3a08f6e17fc72ba480b42d070d10eacb57c9f93e7
4cd5d51c0d2dc754d6e756033204ff2e492c722eef0ba69624210a14ec94f5e1
4d19d5104490d22e460777b332d14d1a6b99baae2074d3549e454d21e8890a16
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd6de4b6589a6a8ff819c1c64387cc6e1ca93a1f7cb836d61cba906de606c35
508cd501db50aeacdc8a4102e20cbbaf51750ccc354a272eb6d90e709c437957
52103002cd1867b22217e972c182c11e2058eaaadbfd9987d6fffec58623a9df
523bacab835ec240eb30370e7bbf9c29d7d45e982d9abe07dea337341ca88464
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56420db88c7c268ea372d6bb6125ffd0cdf199bbb86353eb5921ce3b2448f7a8
572f34b8f638197131f8c11bf194150fa8cd8f03dbafe03b37ff5c2946c7aa20
58082f5dc7f4d5bb5267b04d538abe2a18fdde4b5636985ab3b1f8291196be66
5808d1d1d342bfc1cfc7e927f7c2ff819d8076c44f63d2c2e0ca555fe2ba3ca4
587a56ec5e8f866a6f7e879bd3ee2c298d9b847059b58fe200092eb1b5f5e85f
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5a862fca557bc4e7a452b113716faae4cee60e60579280d31ca1d9a972bec554
5adf89a50bbb478ef9ccdf238d782776f692618deee2408242e9549660e197b4
5b6843b1caa9e50c39a1c6030e1cc85d1820757bf6cfd864ca27508f78ba69cf
5bfee1a430ede5828fcb00547e58f4121e6758b35517b4ee1b5387067a2e65e9
5cf7b01e9bad3d3a9da846f6be9bde1e9e50625bc4c0c19ef3f2cc52ab0278b7
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61a9435112cb68acc5f8da27798416ac4082a71a8ee5d392fb39c30185e4bc73
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64f099de5f67df6f927250c1a22ba37c7d1bbde773bbd326f1f58d03e2541185
65a84221357c08b04f0c3ac8a245d66f0cf023ac9e9e5a55e42871b51433d6ee
65bdb0f68bb734a9ee0412aeb1d9898bd4098339efd43b8356acf19b3d8c3ad5
66dcc2162ae7d45cf8620faa053c95672e4848654641aac10688f3d8bb143854
6812b21b80e6f704a793cb5706da0bb2a827835b3354670e0d2986d7e42f8c46
68217b5bb2fe20310beed32900d8539b4001001313d7322cc7c0cfba21036d8c
689402d90c9d60dfe1f1d82aedf6d8ab79519cf3cf9ace0aad9753caf79ec06b
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
6902e79f7c8a801e6c1e25c65fd4dcf30034a12d12dad3286d2f0af4457c9b0c
6d23334aac401b9a57492b688886d294161ba860eae32ac5c132df50eb8ccea3
6f592b184a12156f7118bb5c9b38bf823a853c9c174c9aa1ce1ff4bdd61324a8
704b665a1627ab64c9f33ea57726b09b16fe21efd7c2501db85bd932ff4b4a55
709932d262282e65073a8940fc09fc3fffbeb13682a8190bf8a1e96fc2c59888
7195725b023fffcce2eece2c346f203036bbe5c7f43316093daee1e9ff74b3dc
72fdbb0661eef304bebad438fce57f79172f902a7bacdbcffebe71c01ec8a06b
7345d9f74e207ead5bd1005dcfabc879b1e54a7d0fd9aa47c68c8f831fa31293
73ee99db41772b6381178027e6084290d586e8453264496db61d7a2d8f7730c4
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
75751aa9218516264f3948aa1666e89d5529af5fbc2f4df5688fcd62d87937e8
75c5d8da88542842de334a31c3a91e1364e27ee64f79a881547fa5f38a7593d3
77e5b64cb7cda3eb0dd87c6ee90345415779173d5d7227c13a16bb2d4491d2d2
79c381d0b010da04e31a1da615ecb7b142984a8fa33f080485a2c109ce064f15
7a4ad8b06c7ab90c1ba9934a90b9fbded3114fd2fbaa1ba62d55b2c3b50ddc67
7d74ffb97706ec5f3501a98d242bb3d12254e262882c44d60b59543f578c3ff6
80100165d0a4c113b1cbbc6491be185967d69c8eba790a15615cc92d3bc82c70
820d3966ce2af70c2052f1bedfb389780514a9175de60de25015198a96e411e1
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837d9f67c83db3287a1288dadffe3012fa0118b1102e45f44e6c7509857d2d8b
86cd59bb97bf565aee7bdab245971948eb6c32e9033b0a7dc831614a097e30e8
87ee34daf7197cb690ec820f174a093eb9d482bf50ba880272e2c0e41e153488
89b5eef345a9eba7418951efc606d3d85966629f841b2dbd78964ab72449742e
8a51c459b7a64e5655ce8e1a6003c9bb14e54fc5cb5f8828c12998656e004615
8ddf9e8fa96d1bbbeaf292ca94fc082dde61e4a6be90c87f8b2609fd88edbd4d
8e025507b949d2aa1be12fbe98dc853b5aaf93a1481282caa43a06c1de0a500e
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
920704d04ce8ef10e2fd3580457c0d55534d9331287d3476633088fdf60b221c
93b48cdf8e2b5cce2e5b0affc899ace31bd902bbd99dbe8fe71134e244aa1ceb
9563a4ca1e0eb5138d94837e654ed9aed8379ff22cf8a358243071d69c44f740
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
97cc23628e90fbf9578bf30e820d7281c3c6eb022d2e069c6151064a6c7c1d48
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436
9d37bc04a40a0929aa43543b15d0dec69009e2467cd73e7a96c5ddc944b640b4
9e53ba5d1361d2e2c991d719e3bac1c66d49d857ca36b0ef232d8711aeba378f
9f69215daa205adebc852fe0f89bde7de33265cc190b92d8479c3f40c97a1f40
a038d3d5e53a985f5ebcb5445cc3b8e435bfe2ba468f627604fd7cbbbb8d1256
a15ca8b74501f03f8b5ca2eaa01806ec3438932877b8d4188d14efbbfca879c6
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a29c393f7fd4077f869f22e38d5a7a514910048a34aedafc6da9f9e0a34f4150
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7dd95bcd89992b3f0c22c6595e1fde08bd2ed952f56f30452e2e6d8f492e5c4
a98a3200b66e9a2b82b2622e28ae07135dd6ebece2f55f0be814056b59e39092
aa8c4f5924fd06cbaf5c65fac729f0c3207d1f70534b07fc0915948c41b29d6e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad3c8644ae3fd8a5b259dbe17116c01e4b4c0133046e908df3db84822736babf
adaf81788242f9c48cc12172354c5df3e22fdcbcd2c3979dd83b419bb59e3db7
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
aebf0e0d15c0130fbe1375e3d5daff30441efea4c2545cc9f69cea6c13bab3a9
aefe09194c600df28a1d55fd7148031678d5d7a19d337d532cb4efcecff81869
b071b0fbc519207f843c08a571834e122605ae165027e0b7248105f9119df03a
b0dae257780ecf276635acf2db525bd91977e8a0aa57beb8ecf8a7bb042d3284
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2de98727761f0f98b36ab6ba001308661b26ead3e6edd6fd769aab312433f13
b40e613b9a34d0630dae7f86028c2eea3f230efe027a41976005dcb49c4709c7
b432e30dea76142bb9ec7666c30b4aeaa6b4c7b229520a008d4315a3eb6453cc
b510ee91066f77f938f78422378a73f44818d0ee661c0ccb5ad398cc7dd6b080
b5f4dca800344e19da7882dd1c4a1453bd36ef5cdfd63a1bc3cf9bac9cc2790f
b6b95b5344868617d92c9f22345419e424be58a2f9718d0a474c40aab2337b50
b781a31a98241d84c1a1b45704bbd44eaa60d6e0ad29834afc4108ac8ce46c82
bb5e2ea41114aac7cc85db465754f2f71644dc601ff16689ac1c3afbddc66138
bed79e22634d48c6e53d084c7dc1ac8e7ed34377df61478f7020d89248124ea1
bee50f17c1310be96251c881d4c468a0a205ca2af32654ffd5124fc812048c5b
c067cbc7ea5f1cc0fcc4534a40f3133dcf537baf7b96c8de226831740d767ec8
c1613fae297f062becb2e3f0a24314be2a09ba5809d48bd1a2ea5eacb95e18ca
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c235b2af769e31bbe24d135da09be1fe42e819fa6c9d39a94d10eee1217c7228
c381d1f2080db4d36c34a08b6f4fc19b1c180127e9df8776e04d3e55e687f717
c6ad62ab506ff316366edddb167eec1ec2f6a3b89e00b351164010c1775f1992
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
c8b7c117f389b4a75dbc3e1c571cf01480ce1249080aed7897dd52e3310046f4
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
cb82f584fa4d9c0113b292bdcb1047cf7f9ad2a206c409efa64a7f65410ff76f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc571d5e3b93898e373f09f0dbccd2bbfd8e241aa56a35a1685470e47b09b927
cc65ad91bccaffd0640bd0f85f314e50765e80ace431fc3a4893687b26e4d734
ce9b6a67dff69b03b35a4859e1fa67cf6998c2c9d1982e8c5f4ae4fe9454470f
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04afc774d80c39a178f6b42d961777a3cec7be7dfe585618d75f02abc515a97
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d0795db6dfdb5ac582882bdadfcbd4d26775f3256f39323652224c3b8df6d3b8
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3155ad3b5d6f9f605a7d484eba468177fcef689e2bae324ad2591331f258caf
d4abc56c5faf85f411fd516e547eae64ee13788939f050e957a2830d9fb95d01
d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa
d7cd773be9a32af8a37fdec61ee5c561e6b32fc6a2bdf6f4b8b58aa6d7cf0395
d88385cc9120cc60cd1cf073148ca59a2059682edcdbb89c9e8f9f083b8f6fb8
d892f19dba31160274b74eb7c62fb2b6a89efc5e4da75144ec1d0ed0b15e5a08
d9671f1630dc1f903b63a7606abf1db85a807ae0a74f48f7de689c5a412e84a6
d984a247beba5abcd72a6b6dd131ae1767b6d0cc76ad1223b33e8e3d5a7e05c0
dc8579d4e27fd792edab20b43256da568b742afa8a59eee5be9508758a1ac366
dd1c76236a0bc6523ca984caae25b44df3c0c2eba1323be913cb65dfbac5607f
dd448d83b50042e0093021232dddd423aa3e3efb40daa4552c943d8286264887
ddb063149b04e2efad8d004fd6d654259c2a68dc1ad5cff8843855071823c3e9
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfb79453fa41801659e76c41203c818eaf214f741549ec23e26f72c492bd7d95
e0bdae819a90b96ef507c14440eacd2a79f88810933b3ebff6f9f068f2ae80b5
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56823f3139580f0c079fdff0735151140bfeb477472cf67ce8d075cb1a7ddc6
e592c023e395d520e95efed9c15d14c77d5c101e3ce6b5d71413384508b55d59
e5bab9427ec1d36c811e3ca40b2a1014b330dea0fc48b787041c572e1fdc4f28
e77a37af607bf99b22fc2a2a70ffe899e8398cc30adbc6bbe256d580a76ebf47
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e8143cf5b46074d704206a2c48488dc0ef7c29d6ee077720179753d0138f1c90
e8bd74675f5e2c18b5b0696ac8e7e00cfc90675eae571204e406f8298eb3da69
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec5048fe0002a0fd7fdc7141ffd02691784cd09dc8f1adee6783c86d8d5604cb
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed4bd34ed96011c6a10a2ed3957f53e6781365214951d4ba1bdc3105dbd8c51
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe645e30b1c609185fa0cb178858f9097e6f4b3407f23feffe6b4087f697cc5
f172d4d7a33ce2857870fee406ebff036c0ec54c578873ec75282344c60f8739
f31ce571e6335548c0ade22cba6116bbbac0f1b5c52acbb40a0ff81272482973
f36b3a464ac73ea3bff08cc52e17ccc362a66829ccc16789693986f03d2fadb5
f52cfc740dc87fca205610844d811bf31b99c626e6b3a9ea4c9b6fb1fb6c8802
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f7914b4836b5815c4b3dcd79c44fa3390dedf00785d79f90dc7f6c6f38c947c5
f87bcb7d4faa7711017e59f26ea25071c602896b5eec735a01c0ed382f7a1af4
f89404f1a1e59763569737c5a67059172b3c734d82bf88fe7f2ad0ce8a247016
f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23
fb4188bbe32adefafdd351dea0349b9b0a2f033aad8acf226300ff86b2961231
fdeb01a6056938c5b849db077ccf3a85778ff72b569df2bb3bacf823d8c8b890
fdf952dfe3cb748b24a2d9ce13efc130f2dc5a8322c3f3d6b500aabe74cf22e5
fe26a45c6b9a75bc09d8f6824fc3ffaed7cc84a5ced4c86f4d5224194766574c
fe3cd3089faea77abfd92708efafcb5af900dead2bea4d8655a5b879cefc0f05
fe74d9ad0e39fa25a47d269d292da6be259b3b9ee3856925fbbc8f11bd52458d
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3