www.empireadvance.ca Open in urlscan Pro
137.117.58.204  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west HTTP 301
• https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Request Chain 63

• https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D HTTP 302
• https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1 HTTP 302
• https://sb.freeskreen.com/um?sa=2972054258922645314

Request Chain 64

• https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
• https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
• https://sb.freeskreen.com/um?tlr=d34e062eace34f2793e140bd4e00b191

Request Chain 65

• https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID} HTTP 302
• https://sb.freeskreen.com/um?ac={$UID}

Request Chain 66

• https://loadeu.exelator.com/load/?p=204&g=1300&j=0 HTTP 302
• https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1 HTTP 302
• https://sb.freeskreen.com/um?ni=b42fb3845b4b2c461127c5d8b1283e92

Request Chain 67

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east HTTP 301
• https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east

Request Chain 72

• https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=L5GS3VVT-G-TK3 HTTP 302
• https://sb.freeskreen.com/um?mg=L5GS3VVT-G-TK3

Request Chain 73

• https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=smartadserver&khaos=L5GS3VWM-19-9YBJ HTTP 302
• https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=L5GS3VWM-19-9YBJ

Request Chain 74

• https://token.rubiconproject.com/token?pid=25470 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVHUzNWV00tMTktOVlCSg==

Request Chain 75

• https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/rubicon/i8KI1lm15B7KXXFGhDfeecn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=859208402402801755

Request Chain 76

• https://id.rlcdn.com/709414.gif HTTP 307
• https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e

Request Chain 77

• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO_YqZdjX3OwvQkyowVXcwg&google_cver=1

Request Chain 78

• https://token.rubiconproject.com/token?pid=36584 HTTP 302
• https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5GS3VWM-19-9YBJ

Request Chain 79

• https://match.adsrvr.org/track/cmf/rubicon HTTP 302
• https://match.adsrvr.org/track/cmb/rubicon HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=78757432-c948-48d1-b139-2993131f2f41&gdpr=0&gdpr_consent=&expires=30

Request Chain 80

• https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTVkZjEwNDJlNzdlYmJiZWM4OWU0MzQ3MzdkZTk4YzdkMTdkMTdmNQ

Request Chain 81

• https://token.rubiconproject.com/token?pid=26594 HTTP 302
• https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5GS3VWM-19-9YBJ&sigv=1&esig=2~7b27a331a2425cf5db705b1838ce64a5ab5b3fb9

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request vmaf-rewards-students-5558240 Show response www.empireadvance.ca/local-news/	53 KB 16 KB	294ms 89ms	Document text/html	137.117.58.204 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 137.117.58.204 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 6a21a736d1b9bf545c305a4a83a6c7125f5239401258aadb50d6051209364e4a Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control public, max-age=65 content-encoding gzip content-length 16626 content-type text/html; charset=utf-8 date Mon, 11 Jul 2022 13:27:04 GMT expires Mon, 11 Jul 2022 13:28:09 GMT last-modified Mon, 11 Jul 2022 13:27:04 GMT strict-transport-security max-age=63072000; vary Accept-Encoding
GET H2	200	template_glacier www.empireadvance.ca/cssb/	91 KB 26 KB	51ms 50ms	Stylesheet text/css	137.117.58.204 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.empireadvance.ca/cssb/template_glacier?v=8ncbmJFpRNvtNtPaS8LpSBmbY9uoCc5WzNo89yafti81 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 137.117.58.204 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash fd09001fd1779bb0835aaf833d0ec1b692bfd19217db4071bc8abfd6edaa89ab Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:04 GMT content-encoding gzip last-modified Mon, 11 Jul 2022 13:27:04 GMT vary User-Agent content-type text/css; charset=utf-8 cache-control public strict-transport-security max-age=63072000; content-length 26832 expires Tue, 11 Jul 2023 13:27:04 GMT
GET H2	200	head Show response www.empireadvance.ca/jsb/	3 KB 2 KB	49ms 48ms	Script text/javascript	137.117.58.204 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.empireadvance.ca/jsb/head?v=LcM8wEj7Rn1AYDjGF1pjSV_suFrl8pQqVJyJndJTH5A1 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 137.117.58.204 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 34e5b3f77b75f5401d202f455b255a1f974f83a2a8ef027e4afa6e08cb54c3b6 Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:04 GMT content-encoding gzip last-modified Mon, 11 Jul 2022 13:27:04 GMT vary User-Agent content-type text/javascript; charset=utf-8 cache-control public strict-transport-security max-age=63072000; content-length 1624 expires Tue, 11 Jul 2023 13:27:04 GMT
GET		86c1de40-8632-0137-5766-06659b33d47c tag.simpli.fi/sifitag/	0 0
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	74ms 21ms	Script text/javascript	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 4761 date Mon, 11 Jul 2022 12:07:43 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Mon, 11 Jul 2022 14:07:43 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	81 KB 28 KB	123ms 54ms	Script text/javascript	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software sffe / Resource Hash efbadb3570c620c47ff3c67adc97faab0b0ae23c5d4052735a88591d839261ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:04 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28118 x-xss-protection 0 server sffe etag "1270 / 575 of 1000 / last-modified: 1657537564" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Mon, 11 Jul 2022 13:27:04 GMT
GET H2	200	logovirden.png www.vmcdn.ca/f/files/virdenempireadvance/images/virdenempireadvance/	6 KB 6 KB	305ms 183ms	Image image/png	13.225.63.119 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/f/files/virdenempireadvance/images/virdenempireadvance/logovirden.png Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.63.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-63-119.ewr53.r.cloudfront.net Software CloudFront / Resource Hash ccabac7d4dce08f44006bd8a6312c3600e58870ebcc23995cf7d5b005009ea67 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:04 GMT via 1.1 1089f52bc4f4516fdbd56d5c71d181e8.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop EWR53-C1 x-cache Miss from cloudfront content-type image/png access-control-allow-origin * cache-control private content-length 5684 x-amz-cf-id 0lvyNhKlJtOOtKIKiutMpY_p9gHDWGRxHY0M21_op1_jxSCDd9ZCXw==
GET H2	200	21---vmaf.jpg;w=960 www.vmcdn.ca/f/files/virdenempireadvance/images/virdenempireadvance/	317 KB 318 KB	173ms 50ms	Image image/jpeg	13.225.63.119 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/f/files/virdenempireadvance/images/virdenempireadvance/21---vmaf.jpg;w=960 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.63.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-63-119.ewr53.r.cloudfront.net Software CloudFront / Resource Hash b05e92b2cea0595ae861864fe0f04f0ae1a5d56a2918a00185282d6682168c0d Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 16:50:59 GMT via 1.1 1089f52bc4f4516fdbd56d5c71d181e8.cloudfront.net (CloudFront) server CloudFront age 160564 x-cache Hit from cloudfront content-type image/jpeg access-control-allow-origin * cache-control public x-amz-cf-pop EWR53-C1 content-length 324696 x-amz-cf-id ValZMNm0S74nOGC7sZFbVcQEVIuf9kDphuar3I2mWYxozy7D5gtrKw== expires Sun, 09 Jul 2023 16:49:07 GMT
GET H2	200	blank.gif www.empireadvance.ca/images/	42 B 164 B	67ms 65ms	Image image/gif	137.117.58.204 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.empireadvance.ca/images/blank.gif Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 137.117.58.204 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 2dd2ef26debf40e0edd9a62277cddf59a939b4026c8805af018fbea29496a62b Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:04 GMT last-modified Wed, 01 Jun 2022 19:36:19 GMT etag "e5e819deee75d81:0" strict-transport-security max-age=63072000; content-type image/gif cache-control max-age=2592000 accept-ranges bytes content-length 42
GET H2	200	template Show response www.empireadvance.ca/jsb/	159 KB 68 KB	40ms 39ms	Script text/javascript	137.117.58.204 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.empireadvance.ca/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 137.117.58.204 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 446d2f19fc949fb92f7568d50a4f3727f8001f9df221af11ee7a7ed17a3e29f0 Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:04 GMT content-encoding gzip last-modified Mon, 11 Jul 2022 13:27:04 GMT vary User-Agent content-type text/javascript; charset=utf-8 cache-control public strict-transport-security max-age=63072000; content-length 69766 expires Tue, 11 Jul 2023 13:27:04 GMT
GET H2	200	content_standalone Show response www.empireadvance.ca/jsb/	4 KB 2 KB	36ms 36ms	Script text/javascript	137.117.58.204 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.empireadvance.ca/jsb/content_standalone?v=s2y4VRyMFbajmubrlw3QYX--Fkgc6nI1pbrQFUiY5cI1 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 137.117.58.204 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 0a434f26bbfd6cf67b07c2f9339b8d26668792dbc7080fa029c9589a048fb86a Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:04 GMT content-encoding gzip last-modified Mon, 11 Jul 2022 13:27:04 GMT vary User-Agent content-type text/javascript; charset=utf-8 cache-control public strict-transport-security max-age=63072000; content-length 1790 expires Tue, 11 Jul 2023 13:27:04 GMT
GET H2	200	p.js Show response cdn.parsely.com/keys/empireadvance.ca/	71 KB 25 KB	97ms 40ms	Script application/javascript	13.225.58.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.parsely.com/keys/empireadvance.ca/p.js Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.58.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-58-39.ewr53.r.cloudfront.net Software nginx / Resource Hash d8ae70612ba167e4a305e9f7a4f73987b69b6cbea5d1c1758066e144bd069c22 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma public date Mon, 11 Jul 2022 13:27:04 GMT content-encoding gzip last-modified Wed, 08 Jun 2022 16:22:48 GMT server nginx age 26 etag W/"62a0ccd8-11da0" x-cache Hit from cloudfront content-type application/javascript via 1.1 ab3cd7cfdd9d5cf21e29b3ffd33aa170.cloudfront.net (CloudFront) cache-control max-age=86400, public x-amz-cf-pop EWR53-C1 x-amz-cf-id 63b5axJHpXFObHZv6x2POf8V-WHPu8Yx0AweYp6Wi-4gUWKiZFG1FA== expires Tue, 12 Jul 2022 13:26:38 GMT
GET H2	200	flipptag.js Show response cdn-gateflipp.flippback.com/tag/js/	25 KB 11 KB	169ms 64ms	Script application/javascript	13.249.120.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181177 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.120.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-120-125.atl51.r.cloudfront.net Software AmazonS3 / Resource Hash 6b869dc8a934aa35de0d9d3312c9710fe13cd468e4b96092609913b2f666b538 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:26:12 GMT content-encoding br last-modified Fri, 08 Jul 2022 17:45:56 GMT server AmazonS3 age 53 etag W/"fa35c8b9b547bafb4ee804a814622ab4" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 15375386c325d451a8c6d6c307441554.cloudfront.net (CloudFront) cache-control max-age=900 x-amz-cf-pop ATL51-C1 x-amz-cf-id YGy0QwH1FNUbVvuTwQ1ZWoC-Ia_UxG6zxuW3XEZTy62edIFhUc728g==
GET H2	200	v2vrlYiyK0XlFefVyWa7NYmXxJhY87gUscD4m53RhpqmYBavA_d6uVBDh Show response beginnerpancake.com/	90 KB 27 KB	157ms 70ms	Script text/javascript	35.227.215.31 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://beginnerpancake.com/v2vrlYiyK0XlFefVyWa7NYmXxJhY87gUscD4m53RhpqmYBavA_d6uVBDh Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.215.31 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 31.215.227.35.bc.googleusercontent.com Software / Resource Hash f19289a2bd55d17026a4a42004895e20b9ab2b374dba1fe7d7a24b489cab3a34 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=15724800; preload content-encoding br x-datacenter gce-us-east1 etag "a0ea4cae688ba61f82a65178c589e7d0576c4693c2524b6a7030171e633b12a3" x-buildname hoothoot vary Accept-Encoding, Accept-Language x-hostname fen-hoothoot-us-east1-spot-v9xd content-type text/javascript; charset=utf-8 cache-control private, must-revalidate, max-age=21600 date Mon, 11 Jul 2022 13:27:04 GMT x-buildnumber 580621788 timing-allow-origin *
GET H2	200	user-o.svg www.vmcdn.ca/files/ui/icons/	715 B 1 KB	164ms 44ms	Image image/svg+xml	13.225.63.119 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/files/ui/icons/user-o.svg Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/cssb/template_glacier?v=8ncbmJFpRNvtNtPaS8LpSBmbY9uoCc5WzNo89yafti81 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.63.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-63-119.ewr53.r.cloudfront.net Software CloudFront / Resource Hash 20c91e8fbcd29044b6c5f439edc4e293ee0821944202bdbc801d02303a6f72a1 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 06:51:55 GMT via 1.1 1089f52bc4f4516fdbd56d5c71d181e8.cloudfront.net (CloudFront) server CloudFront age 1492509 x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control public content-disposition inline; filename=user-o.svg x-amz-cf-pop EWR53-C1 content-length 715 x-amz-cf-id hR1NteVmpvzYyM9SwK8ToqtCCtp4FutQoiZgTVcqBHWOW2l_bREN8Q== expires Sun, 24 Jul 2022 06:51:55 GMT
GET DATA	200 OK	truncated /	204 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4bbada45fd68ad952c7630330f2a543b374aa0dff02b612ed8637b09b6cef8ae Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	opensans-regular.woff2 www.empireadvance.ca/css/fonts/	19 KB 19 KB	64ms 64ms	Font application/font-woff2	137.117.58.204 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.empireadvance.ca/css/fonts/opensans-regular.woff2 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/cssb/template_glacier?v=8ncbmJFpRNvtNtPaS8LpSBmbY9uoCc5WzNo89yafti81 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 137.117.58.204 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash bb83e6c7cf4aa041bcc51c81777e0e24484164c096c675bc0c8728f507eb943f Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers Referer https://www.empireadvance.ca/cssb/template_glacier?v=8ncbmJFpRNvtNtPaS8LpSBmbY9uoCc5WzNo89yafti81 Origin https://www.empireadvance.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:04 GMT last-modified Wed, 01 Jun 2022 19:36:19 GMT etag "b58ffdeee75d81:0" strict-transport-security max-age=63072000; content-type application/font-woff2 cache-control max-age=2592000 accept-ranges bytes content-length 19020
GET H2	200	search.svg www.vmcdn.ca/files/ui/icons/	442 B 793 B	284ms 182ms	Image image/svg+xml	13.225.63.119 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/files/ui/icons/search.svg Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/cssb/template_glacier?v=8ncbmJFpRNvtNtPaS8LpSBmbY9uoCc5WzNo89yafti81 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.63.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-63-119.ewr53.r.cloudfront.net Software CloudFront / Resource Hash ab33bb269f5d469aaa053c29777d536ee3579be104a6e16d922c95af5f40ba1d Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 29 Jun 2022 13:25:00 GMT via 1.1 1089f52bc4f4516fdbd56d5c71d181e8.cloudfront.net (CloudFront) server CloudFront age 1036923 x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control public content-disposition inline; filename=search.svg x-amz-cf-pop EWR53-C1 content-length 442 x-amz-cf-id r5NkKy3lzbgrGVrrTpztylw8NelbirfAr6FnresSCqNzQMij3O6R6w== expires Fri, 29 Jul 2022 13:25:01 GMT
GET H2	200	facebook-w.svg www.vmcdn.ca/files/ui/icons/	253 B 607 B	146ms 45ms	Image image/svg+xml	13.225.63.119 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/files/ui/icons/facebook-w.svg Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/cssb/template_glacier?v=8ncbmJFpRNvtNtPaS8LpSBmbY9uoCc5WzNo89yafti81 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.63.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-63-119.ewr53.r.cloudfront.net Software CloudFront / Resource Hash 254fd27c36e073f89ef5961a63316c877148fa78dbf20e612fb3fc1dbc3af906 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 13 Jun 2022 15:44:10 GMT via 1.1 1089f52bc4f4516fdbd56d5c71d181e8.cloudfront.net (CloudFront) server CloudFront age 2410974 x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control public content-disposition inline; filename=facebook-w.svg x-amz-cf-pop EWR53-C1 content-length 253 x-amz-cf-id vGBECad_dnPK4A2vMuH3MfaxNOg4HRuA5tvHOxbhV3eZsMHdVmad1A== expires Wed, 13 Jul 2022 01:09:37 GMT
GET H2	200	twitter-w.svg www.vmcdn.ca/files/ui/icons/	506 B 860 B	147ms 46ms	Image image/svg+xml	13.225.63.119 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/files/ui/icons/twitter-w.svg Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/cssb/template_glacier?v=8ncbmJFpRNvtNtPaS8LpSBmbY9uoCc5WzNo89yafti81 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.63.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-63-119.ewr53.r.cloudfront.net Software CloudFront / Resource Hash dba6ea9ecb296ddd7d0c150a586fe6949b8f79fc8026db799723690ac9aa36bf Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 06:47:14 GMT via 1.1 1089f52bc4f4516fdbd56d5c71d181e8.cloudfront.net (CloudFront) server CloudFront age 1492790 x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control public content-disposition inline; filename=twitter-w.svg x-amz-cf-pop EWR53-C1 content-length 506 x-amz-cf-id Bcfq1RBX0be6rHqnNJhrvlFJ6Zq_DQbHW8n_3CirM9Xw7VPQMcJljw== expires Sun, 24 Jul 2022 06:47:14 GMT
GET H2	200	linkedin-w.svg www.vmcdn.ca/files/ui/icons/	453 B 807 B	133ms 43ms	Image image/svg+xml	13.225.63.119 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/files/ui/icons/linkedin-w.svg Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/cssb/template_glacier?v=8ncbmJFpRNvtNtPaS8LpSBmbY9uoCc5WzNo89yafti81 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.63.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-63-119.ewr53.r.cloudfront.net Software CloudFront / Resource Hash daa019d9a018e5a5412653b11d0bb8a4b40b344e37fbdca9291f40e84033053a Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 29 Jun 2022 00:21:30 GMT via 1.1 1089f52bc4f4516fdbd56d5c71d181e8.cloudfront.net (CloudFront) server CloudFront age 1083933 x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control public content-disposition inline; filename=linkedin-w.svg x-amz-cf-pop EWR53-C1 content-length 453 x-amz-cf-id O4AzO-98NXJXtdn6Wor1kCHZdjQm2seTNCulB8D51i_UNnivDYbAxw== expires Fri, 29 Jul 2022 00:21:31 GMT
GET H2	200	envelope-o.svg www.vmcdn.ca/files/ui/icons/	703 B 1 KB	129ms 39ms	Image image/svg+xml	13.225.63.119 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/files/ui/icons/envelope-o.svg Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/cssb/template_glacier?v=8ncbmJFpRNvtNtPaS8LpSBmbY9uoCc5WzNo89yafti81 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.63.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-63-119.ewr53.r.cloudfront.net Software CloudFront / Resource Hash 3c76b41c05c39528b76473b26a8939e5daaf53de741945b2d62b2f18c4eb74e5 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 22 Jun 2022 07:00:29 GMT via 1.1 1089f52bc4f4516fdbd56d5c71d181e8.cloudfront.net (CloudFront) server CloudFront age 1664794 x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control public content-disposition inline; filename=envelope-o.svg x-amz-cf-pop EWR53-C1 content-length 703 x-amz-cf-id sD6yt5Ob2jyzm3Q72AVJ9pVA_KDgSDfKlI-rvDKV9lrZ4Hx2-zEfgg== expires Fri, 22 Jul 2022 07:00:30 GMT
GET H2	200	print-w.svg www.vmcdn.ca/files/ui/icons/	564 B 916 B	132ms 42ms	Image image/svg+xml	13.225.63.119 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/files/ui/icons/print-w.svg Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/cssb/template_glacier?v=8ncbmJFpRNvtNtPaS8LpSBmbY9uoCc5WzNo89yafti81 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.63.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-63-119.ewr53.r.cloudfront.net Software CloudFront / Resource Hash 6a2b63314fe802f4c69831fa2cdc5207c6b4ebf6f795d0e2ed4efb57ca765645 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 20 Jun 2022 15:05:17 GMT via 1.1 1089f52bc4f4516fdbd56d5c71d181e8.cloudfront.net (CloudFront) server CloudFront age 1808506 x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control public content-disposition inline; filename=print-w.svg x-amz-cf-pop EWR53-C1 content-length 564 x-amz-cf-id KCFeydwbM3UeA1ya-e7D6DTJx9URXEJgVXsWIptnwXYd4lKpYf2F8Q== expires Wed, 20 Jul 2022 15:05:18 GMT
GET H2	200	opensans-bold.woff2 www.empireadvance.ca/css/fonts/	19 KB 19 KB	48ms 48ms	Font application/font-woff2	137.117.58.204 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.empireadvance.ca/css/fonts/opensans-bold.woff2 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/cssb/template_glacier?v=8ncbmJFpRNvtNtPaS8LpSBmbY9uoCc5WzNo89yafti81 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 137.117.58.204 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7188423c548d0761358ba2b6570354989e3f98f7318ed998adfb04e063c05915 Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers Referer https://www.empireadvance.ca/cssb/template_glacier?v=8ncbmJFpRNvtNtPaS8LpSBmbY9uoCc5WzNo89yafti81 Origin https://www.empireadvance.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:04 GMT last-modified Wed, 01 Jun 2022 19:36:19 GMT etag "1431edeee75d81:0" strict-transport-security max-age=63072000; content-type application/font-woff2 cache-control max-age=2592000 accept-ranges bytes content-length 19724
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 446 B	187ms 70ms	XHR text/plain	2607:f8b0:4004:c09::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-37383801-16&cid=422224591.1657546025&jid=1548454163&gjid=428788248&_gid=395723973.1657546025&_u=YGDAgEABAAAAAE~&z=1112030223 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 11 Jul 2022 13:27:05 GMT content-type text/plain access-control-allow-origin https://www.empireadvance.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 69 B	185ms 71ms	XHR text/plain	2607:f8b0:4004:c09::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-61624009-5&cid=422224591.1657546025&jid=747101571&gjid=5880327&_gid=395723973.1657546025&_u=YGDAgEABAAAAAE~&z=788614407 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 11 Jul 2022 13:27:05 GMT content-type text/plain access-control-allow-origin https://www.empireadvance.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 194 B	29ms 26ms	Image image/gif	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=1311441281&t=pageview&_s=1&dl=https%3A%2F%2Fwww.empireadvance.ca%2Flocal-news%2Fvmaf-rewards-students-5558240&ul=en-us&de=UTF-8&dt=VMAF%20rewards%20students%20-%20Virden%20Empire-Advance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEAB~&jid=1548454163&gjid=428788248&cid=422224591.1657546025&tid=UA-37383801-16&_gid=395723973.1657546025&cd2=5558240&cd3=297742&cd4=0&cd5=Anne%20Davison&cd6=Submitted&cd7=485&cd8=11&cd9=9&cd10=Sat&cd11=Jul&cd12=2022&cd13=7%2F9%2F2022%2011%3A37%3A00%20AM&cd14=354478&cd15=Local%20News&cd16=festival%7CVirden&cd17=VMAF%20rewards%20students&cd18=Content&cd19=Virden%20Empire-Advance&cd22=OriginalReport&cd1=66&z=1061033176 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Sun, 10 Jul 2022 21:20:15 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 58009 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 91 B	29ms 27ms	Image image/gif	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=1311441281&t=pageview&_s=1&dl=https%3A%2F%2Fwww.empireadvance.ca%2Flocal-news%2Fvmaf-rewards-students-5558240&ul=en-us&de=UTF-8&dt=VMAF%20rewards%20students%20-%20Virden%20Empire-Advance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAE~&jid=747101571&gjid=5880327&cid=422224591.1657546025&tid=UA-61624009-5&_gid=395723973.1657546025&cd2=5558240&cd3=297742&cd4=0&cd5=Anne%20Davison&cd6=Submitted&cd7=485&cd8=11&cd9=9&cd10=Sat&cd11=Jul&cd12=2022&cd13=7%2F9%2F2022%2011%3A37%3A00%20AM&cd14=354478&cd15=Local%20News&cd16=festival%7CVirden&cd17=VMAF%20rewards%20students&cd18=Content&cd19=Virden%20Empire-Advance&cd22=OriginalReport&cd1=66&z=2117811284 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Sun, 10 Jul 2022 21:20:15 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 58009 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ p1.parsely.com/plogger/	43 B 257 B	209ms 53ms	Image image/gif	54.144.144.142 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://p1.parsely.com/plogger/?rand=1657546024950&plid=62570285&idsite=empireadvance.ca&url=https%3A%2F%2Fwww.empireadvance.ca%2Flocal-news%2Fvmaf-rewards-students-5558240&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.empireadvance.ca%2Flocal-news%2Fvmaf-rewards-students-5558240&sref=&sts=1657546024944&slts=0&title=VMAF+rewards+students+-+Virden+Empire-Advance&date=Mon+Jul+11+2022+13%3A27%3A04+GMT%2B0000+(GMT)&action=pageview&pvid=96695584&u=pid%3D176d3aafa04d50749b651ae5513b0351 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-144-144-142.compute-1.amazonaws.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 11 Jul 2022 13:27:05 GMT Cache-Control no-cache Last-Modified Monday, 11-Jul-2022 13:27:05 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 26 KB	244ms 84ms	Script application/x-javascript	2a03:2880:f065:e:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f065:e:face:b00c:0:3 Houston, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 25939 x-xss-protection 0 pragma public x-fb-debug WYHksThqHNvUDCnKYd4Dr1tGGa3cQd6tUTEbBfF3pwpOAwJT2UGOOp5Ta4ed/sK5B+asf6B2XL+UusWti34YKg== x-fb-trip-id 1679558926 x-frame-options DENY date Mon, 11 Jul 2022 13:27:05 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ Show response graph.facebook.com/	343 B 754 B	469ms 273ms	Script text/javascript	2a03:2880:f065:2:face:b00c:0:2 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://graph.facebook.com/?fields=og_object{engagement{count}}&ids=https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240&access_token=253883948067202|97ed53738428ce974f5f6696babe8b34&callback=jQuery111204582956799902629_1657546024893&_=1657546024894 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f065:2:face:b00c:0:2 Houston, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 7e405f68fa2bd672009bee6387dba8988fd658b324d8906685088f30dcf91338 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=15552000; preload content-encoding br etag "ff0559f78a7f331d40fbb9a5c47879c36791c2c8" x-app-usage {"call_count":33,"total_cputime":0,"total_time":8} cross-origin-resource-policy cross-origin x-fb-rev 1005819156 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 199 x-fb-rlafr 0 pragma no-cache x-fb-debug yn5UO9W086xcrCm5NeVpwxoiwWGYi/ag1FSOB3sw1ZCavTEVQWHqnuBDHUMtJDZPx3duYTTQyfzcyi39SZIQhg== x-fb-trace-id CDro38XOAzc date Mon, 11 Jul 2022 13:27:05 GMT vary Origin, Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * x-fb-request-id AfMw9Ca52yVueruzFGaOG9J cache-control private, no-cache, no-store, must-revalidate facebook-api-version v8.0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	weatherwidget Show response www.empireadvance.ca/external/	133 B 386 B	51ms 50ms	XHR application/json	137.117.58.204 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.empireadvance.ca/external/weatherwidget?weatherCode=MB%2Fs0000135_e Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 137.117.58.204 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 561e78ffd16498fc3025d4fb285b7c5499af5bdd80ad0279c63359a4304bb9f2 Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers Accept */* Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 X-Requested-With XMLHttpRequest accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:04 GMT content-encoding gzip last-modified Mon, 11 Jul 2022 13:23:01 GMT strict-transport-security max-age=63072000; content-type application/json; charset=utf-8 cache-control public, max-age=656 content-length 233 expires Mon, 11 Jul 2022 13:38:01 GMT
GET H2	200	poll Show response www.empireadvance.ca/jsb/	20 KB 9 KB	52ms 52ms	XHR text/javascript	137.117.58.204 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.empireadvance.ca/jsb/poll?v=oG8YSB4dyGKTFHX_-m-MrcyI-ykYr-_Pv7CFGKVEzoI1 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 137.117.58.204 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 256df061c262c1f1daaafab04edf15993728da544e58bd6b57e82f29c1c74c99 Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 X-Requested-With XMLHttpRequest accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:04 GMT content-encoding gzip last-modified Mon, 11 Jul 2022 13:27:04 GMT vary User-Agent content-type text/javascript; charset=utf-8 cache-control public strict-transport-security max-age=63072000; content-length 9393 expires Tue, 11 Jul 2023 13:27:04 GMT
POST H2	200	contentwidget Show response www.empireadvance.ca/directory/	0 17 B	81ms 80ms	XHR text/plain	137.117.58.204 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.empireadvance.ca/directory/contentwidget Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 137.117.58.204 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers Accept */* Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 X-Requested-With XMLHttpRequest accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Mon, 11 Jul 2022 13:27:04 GMT cache-control private content-length 0 strict-transport-security max-age=63072000;
GET H2	200	405876 Show response www.empireadvance.ca/widgets/	3 KB 1 KB	62ms 60ms	XHR text/html	137.117.58.204 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.empireadvance.ca/widgets/405876 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 137.117.58.204 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 30f5ff2dbaaee8475be53e0326a3b62818c91a7c165e0bdffeaa07d40025b493 Security Headers Name Value Strict-Transport-Security max-age=63072000; X-Frame-Options SAMEORIGIN Request headers Accept */* Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 X-Requested-With XMLHttpRequest accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:04 GMT content-encoding gzip x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/html; charset=utf-8 cache-control private strict-transport-security max-age=63072000; content-length 1196
GET H2	200	405877 Show response www.empireadvance.ca/widgets/	4 KB 982 B	57ms 55ms	XHR text/html	137.117.58.204 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.empireadvance.ca/widgets/405877 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 137.117.58.204 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 4ceb9ff193386284f3aacb589c7ad3c502bc1cfaf53d87743b9308b43d878f1a Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers Accept */* Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 X-Requested-With XMLHttpRequest accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:04 GMT content-encoding gzip cache-control private content-length 934 vary Accept-Encoding strict-transport-security max-age=63072000; content-type text/html; charset=utf-8
GET H3	200	pubads_impl_2022063001.js Show response securepubads.g.doubleclick.net/gpt/	374 KB 128 KB	138ms 48ms	Script text/javascript	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software sffe / Resource Hash c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 05:23:27 GMT content-encoding gzip x-content-type-options nosniff age 29018 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 130816 x-xss-protection 0 last-modified Thu, 30 Jun 2022 08:35:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 11 Jul 2023 05:23:27 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	104 B 116 B	167ms 79ms	XHR application/json	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.empireadvance.ca Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software cafe / Resource Hash 24a897d44b4fd1e1cf212ba43d066df51c6dff7322618ea54534e97fe554c026 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers timing-allow-origin * date Mon, 11 Jul 2022 13:27:05 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 91 x-xss-protection 0 expires Mon, 11 Jul 2022 13:27:05 GMT
GET H2	200	skeleton.gif static.adsafeprotected.com/	43 B 481 B	186ms 50ms	Image image/gif	2600:9000:2105:9200:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.adsafeprotected.com/skeleton.gif Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2105:9200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 06 Jun 2022 10:10:03 GMT via 1.1 1f23e89336115d8a2b959bb2c7c2da90.cloudfront.net (CloudFront) age 3035823 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 43 last-modified Mon, 17 Aug 2020 23:55:15 GMT server AmazonS3 etag "45cf913e5d9d3c9b2058033056d3dd23" x-amz-version-id iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja cache-control max-age=315360000 x-amz-cf-pop BOS50-C3 accept-ranges bytes content-type image/gif x-amz-cf-id Jhfna1VJqhFv-QEjl2T1nrObg-BLTQjxdooU3n5JLd7v_ZyFZR1vhA==
GET H2	200	location Show response gateflipp.flippback.com/flyer-locator-service/	91 B 297 B	183ms 55ms	Fetch application/json	3.230.107.219 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://gateflipp.flippback.com/flyer-locator-service/location?domain=www.empireadvance.ca Requested by Host: cdn-gateflipp.flippback.com URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181177 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.230.107.219 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-230-107-219.compute-1.amazonaws.com Software envoy / Resource Hash ea5e7aa6a5d30c2a80275e775c829e037bd1b54390f01542b91ca7d9ace933a5 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-trace-id cb62aads04s2jv6ablc0 date Mon, 11 Jul 2022 13:27:05 GMT content-encoding gzip server envoy vary Origin,Accept-Encoding content-type application/json access-control-allow-origin * x-envoy-upstream-service-time 2
GET H2	200	01.gif www.vmcdn.ca/files/ui/icons/weather/	2 KB 3 KB	68ms 67ms	Image image/gif	13.225.63.119 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vmcdn.ca/files/ui/icons/weather/01.gif Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.63.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-63-119.ewr53.r.cloudfront.net Software CloudFront / Resource Hash dfacc28b68125a3ebab167bc626adad84ab00dc28a1823550fdedcc03607941b Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 29 Jun 2022 08:54:38 GMT via 1.1 1089f52bc4f4516fdbd56d5c71d181e8.cloudfront.net (CloudFront) server CloudFront age 1053146 x-cache Hit from cloudfront content-type image/gif access-control-allow-origin * cache-control public content-disposition inline; filename=01.gif x-amz-cf-pop EWR53-C1 content-length 2227 x-amz-cf-id stBCShGrNbPvlC7rdOu-czCY1AVWwV7tRuszyXe2DfdCcwQyjkChEA== expires Fri, 29 Jul 2022 08:54:39 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	203ms 90ms	Image image/gif	2607:f8b0:4006:81e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-37383801-16&cid=422224591.1657546025&jid=1548454163&_u=YGDAgEABAAAAAE~&z=793465065 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2004 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 13:27:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ca/ads/	42 B 501 B	196ms 83ms	Image image/gif	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-37383801-16&cid=422224591.1657546025&jid=1548454163&_u=YGDAgEABAAAAAE~&z=793465065 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 13:27:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	beacons p.flipp.com/	0 0	250ms 89ms	Fetch	13.226.100.8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://p.flipp.com/beacons Requested by Host: cdn-gateflipp.flippback.com URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181177 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.100.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-100-8.atl52.r.cloudfront.net Software / Resource Hash Request headers Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Mon, 11 Jul 2022 13:27:05 GMT via 1.1 9f690b38e262515b0f02a43878866126.cloudfront.net (CloudFront) x-amz-cf-pop ATL52-C1 vary Origin x-cache Miss from cloudfront access-control-allow-origin https://www.empireadvance.ca access-control-allow-credentials true x-amz-cf-id zk7nkQnq36njNaufTarcPFI9UbjlrPajNO644jI64tuG3KxSgYNLiQ==
GET H2	200	integrator.js Show response adservice.google.fr/adsid/	107 B 792 B	194ms 74ms	Script application/javascript	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.fr/adsid/integrator.js?domain=www.empireadvance.ca Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers timing-allow-origin * date Mon, 11 Jul 2022 13:27:05 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	192ms 74ms	Script application/javascript	2607:f8b0:4006:80a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.empireadvance.ca Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers timing-allow-origin * date Mon, 11 Jul 2022 13:27:05 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	174 KB 37 KB	763ms 763ms	XHR text/plain	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=694465954877520&correlator=2459369123753104&eid=31068035%2C44764002&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=4326737%2Catex_GNG-MB_site_section_subsection_3to1_S1_RON_GNG-network%2Catex_GNG-MB_site_section_subsection_wallpaper_S1_RON_GNG-network%2Catex_GNG-MB_site_section_subsection_1to2_S1_RON_GNG-network%2Catex_GNG-MB_site_section_subsection_1to1_S2_RON_GNG-network&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1x1%7C728x90%7C900x150%7C900x300%7C970x250%2C1x2%7C1x1%2C300x600%7C300x250%7C300x300%7C300x120%2C300x250%7C300x300&ifi=1&adks=3530893968%2C653387805%2C911297817%2C2324021424&sfv=1-0-38&ecs=20220711&fsapi=false&eri=1&cust_params=site%3Dwww.empireadvance.ca%252Cempireadvance.ca%26ContentCategory%3DLocal%2520News%26ContentCategories%3DLocal%2520News%252CLocal%2520Arts%26ContentType%3DOriginalReport%26TemplateType%3DDetails%26ContentId%3D5558240%26ContentTag%3Dfestival%252CVirden&sc=1&cookie_enabled=1&abxe=1&dt=1657546025313&lmt=1657546024&dlt=1657546024756&idt=510&adxs=305%2C-12245933%2C980%2C980&adys=129%2C-12245933%2C274%2C1183&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.empireadvance.ca%2Flocal-news%2Fvmaf-rewards-students-5558240&frm=20&vis=1&psz=990x90%7C0x0%7C300x0%7C300x0&msz=0x0%7C0x0%7C0x0%7C0x0&fws=4%2C132%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=422224591.1657546025&ga_sid=1657546025&ga_hid=1311441281&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software cafe / Resource Hash 63cea67c29d570612d69105e7ee087f16bb2bd87a9a97e7f0874b0317c34785d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:06 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37723 x-xss-protection 0 google-lineitem-id -1,158299897,-1,-1 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -1,50862816097,-1,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.empireadvance.ca cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 1c0089c5b45443278605e8d69729c927.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0591	6 KB 4 KB	264ms 85ms	Document text/html	2607:f8b0:4006:80c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://1c0089c5b45443278605e8d69729c927.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::2001 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 11 Jul 2022 13:27:05 GMT expires Tue, 11 Jul 2023 13:27:05 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	600 B 341 B	720ms 719ms	XHR text/plain	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=694465954877520&correlator=2459369123753104&eid=31068035%2C44764002&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=4326737%2Catex_GNG-MB_site_section_subsection_6to1_S1_RON_GNG-network&enc_prev_ius=%2F0%2F1&prev_iu_szs=600x100&ifi=5&adks=2464367242&sfv=1-0-38&ecs=20220711&fsapi=false&eri=1&cust_params=site%3Dwww.empireadvance.ca%252Cempireadvance.ca%26ContentCategory%3DLocal%2520News%26ContentCategories%3DLocal%2520News%252CLocal%2520Arts%26ContentType%3DOriginalReport%26TemplateType%3DDetails%26ContentId%3D5558240%26ContentTag%3Dfestival%252CVirden&sc=1&cookie_enabled=1&abxe=1&dt=1657546025336&lmt=1657546024&dlt=1657546024756&idt=510&adxs=335&adys=2880&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.empireadvance.ca%2Flocal-news%2Fvmaf-rewards-students-5558240&frm=20&vis=1&psz=600x26&msz=600x26&fws=4&ohw=1600&ga_vid=422224591.1657546025&ga_sid=1657546025&ga_hid=1311441281&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software cafe / Resource Hash 4aca7e28b9f59111b19af8b23e6d02df80932f01d81e023cf8a70569aee2ff43 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:06 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 311 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.empireadvance.ca cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	20 KB 9 KB	1276ms 1275ms	XHR text/plain	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=694465954877520&correlator=2459369123753104&eid=31068035%2C44764002&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=4326737%2Catex_GNG-MB_site_section_subsection_1to1_S1_RON_GNG-network&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x300&fluid=height&ifi=6&adks=662098464&sfv=1-0-38&ecs=20220711&fsapi=false&eri=1&cust_params=site%3Dwww.empireadvance.ca%252Cempireadvance.ca%26ContentCategory%3DLocal%2520News%26ContentCategories%3DLocal%2520News%252CLocal%2520Arts%26ContentType%3DOriginalReport%26TemplateType%3DDetails%26ContentId%3D5558240%26ContentTag%3Dfestival%252CVirden&sc=1&cookie_enabled=1&abxe=1&dt=1657546025342&lmt=1657546024&dlt=1657546024756&idt=510&adxs=485&adys=2630&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.empireadvance.ca%2Flocal-news%2Fvmaf-rewards-students-5558240&frm=20&vis=1&psz=300x26&msz=300x26&fws=4&ohw=1600&ga_vid=422224591.1657546025&ga_sid=1657546025&ga_hid=1311441281&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software cafe / Resource Hash 4dc543debf43813cc1e2c7b9f8e87c369fa06f5b0d11c6d8e7a6b144399637ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:06 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9236 x-xss-protection 0 google-lineitem-id 5853536811 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138374615255 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.empireadvance.ca cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	244034819342852 Show response connect.facebook.net/signals/config/	291 KB 84 KB	242ms 141ms	Script application/x-javascript	2a03:2880:f065:e:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/244034819342852?v=2.9.64&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f065:e:face:b00c:0:3 Houston, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 2f876bfcac6d93ec898a4bb4c9f53e7b665ebfa3586b587c1ad1b6f452973449 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug 0dBjss+QvZWCf7S+3XIoLcgtVtEqI+lE1ywmTRyT6/flF3PvtAeHEzI1mr4PtZbNaYHzXnAmvjmr+5Vw+niHhw== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 11 Jul 2022 13:27:05 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1657546025534 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	v2edoxpovSJp1UyC8IARlCKs4MN8BFGzUo208bOiaN7g3SgoczdFf6Q24_K2iIroIi-QTKhu9lw Show response beginnerpancake.com/	201 B 652 B	198ms 80ms	Fetch application/json	35.227.215.31 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://beginnerpancake.com/v2edoxpovSJp1UyC8IARlCKs4MN8BFGzUo208bOiaN7g3SgoczdFf6Q24_K2iIroIi-QTKhu9lw Requested by Host: beginnerpancake.com URL: https://beginnerpancake.com/v2vrlYiyK0XlFefVyWa7NYmXxJhY87gUscD4m53RhpqmYBavA_d6uVBDh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.215.31 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 31.215.227.35.bc.googleusercontent.com Software / Resource Hash 4c67c37bcfdedba802949fe793c0a5473e7532124a747c90db96651a52b43e83 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=15724800; preload x-buildnumber 580621788 content-length 201 x-datacenter gce-us-east1 date Mon, 11 Jul 2022 13:27:05 GMT x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://www.empireadvance.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-hostname fen-hoothoot-us-east1-spot-v9xd timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie expires Mon, 11 Jul 2022 13:27:04 GMT
POST H2	200	v2islDSPSgNSDvhx43LATNaMM9RTj0tydBU2Pqo2bhd1RVCWco4gGepJDl9V8L0Dj5JGbQBXD4A Show response beginnerpancake.com/	3 B 38 B	78ms 77ms	Fetch application/json	35.227.215.31 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://beginnerpancake.com/v2islDSPSgNSDvhx43LATNaMM9RTj0tydBU2Pqo2bhd1RVCWco4gGepJDl9V8L0Dj5JGbQBXD4A Requested by Host: beginnerpancake.com URL: https://beginnerpancake.com/v2vrlYiyK0XlFefVyWa7NYmXxJhY87gUscD4m53RhpqmYBavA_d6uVBDh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.215.31 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 31.215.227.35.bc.googleusercontent.com Software / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=15724800; preload access-control-allow-methods POST, OPTIONS x-datacenter gce-us-east1 x-buildname hoothoot vary Accept-Encoding, Origin x-hostname fen-hoothoot-us-east1-spot-v9xd content-type application/json; charset=utf-8 access-control-allow-origin https://www.empireadvance.ca access-control-allow-credentials true x-buildnumber 580621788 timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie content-length 3 date Mon, 11 Jul 2022 13:27:05 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 408 B	242ms 77ms	Image image/gif	2a03:2880:f162:81:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=244034819342852&ev=PageView&dl=https%3A%2F%2Fwww.empireadvance.ca%2Flocal-news%2Fvmaf-rewards-students-5558240&rl=&if=false&ts=1657546025787&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1657546025785.1578575198&it=1657546025350&coo=false&exp=p0&rqm=GET Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f162:81:face:b00c:0:25de Houston, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:05 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Mon, 11 Jul 2022 13:27:05 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 212 B	242ms 78ms	Image image/gif	2a03:2880:f162:81:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=244034819342852&ev=ViewContent&dl=https%3A%2F%2Fwww.empireadvance.ca%2Flocal-news%2Fvmaf-rewards-students-5558240&rl=&if=false&ts=1657546025788&cd[content_ids]=%5B5558240%5D&cd[content_category]=Local%20News&cd[content_name]=VMAF%20rewards%20students&cd[content_type]=product&cd[contents]=%5B%7B%22id%22%3A%22festival%22%2C%22quantity%22%3A1%7D%2C%7B%22id%22%3A%22Virden%22%2C%22quantity%22%3A1%7D%5D&cd[author_name]=Anne%20Davison&cd[byline_name]=Submitted&cd[article_length]=485&cd[publish_hour]=11&cd[publish_day]=9&cd[publish_day_name]=Sat&cd[publish_month_name]=Jul&cd[publish_year]=2022&cd[publish_datetime]=7%2F9%2F2022%2011%3A37%3A00%20AM&cd[site_name]=Virden%20Empire-Advance&cd[type]=Content&sw=1600&sh=1200&v=2.9.64&r=stable&ec=1&o=30&fbp=fb.1.1657546025785.1578575198&it=1657546025350&coo=false&exp=p0&rqm=GET Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f162:81:face:b00c:0:25de Houston, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:05 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Mon, 11 Jul 2022 13:27:05 GMT
POST H2	200	me Show response www.empireadvance.ca/account/	369 B 477 B	52ms 51ms	XHR application/json	137.117.58.204 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.empireadvance.ca/account/me Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/jsb/head?v=LcM8wEj7Rn1AYDjGF1pjSV_suFrl8pQqVJyJndJTH5A1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 137.117.58.204 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash df5b9f30ac3d2f60ca6c4bcafb45dc62f0533c566f939bd708251132e28a2eac Security Headers Name Value Strict-Transport-Security max-age=63072000; X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:05 GMT content-encoding gzip x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 cache-control private strict-transport-security max-age=63072000; content-length 406
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	189ms 84ms	XHR application/json	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022063001&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8fb30938db676c9aa0030811cbfcf8c8cbf6e7877b790025741ced7d36f3088e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers timing-allow-origin * date Mon, 11 Jul 2022 13:27:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10979 x-xss-protection 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/	0 0	73ms 73ms	Fetch image/gif	142.250.65.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSyA9EPomDPj7SOEhtpyFx8kSpxd-Jyj9yCPEfxGdtG3xHHpNGa5ThTQbxE9aBVrOnlbKnVFyAj1cnRuWuNHiZi9dtfVjkv1FQSvBuwIQNwrlJQzJQV6R5unGFxsnU0RdZ71hGzvgYXbOgpc4D3KQzdBmTLsPSAR2v8pcu2SoQe8ZimH959Wqr7YMtqZDOImPrmaRttTgMYsRkaaKbk2YIHxPKAj7DTZAkUfSIg0RUgRTSoppTvSViFNGUP2LIbajWskjCuYH2zV6jwmxvdub8oreNs1fMQn0cZz4yZqiDk4fSr6pbb1NfVFEk0RJOtbBvpt2HAfqZOQOreif-yFkATt1xdl8xOx8GQRfhb274OSPF1MFktOi2u77CvVvgBsJ9CbpmKw&sai=AMfl-YS9KWVPor5TkzQE6yVGrX3sOgQbUME1XZFO55LjQSvwBhu2GQYv22-hetGaJEebPC8yq52MdlipGS0GT-YRwEkSu7o4zKfDqyJQ-Fz48Thg56_FIyKw6JN2RKytkyhAaFS0Lg&sig=Cg0ArKJSzFd9k2lI4lXaEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.65.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers timing-allow-origin * date Mon, 11 Jul 2022 13:27:06 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Mon, 11 Jul 2022 13:27:06 GMT
GET H/1.1	200 OK	freeskreen.min.js Show response static.freeskreen.com/ba/206/	24 KB 9 KB	259ms 56ms	Script text/javascript	13.226.100.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.freeskreen.com/ba/206/freeskreen.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.226.100.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-100-66.atl52.r.cloudfront.net Software AmazonS3 / Resource Hash 8f3da4847f0a4941ceb3287a4b574a7f7383848ae791c2b3d189ba0ae2b0923a Request headers Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers x-amz-version-id dckSO0DUn0RFLwD3BBFBFJAIbwYM0Pla Content-Encoding gzip Last-Modified Tue, 23 Feb 2021 19:53:51 GMT Server AmazonS3 Age 19681 ETag "9e0931585824aace25cb8e0d85cd8961" X-Cache Hit from cloudfront Content-Type text/javascript Via 1.1 2e67705592d9e70f39603d15b26f4690.cloudfront.net (CloudFront) Connection keep-alive Date Mon, 11 Jul 2022 07:59:06 GMT X-Amz-Cf-Pop ATL52-C1 Accept-Ranges bytes Content-Length 8866 X-Amz-Cf-Id Z0NWjLtauUw5Rkn2H2R3_Hwq9_y6gBpryTLCQGrODIFVmj16qvB_kA==
GET		skin.js cdn.districtm.ca/	0 0
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/	137 KB 43 KB	158ms 71ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 11 Jul 2022 13:27:06 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43254 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1657132091081416" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 11 Jul 2022 13:27:06 GMT
GET H2	200	script.js Show response sb.freeskreen.com/publisher/	75 KB 22 KB	211ms 114ms	Script text/html	174.129.130.79 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://sb.freeskreen.com/publisher/script.js?bai=206&ut=&uts=&flc=&slc=&windowlocation=https%3A%2F%2Fwww.empireadvance.ca%2Flocal-news%2Fvmaf-rewards-students-5558240&usp=&gdpr=-1&cs=-1 Requested by Host: static.freeskreen.com URL: https://static.freeskreen.com/ba/206/freeskreen.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 174.129.130.79 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-174-129-130-79.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 675d67ac1618605657f874d3fc8a555c73fce18dfd75e598f3701723f975c084 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 13:27:06 GMT content-encoding gzip server Apache/2.4.29 (Ubuntu) vary Accept-Encoding p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store, must-revalidate content-type text/html;charset=UTF-8 content-length 22154 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	ac Show response ww1772.smartadserver.com/	2 KB 2 KB	287ms 53ms	Script application/javascript	199.187.193.164 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=4961511451&out=js Requested by Host: sb.freeskreen.com URL: https://sb.freeskreen.com/publisher/script.js?bai=206&ut=&uts=&flc=&slc=&windowlocation=https%3A%2F%2Fwww.empireadvance.ca%2Flocal-news%2Fvmaf-rewards-students-5558240&usp=&gdpr=-1&cs=-1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA), Reverse DNS Software / Resource Hash a5702526838a6eb12aeccef5256084709af4cdbe217bd3f7f405750ef1e64d96 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 13:27:06 GMT content-encoding br vary Accept-Encoding p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" x-smrt-i 7974420 cache-control no-cache,no-store transfer-encoding chunked content-type application/javascript; charset=UTF-8
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 2C6C Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west	281 B 554 B	188ms 19ms	Document text/html	104.127.172.242 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Requested by Host: sb.freeskreen.com URL: https://sb.freeskreen.com/publisher/script.js?bai=206&ut=&uts=&flc=&slc=&windowlocation=https%3A%2F%2Fwww.empireadvance.ca%2Flocal-news%2Fvmaf-rewards-students-5558240&usp=&gdpr=-1&cs=-1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-127-172-242.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Mon, 11 Jul 2022 13:27:06 GMT ETag "402b2-119-5d32342a551c0" Last-Modified Tue, 14 Dec 2021 23:07:59 GMT Server Apache/2.2.15 (CentOS) Vary Accept-Encoding Redirect headers access-control-allow-credentials true access-control-allow-origin * content-length 0 date Mon, 11 Jul 2022 13:27:06 GMT location https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west server AkamaiGHost
GET H2	200	um sb.freeskreen.com/ Redirect Chain https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1 https://sb.freeskreen.com/um?sa=2972054258922645314	43 B 525 B	28ms 28ms	Image image/gif	174.129.130.79 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sb.freeskreen.com/um?sa=2972054258922645314 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Server 174.129.130.79 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-174-129-130-79.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 13:27:06 GMT server Apache/2.4.29 (Ubuntu) p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store content-type image/gif content-length 43 expires -1 Redirect headers location https://sb.freeskreen.com/um?sa=2972054258922645314 date Mon, 11 Jul 2022 13:27:06 GMT content-length 0
GET H2	200	um sb.freeskreen.com/ Redirect Chain https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D https://sb.freeskreen.com/um?tlr=d34e062eace34f2793e140bd4e00b191	43 B 508 B	30ms 30ms	Image image/gif	174.129.130.79 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sb.freeskreen.com/um?tlr=d34e062eace34f2793e140bd4e00b191 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Server 174.129.130.79 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-174-129-130-79.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 13:27:06 GMT server Apache/2.4.29 (Ubuntu) p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store content-type image/gif content-length 43 expires -1 Redirect headers location https://sb.freeskreen.com/um?tlr=d34e062eace34f2793e140bd4e00b191 date Mon, 11 Jul 2022 13:27:06 GMT server Apache-Coyote/1.1 content-length 0 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
GET H2	200	um sb.freeskreen.com/ Redirect Chain https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID} https://sb.freeskreen.com/um?ac={$UID}	43 B 426 B	37ms 37ms	Image image/gif	174.129.130.79 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sb.freeskreen.com/um?ac={$UID} Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Server 174.129.130.79 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-174-129-130-79.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 13:27:06 GMT server Apache/2.4.29 (Ubuntu) p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store content-type image/gif content-length 43 expires -1 Redirect headers Location https://sb.freeskreen.com/um?ac={$UID} Date Mon, 11 Jul 2022 13:27:06 GMT Transfer-Encoding chunked Server nginx Connection keep-alive X-Frame-Options DENY Strict-Transport-Security max-age=63072000; includeSubdomains; preload
GET H2	200	um sb.freeskreen.com/ Redirect Chain https://loadeu.exelator.com/load/?p=204&g=1300&j=0 https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1 https://sb.freeskreen.com/um?ni=b42fb3845b4b2c461127c5d8b1283e92	43 B 482 B	28ms 27ms	Image image/gif	174.129.130.79 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sb.freeskreen.com/um?ni=b42fb3845b4b2c461127c5d8b1283e92 Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H2 Server 174.129.130.79 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-174-129-130-79.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 13:27:06 GMT server Apache/2.4.29 (Ubuntu) p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store content-type image/gif content-length 43 expires -1 Redirect headers date Mon, 11 Jul 2022 13:27:06 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://sb.freeskreen.com/um?ni=b42fb3845b4b2c461127c5d8b1283e92 cache-control no-cache access-control-allow-credentials true content-type image/gif content-length 0
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame F12B Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east	281 B 554 B	34ms 20ms	Document text/html	104.127.172.242 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east Requested by Host: ww1772.smartadserver.com URL: https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=4961511451&out=js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-127-172-242.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Mon, 11 Jul 2022 13:27:06 GMT ETag "402b2-119-5d32342a551c0" Last-Modified Tue, 14 Dec 2021 23:07:59 GMT Server Apache/2.2.15 (CentOS) Vary Accept-Encoding Redirect headers access-control-allow-credentials true access-control-allow-origin * content-length 0 date Mon, 11 Jul 2022 13:27:06 GMT location https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east server AkamaiGHost
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 2C6C	31 KB 10 KB	20ms 20ms	Script text/html	104.127.172.242 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-127-172-242.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 398cc646926f0d5a9e42dfbff55631ebfb6efc42749c2aa80fc108312b32319b Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 11 Jul 2022 13:27:06 GMT Content-Encoding gzip Last-Modified Thu, 09 Jun 2022 17:17:26 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=83151 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9458 Expires Tue, 12 Jul 2022 12:32:57 GMT
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 2C6C	284 B 920 B	123ms 27ms	Image image/jpg	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 0228ab361cece0438ff9eb16e4e5890e Content-Type image/jpg
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame F12B	31 KB 10 KB	23ms 22ms	Script text/html	104.127.172.242 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-127-172-242.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 398cc646926f0d5a9e42dfbff55631ebfb6efc42749c2aa80fc108312b32319b Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 11 Jul 2022 13:27:06 GMT Content-Encoding gzip Last-Modified Thu, 09 Jun 2022 17:17:26 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=83151 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9458 Expires Tue, 12 Jul 2022 12:32:57 GMT
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame F12B	284 B 934 B	100ms 30ms	Image image/jpg	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 9a0c641c0479142b55591fdf2031b15f Content-Type image/jpg
GET H2	200	um sb.freeskreen.com/ Frame 2C6C Redirect Chain https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=L5GS3VVT-G-TK3 https://sb.freeskreen.com/um?mg=L5GS3VVT-G-TK3	43 B 586 B	26ms 25ms	Image image/gif	174.129.130.79 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sb.freeskreen.com/um?mg=L5GS3VVT-G-TK3 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol H2 Server 174.129.130.79 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-174-129-130-79.compute-1.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 13:27:07 GMT server Apache/2.4.29 (Ubuntu) p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR" cache-control no-cache, no-store content-type image/gif content-length 43 expires -1 Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://sb.freeskreen.com/um?mg=L5GS3VVT-G-TK3 Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost dbbc2dbf689859fb5870b364473d5441 Expires 0
GET H/1.1	200 OK	/ rtb-csync.smartadserver.com/redir/ Frame F12B Redirect Chain https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=smartadserver&khaos=L5GS3VWM-19-9YBJ https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=L5GS3VWM-19-9YBJ	43 B 406 B	155ms 54ms	Image image/gif	199.187.193.192 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=L5GS3VWM-19-9YBJ Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east Protocol HTTP/1.1 Server 199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 13:27:06 GMT cache-control no-cache,no-store content-type image/gif transfer-encoding chunked p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=L5GS3VWM-19-9YBJ Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 0228ab361cece0438ff9eb16e4e5890e Expires 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 2C6C Redirect Chain https://token.rubiconproject.com/token?pid=25470 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVHUzNWV00tMTktOVlCSg==	170 B 232 B	83ms 50ms	Image image/png	142.251.41.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVHUzNWV00tMTktOVlCSg== Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol H2 Server 142.251.41.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s40-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 13:27:07 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVHUzNWV00tMTktOVlCSg== Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost e1bddfc34a927e97bda010c0d8a62b62 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 2C6C Redirect Chain https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 https://pr-bh.ybp.yahoo.com/sync/rubicon/i8KI1lm15B7KXXFGhDfeecn5EUdSAgOZEtemQ7w0kco?csrc= https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=859208402402801755	42 B 691 B	120ms 24ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=859208402402801755 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 42 X-RPHost d5a7ef20801cf5cb1ee516b6110e672f Content-Type image/gif Redirect headers date Mon, 11 Jul 2022 13:27:07 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 location https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=859208402402801755 x-xss-protection 1; mode=block content-length 0 x-content-type-options nosniff
GET H/1.1	204 No Content	esync token.rubiconproject.com/ Frame 2C6C Redirect Chain https://id.rlcdn.com/709414.gif https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e	0 214 B	25ms 25ms	Image text/plain	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 9e7742894a018a40b59a2ed2117c85b5 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers date Mon, 11 Jul 2022 13:27:07 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 2C6C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO_YqZdjX3OwvQkyowVXcwg&google_cver=1	42 B 691 B	122ms 25ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO_YqZdjX3OwvQkyowVXcwg&google_cver=1 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 42 X-RPHost e1bddfc34a927e97bda010c0d8a62b62 Content-Type image/gif Redirect headers pragma no-cache date Mon, 11 Jul 2022 13:27:07 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO_YqZdjX3OwvQkyowVXcwg&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 326 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid px.ads.linkedin.com/ Frame 2C6C Redirect Chain https://token.rubiconproject.com/token?pid=36584 https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5GS3VWM-19-9YBJ	0 573 B	128ms 69ms	Image text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5GS3VWM-19-9YBJ Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol H2 Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:07 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 4C0F4948292842C8AB5D7EA908997E99 Ref B: YTO01EDGE0513 Ref C: 2022-07-11T13:27:07Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAXjh4IoBFdok8AVwm1Qpw== Redirect headers Location https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5GS3VWM-19-9YBJ Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost d5a7ef20801cf5cb1ee516b6110e672f P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 2C6C Redirect Chain https://match.adsrvr.org/track/cmf/rubicon https://match.adsrvr.org/track/cmb/rubicon? https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=78757432-c948-48d1-b139-2993131f2f41&gdpr=0&gdpr_consent=&expires=30	42 B 691 B	119ms 23ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=78757432-c948-48d1-b139-2993131f2f41&gdpr=0&gdpr_consent=&expires=30 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 42 X-RPHost f72efbd84733ea5ba734e4e8fe0395a3 Content-Type image/gif Redirect headers pragma no-cache date Mon, 11 Jul 2022 13:27:07 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=78757432-c948-48d1-b139-2993131f2f41&gdpr=0&gdpr_consent=&expires=30 cache-control private,no-cache, must-revalidate content-type text/html content-length 289
GET H2	200	pixel cm.g.doubleclick.net/ Frame 2C6C Redirect Chain https://token.rubiconproject.com/token?pid=2249&pt=n https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTVkZjEwNDJlNzdlYmJiZWM4OWU0MzQ3MzdkZTk4YzdkMTdkMTdmNQ	170 B 502 B	49ms 45ms	Image image/png	142.251.41.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTVkZjEwNDJlNzdlYmJiZWM4OWU0MzQ3MzdkZTk4YzdkMTdkMTdmNQ Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol H2 Server 142.251.41.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s40-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 13:27:07 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTVkZjEwNDJlNzdlYmJiZWM4OWU0MzQ3MzdkZTk4YzdkMTdkMTdmNQ Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 19c1ac3b9706c83a73951eba4d239689 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	204	v1 ads.yahoo.com/cms/ Frame 2C6C Redirect Chain https://token.rubiconproject.com/token?pid=26594 https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5GS3VWM-19-9YBJ&sigv=1&esig=2~7b27a331a2425cf5db705b1838ce64a5ab5b3fb9	0 194 B	160ms 29ms	Image text/plain	2001:4998:14:800::1001 YAHOO
General Check archive.org Show headers Download Go to Show image Full URL https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5GS3VWM-19-9YBJ&sigv=1&esig=2~7b27a331a2425cf5db705b1838ce64a5ab5b3fb9 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west Protocol H2 Server 2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:07 GMT cache-control no-store x-content-type-options nosniff server ATS strict-transport-security max-age=15552000 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-xss-protection 1; mode=block Redirect headers Location https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5GS3VWM-19-9YBJ&sigv=1&esig=2~7b27a331a2425cf5db705b1838ce64a5ab5b3fb9 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 9a0c641c0479142b55591fdf2031b15f P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	113ms 53ms	Image image/gif	2a03:2880:f162:81:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=244034819342852&ev=Microdata&dl=https%3A%2F%2Fwww.empireadvance.ca%2Flocal-news%2Fvmaf-rewards-students-5558240&rl=&if=false&ts=1657546027289&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.64&r=stable&ec=2&o=30&fbp=fb.1.1657546025785.1578575198&it=1657546025350&coo=false&es=automatic&tm=3&exp=p0&rqm=GET Requested by Host: www.empireadvance.ca URL: https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f162:81:face:b00c:0:25de Houston, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://www.empireadvance.ca/local-news/vmaf-rewards-students-5558240 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 13:27:07 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Mon, 11 Jul 2022 13:27:07 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

tag.simpli.fi

URL

https://tag.simpli.fi/sifitag/86c1de40-8632-0137-5766-06659b33d47c

Domain

cdn.districtm.ca

URL

https://cdn.districtm.ca/skin.js