www.wellandtribune.ca Open in urlscan Pro
2600:9000:2209:d800:18:681a:6f40:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://send.metroland.com/t?r=24&c=145012&l=490&ctl=231BA8:BE5107D5472867EC3195628F6B87CFFC033306CAEDE0DB61&
Effective URL:
https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Submission: On January 27 via manual (January 27th 2023, 6:19:20 pm UTC) from CA — Scanned from CA

Summary HTTP 296 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 64 IPs in 4 countries across 47 domains to perform 296 HTTP transactions. The main IP is 2600:9000:2209:d800:18:681a:6f40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.wellandtribune.ca. The Cisco Umbrella rank of the primary domain is 917972.
TLS certificate: Issued by Amazon on June 28th 2022. Valid for: a year.

This is the only time www.wellandtribune.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	70.33.236.110 70.33.236.110	13768 (COGECO-PEER1) (COGECO-PEER1)
33	2600:9000:220... 2600:9000:2209:d800:18:681a:6f40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:23c... 2600:9000:23cb:e800:16:970:b940:93a1	16509 (AMAZON-02) (AMAZON-02)
19	18.164.116.67 18.164.116.67	16509 (AMAZON-02) (AMAZON-02)
11	13.33.60.111 13.33.60.111	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	129.158.208.173 129.158.208.173	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
10	18.238.4.119 18.238.4.119	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:80c::2008	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.169.28.192 35.169.28.192	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.207.222 13.32.207.222	16509 (AMAZON-02) (AMAZON-02)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
2 3	68.67.160.76 68.67.160.76	29990 (ASN-APPNEX) (ASN-APPNEX)
5	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	20.49.104.19 20.49.104.19	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
22	23.206.218.21 23.206.218.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	13.225.223.81 13.225.223.81	16509 (AMAZON-02) (AMAZON-02)
1	13.226.36.70 13.226.36.70	16509 (AMAZON-02) (AMAZON-02)
1	108.139.38.143 108.139.38.143	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	108.138.115.22 108.138.115.22	16509 (AMAZON-02) (AMAZON-02)
25	3.229.16.82 3.229.16.82	14618 (AMAZON-AES) (AMAZON-AES)
2	44.212.203.26 44.212.203.26	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.164.101.60 18.164.101.60	16509 (AMAZON-02) (AMAZON-02)
5	35.190.14.224 35.190.14.224	15169 (GOOGLE) (GOOGLE)
2	52.88.128.19 52.88.128.19	16509 (AMAZON-02) (AMAZON-02)
1	108.138.124.226 108.138.124.226	16509 (AMAZON-02) (AMAZON-02)
1	54.231.230.241 54.231.230.241	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
2	52.205.167.202 52.205.167.202	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	18.164.116.90 18.164.116.90	16509 (AMAZON-02) (AMAZON-02)
7	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.216.93.162 34.216.93.162	16509 (AMAZON-02) (AMAZON-02)
2	63.140.38.139 63.140.38.139	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.44.199.107 52.44.199.107	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1f18:143... 2600:1f18:1430:9000:71fb:550e:293a:404e	14618 (AMAZON-AES) (AMAZON-AES)
4	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
2 10	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
1 2	142.250.80.70 142.250.80.70	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
4 9	35.173.104.42 35.173.104.42	14618 (AMAZON-AES) (AMAZON-AES)
2 6	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 8	104.105.42.146 104.105.42.146	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 2	2600:1f18:4e9... 2600:1f18:4e9:5a07:d5b4:f192:17b5:1772	14618 (AMAZON-AES) (AMAZON-AES)
7 7	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 5	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:808::2001	15169 (GOOGLE) (GOOGLE)
1 1	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
5 9	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.85.61.19 52.85.61.19	16509 (AMAZON-02) (AMAZON-02)
1	54.239.33.159 54.239.33.159	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.120.23.223 34.120.23.223	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	34.197.86.172 34.197.86.172	14618 (AMAZON-AES) (AMAZON-AES)
1	23.105.12.130 23.105.12.130	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2 2	199.187.193.185 199.187.193.185	47043 (SMARTADSE...) (SMARTADSERVER)
2 2	2600:1f18:612... 2600:1f18:612b:4280:9bef:d70a:e5d1:1a8d	14618 (AMAZON-AES) (AMAZON-AES)
1	80.77.87.161 80.77.87.161	46636 (NATCOWEB) (NATCOWEB)
2 2	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
1 1	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	213.19.162.90 213.19.162.90	3356 (LEVEL3) (LEVEL3)
1	199.187.193.193 199.187.193.193	47043 (SMARTADSE...) (SMARTADSERVER)
5	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
296	64

1 70.33.236.110 (Toronto, Canada) 1 redirects

ASN13768 (COGECO-PEER1, CA)

send.metroland.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2600:9000:2209:d800:18:681a:6f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.wellandtribune.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:23cb:e800:16:970:b940:93a1 (United States)

ASN16509 (AMAZON-02, US)

prebid.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 18.164.116.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-67.jfk50.r.cloudfront.net

bc.wellandtribune.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.33.60.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-111.ewr52.r.cloudfront.net

images.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1af (United States)

ASN13335 (CLOUDFLARENET, US)

be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:80c::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.158.208.173 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

torstar.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.238.4.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-119.phl51.r.cloudfront.net

resources.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80c::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.169.28.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-28-192.compute-1.amazonaws.com

torstar.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.207.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-207-222.iad66.r.cloudfront.net

d5phz18u4wuww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.76 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 20.49.104.19 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adserver.pressboard.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sr.studiostack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 23.206.218.21 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-218-21.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.223.81 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-81.jfk51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.36.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-36-70.ewr53.r.cloudfront.net

d1nxn87txdj54y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.38.143 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-38-143.jfk50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.115.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-115-22.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 3.229.16.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-16-82.compute-1.amazonaws.com

woobox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.212.203.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-203-26.compute-1.amazonaws.com

api.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.101.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-101-60.jfk50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com

query.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.88.128.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-128-19.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.124.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-124-226.jfk50.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.230.241 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

offertabs.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.116.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-90.jfk50.r.cloudfront.net

www.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.216.93.162 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-93-162.us-west-2.compute.amazonaws.com

torontostarnewspaperslimited.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.38.139 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-139.data.adobedc.net

s.wellandtribune.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.199.107 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-199-107.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:1430:9000:71fb:550e:293a:404e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pixel.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

79587f69b5f37fdc5ef5ffc55bbfd9d3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.70 (Glen Cove, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net

10230056.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.173.104.42 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-104-42.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.105.42.146 (New York, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-42-146.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.90.66 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:4e9:5a07:d5b4:f192:17b5:1772 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 15.197.193.217 (United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:808::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.22 (Palos Park, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 8.43.72.97 (United States) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-19.ewr53.r.cloudfront.net

static.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.33.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.23.223 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.23.120.34.bc.googleusercontent.com

engagefront.theweathernetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.197.86.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-86-172.compute-1.amazonaws.com

sb.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.130 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

ww1772.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.187.193.185 (Canada) 2 redirects

ASN47043 (SMARTADSERVER, CA)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4280:9bef:d70a:e5d1:1a8d (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

scm.publishers.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.156.250 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.141 (Los Angeles, United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-west.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.90 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.193 (Canada)

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:817::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	wellandtribune.ca www.wellandtribune.ca — Cisco Umbrella Rank: 917972 bc.wellandtribune.ca s.wellandtribune.ca	2 MB
25	woobox.com woobox.com — Cisco Umbrella Rank: 82052	124 KB
24	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 10230056.fls.doubleclick.net — Cisco Umbrella Rank: 378487 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	214 KB
24	thestar.com images.thestar.com — Cisco Umbrella Rank: 105486 resources.thestar.com — Cisco Umbrella Rank: 188408 www.thestar.com — Cisco Umbrella Rank: 82584 pixel.thestar.com — Cisco Umbrella Rank: 344333	652 KB
22	moatads.com z.moatads.com — Cisco Umbrella Rank: 428 px.moatads.com — Cisco Umbrella Rank: 520	393 KB
20	rubiconproject.com 10 redirects eus.rubiconproject.com — Cisco Umbrella Rank: 537 token.rubiconproject.com — Cisco Umbrella Rank: 548 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1079 pixel.rubiconproject.com — Cisco Umbrella Rank: 308 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 842 pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 5482 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2119	40 KB
15	googlesyndication.com 79587f69b5f37fdc5ef5ffc55bbfd9d3.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	1 MB
15	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 291 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 488 s.amazon-adsystem.com — Cisco Umbrella Rank: 271 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 902	58 KB
9	sharethrough.com 4 redirects match.sharethrough.com — Cisco Umbrella Rank: 502	3 KB
7	freeskreen.com static.freeskreen.com — Cisco Umbrella Rank: 46891 sb.freeskreen.com — Cisco Umbrella Rank: 37676	35 KB
7	adsrvr.org 7 redirects match.adsrvr.org — Cisco Umbrella Rank: 304	3 KB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	308 B
6	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 640 us-u.openx.net — Cisco Umbrella Rank: 417	1 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	3 KB
6	studiostack.com sr.studiostack.com — Cisco Umbrella Rank: 44234	27 KB
6	petametrics.com cdn.petametrics.com — Cisco Umbrella Rank: 9780 query.petametrics.com — Cisco Umbrella Rank: 10553	50 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4474	112 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	312 KB
5	google.ca adservice.google.ca — Cisco Umbrella Rank: 12466 www.google.ca — Cisco Umbrella Rank: 8067	1 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	390 KB
5	parsely.com api.parsely.com — Cisco Umbrella Rank: 9857 cdn.parsely.com — Cisco Umbrella Rank: 2620 p1.parsely.com — Cisco Umbrella Rank: 1995	31 KB
5	permutive.com api.permutive.com — Cisco Umbrella Rank: 1886	903 B
4	smartadserver.com 2 redirects ww1772.smartadserver.com — Cisco Umbrella Rank: 55409 sync.smartadserver.com — Cisco Umbrella Rank: 1343 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 560	3 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 274 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	171 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 197 torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 235531	5 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 148	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	3 KB
3	cloudfront.net d5phz18u4wuww.cloudfront.net d1nxn87txdj54y.cloudfront.net d1z2jf7jlzjs58.cloudfront.net	58 KB
3	the-ozone-project.com prebid.the-ozone-project.com — Cisco Umbrella Rank: 19377 elb.the-ozone-project.com Failed	67 KB
2	exelator.com 2 redirects loadeu.exelator.com — Cisco Umbrella Rank: 7031	2 KB
2	tremorhub.com 2 redirects scm.publishers.tremorhub.com — Cisco Umbrella Rank: 55125	650 B
2	everesttech.net 2 redirects cm.everesttech.net — Cisco Umbrella Rank: 1000 sync-tm.everesttech.net — Cisco Umbrella Rank: 556	736 B
2	blueconic.net torstar.blueconic.net — Cisco Umbrella Rank: 276935	2 KB
1	admanmedia.com cs.admanmedia.com — Cisco Umbrella Rank: 917	199 B
1	theweathernetwork.com engagefront.theweathernetwork.com — Cisco Umbrella Rank: 1715	309 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 353	574 B
1	33across.com 1 redirects ssc-cms.33across.com — Cisco Umbrella Rank: 812	538 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 295	30 KB
1	amazonaws.com offertabs.s3.amazonaws.com — Cisco Umbrella Rank: 207452	41 KB
1	pressboard.ca adserver.pressboard.ca — Cisco Umbrella Rank: 75103	789 B
1	prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 304811	399 B
1	gscontxt.net torstar.gscontxt.net — Cisco Umbrella Rank: 253511	106 B
1	btloader.com btloader.com — Cisco Umbrella Rank: 789	7 KB
1	permutive.app be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 246939	132 KB
1	metroland.com 1 redirects send.metroland.com	232 B
296	47

	Domain	Requested by
33	www.wellandtribune.ca	www.wellandtribune.ca
25	woobox.com	srcdoc woobox.com offertabs.s3.amazonaws.com
19	bc.wellandtribune.ca	www.wellandtribune.ca bc.wellandtribune.ca
15	px.moatads.com	www.wellandtribune.ca
13	securepubads.g.doubleclick.net	www.wellandtribune.ca securepubads.g.doubleclick.net www.googletagservices.com
11	images.thestar.com	www.wellandtribune.ca
10	s.amazon-adsystem.com	2 redirects c.amazon-adsystem.com s.amazon-adsystem.com u.openx.net match.sharethrough.com eus.rubiconproject.com
10	resources.thestar.com	www.wellandtribune.ca resources.thestar.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
9	match.sharethrough.com	4 redirects s.amazon-adsystem.com match.sharethrough.com
7	match.adsrvr.org	7 redirects
7	www.facebook.com	www.wellandtribune.ca connect.facebook.net
7	z.moatads.com	www.wellandtribune.ca securepubads.g.doubleclick.net z.moatads.com
6	sb.freeskreen.com	static.freeskreen.com www.wellandtribune.ca eus.rubiconproject.com
6	eus.rubiconproject.com	s.amazon-adsystem.com eus.rubiconproject.com sb.freeskreen.com ww1772.smartadserver.com
6	sr.studiostack.com	adserver.pressboard.ca sr.studiostack.com
6	dev.visualwebsiteoptimizer.com	www.wellandtribune.ca dev.visualwebsiteoptimizer.com d5phz18u4wuww.cloudfront.net
6	www.googletagmanager.com	www.wellandtribune.ca www.googletagmanager.com
5	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	cm.g.doubleclick.net	2 redirects u.openx.net eus.rubiconproject.com
5	query.petametrics.com	www.wellandtribune.ca
5	connect.facebook.net	www.wellandtribune.ca connect.facebook.net woobox.com
5	api.permutive.com	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
4	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
4	www.google.com	www.wellandtribune.ca tpc.googlesyndication.com
4	www.googletagservices.com	www.wellandtribune.ca securepubads.g.doubleclick.net
3	www.google.ca	www.wellandtribune.ca
3	us-u.openx.net	u.openx.net
3	u.openx.net	2 redirects s.amazon-adsystem.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	c.amazon-adsystem.com	www.wellandtribune.ca c.amazon-adsystem.com
3	sb.scorecardresearch.com	1 redirects www.wellandtribune.ca
3	ib.adnxs.com	2 redirects be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
3	prebid.the-ozone-project.com	www.wellandtribune.ca prebid.the-ozone-project.com
2	loadeu.exelator.com	2 redirects
2	scm.publishers.tremorhub.com	2 redirects
2	sync.smartadserver.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects u.openx.net
2	ups.analytics.yahoo.com	2 redirects
2	10230056.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	adservice.google.com	securepubads.g.doubleclick.net 10230056.fls.doubleclick.net
2	adservice.google.ca	securepubads.g.doubleclick.net adservice.google.com
2	pixel.thestar.com	connect.facebook.net
2	s.wellandtribune.ca	resources.thestar.com
2	p1.parsely.com	www.wellandtribune.ca
2	dpm.demdex.net	resources.thestar.com www.wellandtribune.ca
2	api.parsely.com	www.wellandtribune.ca
2	torstar.blueconic.net	bc.wellandtribune.ca
1	rtb-csync.smartadserver.com	eus.rubiconproject.com
1	pixel-eu.rubiconproject.com	1 redirects
1	pixel-us-west.rubiconproject.com	1 redirects
1	cs.admanmedia.com	www.wellandtribune.ca
1	ww1772.smartadserver.com	sb.freeskreen.com
1	engagefront.theweathernetwork.com	www.wellandtribune.ca
1	px.ads.linkedin.com	eus.rubiconproject.com
1	aax-eu.amazon-adsystem.com	eus.rubiconproject.com
1	static.freeskreen.com	securepubads.g.doubleclick.net
1	pixel-us-east.rubiconproject.com	1 redirects
1	ssc-cms.33across.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	79587f69b5f37fdc5ef5ffc55bbfd9d3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cm.everesttech.net	1 redirects
1	torontostarnewspaperslimited.demdex.net	resources.thestar.com
1	www.thestar.com	www.wellandtribune.ca
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.googleapis.com	woobox.com
1	offertabs.s3.amazonaws.com	woobox.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	cdn.petametrics.com	www.wellandtribune.ca
1	d1z2jf7jlzjs58.cloudfront.net	www.wellandtribune.ca
1	d1nxn87txdj54y.cloudfront.net	www.wellandtribune.ca
1	adserver.pressboard.ca	www.wellandtribune.ca
1	be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1	d5phz18u4wuww.cloudfront.net	www.wellandtribune.ca
1	torstar.gscontxt.net	www.wellandtribune.ca
1	btloader.com	www.wellandtribune.ca
1	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	www.wellandtribune.ca
1	send.metroland.com	1 redirects
0	elb.the-ozone-project.com Failed	prebid.the-ozone-project.com
296	83

This site contains links to these domains. Also see Links.

Domain
pubads.g.doubleclick.net
www.legacy.com
marketplace.wellandtribune.ca
www.niagarathisweek.com
www.torontostarreprints.com
metroland.com
toriservices.newscyclecloud.com
stcatharinesstandard.adperfect.com
wtoffers.ca
www.facebook.com
twitter.com
www.youtube.com
wellandtribune.pressreader.com
notices.torstar.com
bc.wellandtribune.ca

Subject Issuer	Validity	Valid
*.thestar.com Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
*.the-ozone-project.com Amazon	`2022-11-22` - `2023-12-20`	a year	crt.sh
n511.thestar.com Amazon RSA 2048 M02	`2022-11-03` - `2023-12-02`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2023-01-11` - `2023-04-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-05` - `2023-08-05`	a year	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-08` - `2023-12-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.blueconic.net Amazon	`2022-07-08` - `2023-08-06`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.prmutv.co R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
api.permutive.com R3	`2022-12-18` - `2023-03-18`	3 months	crt.sh
*.pressboard.ca Go Daddy Secure Certificate Authority - G2	`2022-03-17` - `2023-03-17`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
cdn.liftigniter.com R3	`2022-12-28` - `2023-03-28`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.woobox.com Go Daddy Secure Certificate Authority - G2	`2022-02-21` - `2023-03-25`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-06` - `2023-02-04`	3 months	crt.sh
*.studiostack.com Go Daddy Secure Certificate Authority - G2	`2022-11-16` - `2023-12-18`	a year	crt.sh
*.liftigniter.com R3	`2022-12-08` - `2023-03-08`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
s.wellandtribune.ca DigiCert TLS RSA SHA256 2020 CA1	`2022-08-11` - `2023-09-11`	a year	crt.sh
pixel.thestar.com Amazon	`2022-06-08` - `2023-07-07`	a year	crt.sh
*.google.ca GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.freeskreen.com Amazon	`2022-11-18` - `2023-12-16`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
engagefront.theweathernetwork.com GTS CA 1D4	`2023-01-04` - `2023-04-04`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2022-04-21` - `2023-05-23`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Frame ID: CA1EBB6DDF045ECD598EE0C71C7A484F
Requests: 193 HTTP requests in this frame

Frame: https://woobox.com/js/plugins/woo.js
Frame ID: 410FA70613C1690C8734BC5A622A0572
Requests: 1 HTTP requests in this frame

Frame: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Frame ID: CB5F15965F1E79788C6E271DF24FBFF8
Requests: 29 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: 4A5232FA30B286E70E4798DE4DE6D3D7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 91B393C3DA2190597A449696FA94BA70
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-vmg_ox-db5_an-db5&dcc=t
Frame ID: D5A5CC60789BF92BD684313D2DF49784
Requests: 1 HTTP requests in this frame

Frame: https://79587f69b5f37fdc5ef5ffc55bbfd9d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FFB80E6E2BE1A9944D49861D866FEFB2
Requests: 1 HTTP requests in this frame

Frame: https://10230056.fls.doubleclick.net/activityi;dc_pre=CIfi3biu6PwCFS2KgwgdJzYC7Q;src=10230056;type=ret01;cat=land01;ord=5346153482110;gtm=2od1p0;auiddc=905774472.1674843554;~oref=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html
Frame ID: 27C717C6E0BDD155DDCFF63B4C05E92E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_n-vmg_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 292FAD0CBB399A6FEC060B0EEED80355
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 66A365AFB6546B15C9F6FEC9E4985400
Requests: 6 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 6554FADF17CF031E661660653C8CA5E7
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: E7BFAAE5EC7DF2A23FC4BB20DD2AFAB9
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JcnQxc2MxRTJ1SzAzeXZUNGxqNlREYy5yMzFVOUZZQ35B
Frame ID: 7218F281471D72B21FD18FBCCCFCA564
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=9170963943015918012&ex=appnexus.com
Frame ID: 010C3AE3F90F5F74EADCD3DF794A2A2D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIfi3biu6PwCFS2KgwgdJzYC7Q;src=10230056;type=ret01;cat=land01;ord=5346153482110;gtm=2od1p0;auiddc=905774472.1674843554;~oref=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html
Frame ID: 2FD3CAC40097A76496490D4823E86221
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AA51EC679E5CCC7D58443B5BE414341D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.ca/ddm/fls/i/dc_pre=CIfi3biu6PwCFS2KgwgdJzYC7Q;src=10230056;type=ret01;cat=land01;ord=5346153482110;gtm=2od1p0;auiddc=905774472.1674843554;~oref=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html
Frame ID: 5533039F715C0F0352A914245EE4B21E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMretXvhB5yphn5IEpAcRtPh7b1Vc7cKlicWpGUeWaoZ5_bUA8LNh7U6JAlkYaYE09k-jNC1mlT-p4Gxqrd4GAi8FPCuSTSFVmZ3GbE7agPB1uzASYCCzhopLu0L9nv0fN5nC6y-Uc01HNXI5MOHkDq8E3zI9xmaDajt_wXr_1uYXWaQPEFdcCwO3gU-0zT7h9ZALVMo8jTUry5Uu57kwPAcjB4SVtOtaA4Rdcvy-KgM7bvKaTj4BD12gtNmsdwtE-Lfg-SJO8mrqRvE9q9-u-HV2fEFjKYhRo1dGpjjp6b2cp0jHyB285FqpuPkuVCTp1enLZZINq4QpqTAWNXJZ_PVKZx5Cm5Azf-wg9nse1ME5hKlBJ2dUTf8SwBaR5ajkBhd04YAo-EA&sai=AMfl-YQkkb0JsU5CpoLn57X7B4Z-h7YxsHiG0m9jzaRzw4DGPdf_q-Um3F3FYljowKZmHsieFeAcR_pJDIAJ8TR-AWGQ6UhoFoypIVP5L-kna9GbT-gvDvmGNcMYG9lSjGZMVVc_A5xYRnwah5HdHFUurmY&sig=Cg0ArKJSzJZYq8Uu561SEAE&uach_m=[UACH]&adurl=
Frame ID: 5AD876AB897DA5A0BFE97988B035AA1C
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPwv8lPs78tXrNR9yjAdkeN6LcADMO_sXkqwu2j6YX129mdWxIdlbtu99VHM9C2hLMl1jKIli3lUvmQXAxleBI3Eaj_vkM1wOk0T2v9QWWOUh2F9ZMf0-Om1GtBw97xRWVSXeoPfZS9VyMJ8EFLRjRQo1UGR16RjL5RFCJ4LgjfV3f4wd1fXm8iUoBR90gB8bxuVGmv_NfAOcWBeS64OWZxkVlS0a-FfT-bcxfJkUv0l-oX8wf7r4SS19RlvxeskQ_P63AQdQ0BA9kW5RrvwA4pSiDVS7vdaJmRSywlLhv647GcacLQ5nY08ig-iqJkjnB2O4rdFEicDHmUHOlAGGtfcFzaJwBuIHm1HVSEBaWgvmlkEXMBSZYUwfRy3gtA2qp0NH32lZsbQ&sai=AMfl-YQtZX7kl0q6hZp-87GE8t1rUdcjr4EZTkDisFsuXPhAv25fiPpOjFuIagRpOX9K9r54fKf2hqTBPDrPQg9ktybaplHwZtFaco5w5xXSgvJkP74t1ikeCwDb_KtuP0y498S0gZg25tvynui86MiOd04&sig=Cg0ArKJSzEUrCMuNb-VQEAE&uach_m=[UACH]&adurl=
Frame ID: 39AE6ADCD3C026FB3CC21B2C9B80AE21
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvr0PKoSbCzw2FJRSHbwLg5K53lRJrx97t2QVMK3XRY1k7URO9a0HYE0xOMm9VSazqP8QHXtFndxNJBZjbC1tW1PcLaA_nEDxJGN4caxjl_JucfksQ83VfoZMoqdR5z0623mi_2y2BToNRz485YpjFvkjkjBGEHuVOZGzIPQUOhlVpOhb0y1ST0AdllUmVPoaXNmPAX4fuOXl9E5iTlxjf2Pn2e-3hiO9_HXHkjQB89h23A2lAd4Fq2uV9PG-4drAiKMMGlv7PIZQdynfzhQHgRt4EizeGWtzj6vqjKYJOuTPl0zV7kQRjYjDPaEC2994Nq72Uq6VX8Dlp8ltFNr3BAlAeeZzRjKb-ouVy7Rl08qy9ymbnqRQ1rxIf9LI-IGhMyux7G&sai=AMfl-YSRxNQxs69hro0PKSRdQnprReBMyjPBddp9kLbD24llMfpDxCpHDT1BeZ4nKSNHWD3MblhzU-xcdzx-182zuWN07AavA7OZl4Qh1TAgJofjfOhHYhevsCM0m4VkayJ8uiyn-s0WbIer5a_Wrj5rBQ&sig=Cg0ArKJSzMER6XYjzSAsEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D7E3B42C7B11E31ACEA9E441D6F4B214
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Frame ID: 182E82A8841A06C9983901B5CDA454C1
Requests: 3 HTTP requests in this frame

Frame: https://sb.freeskreen.com/t.gif?tm=1674843554&p=3455&c=5215&ttm=1674843554811&s=&d=&v=&t=b8281d7a-16d1-4f9d-ac02-91878d867689&co=CA&pr=CA-QC&ci=Montreal&dm=GM&flc=other&slc=&e=AdOpened&m=2&x=null
Frame ID: F8614294E14184F44288D446E4D18BE7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 83BAC455F3102FF26DFFD183A964A5EC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C5B7C8D1FEFFE8948C2F5BC358A3A1BC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 500A70E3737470A77904956722588FCF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lots O' Prizes Contest! | wellandtribune.ca

Page URL History Show full URLs

http://send.metroland.com/t?r=24&c=145012&l=490&ctl=231BA8:BE5107D5472867EC3195628F6B87CFFC033306CAEDE... HTTP 302
https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

296
Requests

91 %
HTTPS

29 %
IPv6

47
Domains

83
Subdomains

64
IPs

4
Countries

5727 kB
Transfer

14613 kB
Size

80
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5985467267&iu=/58580620
Title: Sports Betting

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/wellandtribune/browse/
Title: obituaries

Search URL Search Domain Scan URL

URL: https://marketplace.wellandtribune.ca/
Title: Marketplace

Search URL Search Domain Scan URL

URL: https://www.niagarathisweek.com/niagara-events/
Title: Events

Search URL Search Domain Scan URL

URL: http://www.torontostarreprints.com/
Title: www.TorontoStarReprints.com

Search URL Search Domain Scan URL

URL: https://metroland.com/join/
Title: Join our Team

Search URL Search Domain Scan URL

URL: https://toriservices.newscyclecloud.com/cgi-bin/cmo_tor-c-cmdb-01.sh/custservice/web/login.html?SiteID=WT
Title: Manage my Home Delivery Subscription

Search URL Search Domain Scan URL

URL: https://metroland.com/what-we-do/?id=Advertise
Title: Place an Ad

Search URL Search Domain Scan URL

URL: https://metroland.com/advertising-terms-and-conditions/
Title: Advertising Terms

Search URL Search Domain Scan URL

URL: https://stcatharinesstandard.adperfect.com/
Title: Post an Obituary or Classified Ad

Search URL Search Domain Scan URL

URL: https://wtoffers.ca/
Title: Home Delivery Offers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wellandtribune

Search URL Search Domain Scan URL

URL: https://twitter.com/WellandTribune

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVClY5BoeVYaj834JOKLZUw

Search URL Search Domain Scan URL

URL: https://wellandtribune.pressreader.com/the-welland-tribune

Search URL Search Domain Scan URL

URL: https://metroland.com/newspapers/?id=about
Title: Metroland Media Group

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/privacy-policy/index.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/main_terms_of_use_daily_and_community_brands_EN/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://bc.wellandtribune.ca/s/3f1?profileid=56f9a5fd-ff2c-40c9-bed2-14dd2a77f9c5

Search URL Search Domain Scan URL

URL: https://bc.wellandtribune.ca/s/3f2?profileid=56f9a5fd-ff2c-40c9-bed2-14dd2a77f9c5
Title: Get This Offer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://send.metroland.com/t?r=24&c=145012&l=490&ctl=231BA8:BE5107D5472867EC3195628F6B87CFFC033306CAEDE0DB61& HTTP 302
https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1674843550567&ns_c=UTF-8&c7=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&c8=Lots%20O%27%20Prizes%20Contest!%20%7C%20wellandtribune.ca&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1674843550567&ns_c=UTF-8&c7=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&c8=Lots%20O%27%20Prizes%20Contest!%20%7C%20wellandtribune.ca&c9=

Request Chain 145

https://cm.everesttech.net/cm/dd?d_uuid=12400270736168246941448042300693980893 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9QVoQAAABpKeAN2

Request Chain 166

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-vmg_ox-db5_an-db5 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-vmg_ox-db5_an-db5&dcc=t

Request Chain 180

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=5346153482110;gtm=2od1p0;auiddc=905774472.1674843554;~oref=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html HTTP 302
https://10230056.fls.doubleclick.net/activityi;dc_pre=CIfi3biu6PwCFS2KgwgdJzYC7Q;src=10230056;type=ret01;cat=land01;ord=5346153482110;gtm=2od1p0;auiddc=905774472.1674843554;~oref=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html

Request Chain 190

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Request Chain 192

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JcnQxc2MxRTJ1SzAzeXZUNGxqNlREYy5yMzFVOUZZQ35B

Request Chain 193

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=9170963943015918012&ex=appnexus.com

Request Chain 201

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y9QVoQAAABpKeAN2

Request Chain 203

https://match.adsrvr.org/track/cmf/openx?oxid=42923229-d897-3728-4c09-e48ee40e989c&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=42923229-d897-3728-4c09-e48ee40e989c&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5a239b24-4623-4fc0-944c-33debdf9cf5b&ttd_puid=42923229-d897-3728-4c09-e48ee40e989c&gdpr=0&gdpr_consent=

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBtiPyRuQWChtFrBoi85qF4&google_cver=1

Request Chain 214

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X HTTP 302
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212088455594955

Request Chain 215

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d600c8ef-2c70-46cd-a66a-55d36b0df7d9&gdpr=0&gdpr_consent=

Request Chain 216

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=8cf1c714-6ad3-0ac5-09a2-c2c4eec53af4

Request Chain 217

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5a239b24-4623-4fc0-944c-33debdf9cf5b&gdpr=0&gdpr_consent=

Request Chain 230

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LDEULXEG-1Z-FEL7 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LDEULXEG-1Z-FEL7&ex=d-rubiconproject.com&status=ok

Request Chain 243

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d600c8ef-2c70-46cd-a66a-55d36b0df7d9&gdpr=0&gdpr_consent=&expires=30

Request Chain 244

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDEULXEG-1Z-FEL7

Request Chain 245

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aarDlQ4QSuy5zBeqiClk_w&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aarDlQ4QSuy5zBeqiClk_w

Request Chain 246

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/RKexgQ2_D7E48StyJny0l8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tjeDzlZE2oL_2iPkNtCBC8ocIktSNZA1rRs1Vg--~A

Request Chain 247

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODBkZmFkOGE0MjkxMzlhYzIwODhhOTA5MWM2ZDUxNTBjMzkwYjk3ZQ

Request Chain 248

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH0fT6EqlZzyMQY9jpWNKbI&google_cver=1

Request Chain 249

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERFVUxYRUctMVotRkVMNw==

Request Chain 265

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west HTTP 301
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Request Chain 266

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1 HTTP 302
https://sb.freeskreen.com/um?sa=4884833608015776692

Request Chain 267

https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
https://sb.freeskreen.com/um?tlr=8a3e5112504c4f22905852e156ba8bc6

Request Chain 269

https://loadeu.exelator.com/load/?p=204&g=1300&j=0 HTTP 302
https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1 HTTP 302
https://sb.freeskreen.com/um?ni=3c9d6a631d355030ae98457fff9d54d6

Request Chain 271

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 273

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=LDEULXEG-1Z-FEL7 HTTP 302
https://sb.freeskreen.com/um?mg=LDEULXEG-1Z-FEL7

Request Chain 275

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver&khaos=LDEULXEG-1Z-FEL7 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LDEULXEG-1Z-FEL7

296 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request wt-lots-o-prizes-contest.html Show response
www.wellandtribune.ca/contests/2023/01/
Redirect Chain

http://send.metroland.com/t?r=24&c=145012&l=490&ctl=231BA8:BE5107D5472867EC3195628F6B87CFFC033306CAEDE0DB61&
https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

150 KB
150 KB

162ms
42ms

Document
text/html

2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

0432ec46805ad8fe6a8071a5c50f4a3d51212f36300e56ed2df0c45d5c00da8f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: https://amp.thestar.com
age: 57
cache-control: max-age=180
content-length: 153338
content-type: text/html; charset=utf-8
date: Fri, 27 Jan 2023 18:18:12 GMT
etag: W/"256fa-P4ed2M6uyqhQgqfZdG6Tg4hM4oQ"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-id: JbpHsPjmMKipKFUiUWaCXDgLRVASqzg9BlpC5uAkmShDRQfobApDRw==
x-amz-cf-pop: EWR53-P1
x-cache: Hit from cloudfront
x-frame-options: SAMEORIGIN
x-powered-by: Express

Redirect headers

Content-Length: 0
Content-Type: text/html;charset=UTF-8
Date: Fri, 27 Jan 2023 18:19:09 GMT
Location: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Server: Apache-Coyote/1.1

GET
H2 200 TorstarTextO3-Roman.ttf
www.wellandtribune.ca/assets/fonts/ 24 KB
24 KB 50ms
47ms Font
font/ttf 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/assets/fonts/TorstarTextO3-Roman.ttf

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Origin: https://www.wellandtribune.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 15:43:01 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 9368
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 24616
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"6028-185cea1a838"
x-frame-options: SAMEORIGIN
content-type: font/ttf
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: ecgE3nn0TZMU4imbxgaVkO8w1oP4cPtSbGQ2ZvFJoK-TcSO1k1G94Q==

GET
H2 200 TorstarTextO3-Italic.woff2
www.wellandtribune.ca/assets/fonts/ 18 KB
18 KB 69ms
66ms Font
font/woff2 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/assets/fonts/TorstarTextO3-Italic.woff2

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Origin: https://www.wellandtribune.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 16:57:34 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 4895
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18316
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"478c-185cea1a838"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: Pf6taOjgsZuKpf-UZLFcOCpDizg3YLnMDiHYtWHgGpmWjyJyp9pjRw==

GET
H2 200 TorstarTextO3-Bold.woff2
www.wellandtribune.ca/assets/fonts/ 18 KB
18 KB 88ms
85ms Font
font/woff2 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/assets/fonts/TorstarTextO3-Bold.woff2

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Origin: https://www.wellandtribune.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 16:08:56 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 7813
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18276
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"4764-185cea1a838"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: HUc8jnZf3sjsT-Pxcfj4BFgRyPm2dD2R23v-V-7Aoxgyx3sGE95W_w==

GET
H2 200 TorstarDeckCondensed-Roman.woff2
www.wellandtribune.ca/assets/fonts/ 19 KB
19 KB 70ms
68ms Font
font/woff2 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/assets/fonts/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Origin: https://www.wellandtribune.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:29:22 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 2987
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 19052
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"4a6c-185cea1a838"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: HLtTtejOGRmr3vv8V78ZZuKC00T3On9xR9WNtW5Ax92ztCOBjKaTQw==

GET
H2 200 TorstarDeckCondensed-Semibold.woff2
www.wellandtribune.ca/assets/fonts/ 18 KB
19 KB 75ms
73ms Font
font/woff2 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/assets/fonts/TorstarDeckCondensed-Semibold.woff2

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Origin: https://www.wellandtribune.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:54:26 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 1483
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18736
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"4930-185cea1a838"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: eP7VDwEirFwOGNxq_5vjA0Z5un69B8Kekv8ozG1GhDBaBK9Mt-AJ-g==

GET
H2 200 MerriweatherSans-Regular.woff2
www.wellandtribune.ca/assets/fonts/merriweather/ 54 KB
54 KB 72ms
70ms Font
font/woff2 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/assets/fonts/merriweather/MerriweatherSans-Regular.woff2

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Origin: https://www.wellandtribune.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 14:55:15 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 12234
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 55032
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d6f8-185cea1a838"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: YwHqRva5Gx2-Z8LhQmeRBU60bxIijb9OZ1amtsSpU-AdomCfUF0fSQ==

GET
H2 200 MerriweatherSans-Italic.woff2
www.wellandtribune.ca/assets/fonts/merriweather/ 52 KB
53 KB 79ms
77ms Font
font/woff2 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/assets/fonts/merriweather/MerriweatherSans-Italic.woff2

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Origin: https://www.wellandtribune.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:37:39 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 2490
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 53664
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d1a0-185cea1a838"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: YnDsFILFHrZISeGe11GTkMoJ7NmRDySiLDxNcIZlPHOhHqxSptolSg==

GET
H2 200 MerriweatherSans-Bold.woff2
www.wellandtribune.ca/assets/fonts/merriweather/ 55 KB
56 KB 84ms
83ms Font
font/woff2 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/assets/fonts/merriweather/MerriweatherSans-Bold.woff2

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Origin: https://www.wellandtribune.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 16:08:56 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 7813
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 56380
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"dc3c-185cea1a838"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: ipLRHPHdPKt3r5EEVERWBHAvQan-1FksyFuWLiw_spryRfoOwXms4g==

GET
H2 200 MerriweatherSans-BoldItalic.woff2
www.wellandtribune.ca/assets/fonts/merriweather/ 54 KB
54 KB 76ms
74ms Font
font/woff2 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Origin: https://www.wellandtribune.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 14:52:36 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 12393
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54800
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d610-185cea1a838"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: -NVKsYisRRpYjVDeVkvmAq1lfiRy2DrQQmVAirORP6briAcpQfrdDA==

GET
H2 200 MerriweatherSans-Black.woff2
www.wellandtribune.ca/assets/fonts/merriweather/ 53 KB
54 KB 79ms
77ms Font
font/woff2 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/assets/fonts/merriweather/MerriweatherSans-Black.woff2

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Origin: https://www.wellandtribune.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 14:55:15 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 12234
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54304
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d420-185cea1a838"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: 7uFDGV5MGRymzZ0tQ6PbyxmCumfIXGTz6yKce58CRnAR0VFr5frGLA==

GET
H2 200 wellandtribune-adunits.js Show response
prebid.the-ozone-project.com/hw/torstar/ 4 KB
1 KB 94ms
21ms Script
application/javascript 2600:9000:23cb:e800:16:970:b940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/wellandtribune-adunits.js
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:e800:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6cc5840bbf220d62800acb9101532c9e2f15b22f0f3521d6b81ac4e54650dca

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 16:45:13 GMT
content-encoding: br
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
last-modified: Tue, 08 Mar 2022 15:50:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 6365
etag: W/"9e12c6f397d0b0957c788698f2362335"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: q1ohX36fSqVAeEFhxFVjJV_rw5zD01CMgwDxWMGmvY-vh3FIG2sUqQ==

GET
H2 200 script.js Show response
bc.wellandtribune.ca/ 138 KB
41 KB 100ms
23ms Script
text/javascript 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/script.js

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

df146eff73a4a1f30553e20ee178c345d8c6bf1926cce23e64072b62ba30e742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
age: 468
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 41792
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Jan 2023 18:10:28 GMT
server: -
etag: 9985fa3511b00cd0f8ef60ffb20eaeda
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: ZvZ-_TLhi4ldOxUMpQesCPY6JlBjzfrfP7j0uvzAQn7IQ-cqfdk-XA==
expires: Fri, 27 Jan 2023 18:21:21 GMT

GET
H2 200 lotsoprizes-contest-promo-v02-02-0.png
images.thestar.com/8pynVdy-BtN6b2oIW7BU7ksKsqk=/0x0:1251x1043/1251x1043/smart/filters:cb(1674753364785):format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/uploads/2023/01/26/ 54 KB
54 KB 102ms
22ms Image
image/webp 13.33.60.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/8pynVdy-BtN6b2oIW7BU7ksKsqk=/0x0:1251x1043/1251x1043/smart/filters:cb(1674753364785):format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/uploads/2023/01/26/lotsoprizes-contest-promo-v02-02-0.png
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-111.ewr52.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 86bf345379db4ccfe9b91b80832dd9c9830351b23d1afbe7122660f28e67a1a1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 17:41:54 GMT
via: 1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: EWR52-C1
age: 88635
etag: "3e3ca81b66ff40aadaa8db9a57343cfa923764ab"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 55112
x-amz-cf-id: JJxIokOAPKzxWAJCENVhQ-lHWY8JdVX6nZSa6vd4y-kHIjaWVRP9Ew==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 74.css
www.wellandtribune.ca/static/ 6 KB
3 KB 52ms
51ms Stylesheet
text/css 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/static/74.css?v=7db92b637058f6d7a9ef

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

3e54047a5de69628d87570753a0bfbcae01a1375bc54d1b3819751e211b602b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 10:00:48 GMT
content-encoding: gzip
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 29901
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 10:09:38 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"19a0-185cea7bed0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: BdOZDv2mr5PgpOZCDntBN5mk4ffh8sOjhCXL0f4-V4CB3FSnsRNDZQ==

GET
H2 200 bundle.css
www.wellandtribune.ca/static/ 405 KB
63 KB 52ms
51ms Stylesheet
text/css 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/static/bundle.css?v=2fe22240994a1f90c446

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

e641c65f0ccda870021634b66599d861117c4f93f03ef209736d8d5fa78462ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:14:07 GMT
content-encoding: gzip
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 3902
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 10:09:38 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"655b3-185cea7bed0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: ZPTRVfYgC5uSO4EHWEqRXQbeOroM9hFws-Z4qGzrNEQN01E8hqjd7Q==

GET
H2 200 be54a597-6b6d-4e2d-9d31-642310a8db25-web.js Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 432 KB
132 KB 76ms
40ms Script
application/javascript 2606:4700::6812:1af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dd353d3cb4c4bc3fcc11e7f27efc692854c9393d6221271b3aef3385ad6293c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:09 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: be54a597-6b6d-4e2d-9d31-642310a8db25
age: 292
x-guploader-uploadid: ADPycdsf-23jVvBuZNV1n5esjSSddr7mPE96gZH84peyf1z2PI9jw41qV1iioFB5CtpIaZav_rt6rc0018ZJRLSArSYDNw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Mon, 14 Nov 2022 10:17:23 GMT
server: cloudflare
etag: W/"8f00ae526705181d9b929b25770b0584"
vary: Accept-Encoding
x-goog-generation: 1668421043825607
content-type: application/javascript
x-goog-hash: crc32c=wf3MGw==, md5=jwCuUmcFGB2bkpsldwsFhA==
cache-control: public, max-age=900
x-goog-stored-content-length: 139051
timing-allow-origin: *
cf-ray: 79037eb99c2b7145-YUL
expires: Fri, 27 Jan 2023 18:34:09 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 124ms
58ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4c1a2f23de27683a23e27d9aa8b5f9c64be4eb5481102dddfc2a1581bb47056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27583
x-xss-protection: 0
server: sffe
etag: "1464 / 135 of 1000 / last-modified: 1674821399"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 27 Jan 2023 18:19:09 GMT

GET
H2 200 ads.js Show response
www.wellandtribune.ca/assets/js/ 22 B
495 B 22ms
20ms Script
application/javascript 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/assets/js/ads.js

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:51:24 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 1817
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 22
last-modified: Fri, 20 Jan 2023 10:03:00 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"16-185cea1ac20"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: mD7qBkqqlZXxPYgAGBVRF3P5i80bloVHRaGNMyUPp24GDfBgIQKvuw==

GET
H2 200 tag Show response
btloader.com/ 14 KB
7 KB 109ms
46ms Script
application/javascript 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5071905434894336&upapi=true
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1afa95668cd4a4486911581ad6e2e5fca5c291a4617ca402ebfba817e7e02b2c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:09 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Jan 2023 17:48:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1861
etag: W/"968a1aca1d41e8d64083e879f05a1015"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daZHienPdSKpW0SXEqqTHRGAXoN2GX2LV5vDcmGwSf0Y%2Bpe6W18qw85Ypk0RsBANLig%2BFHU5hpXSb9VbX%2BfGMgSlQWA%2BQCkUKxmXTjTrMzYDhLZqKbJOPWiAXGl9OKxNoWSqDUk0n3Wb%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray: 79037ebaef6fc42c-EWR

GET
H2 200 logo-wellandtribune.svg
www.wellandtribune.ca/assets/svg/ 11 KB
12 KB 46ms
45ms Image
image/svg+xml 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wellandtribune.ca/assets/svg/logo-wellandtribune.svg

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

c0219bc8bc507034e70fa27dff3b68a20bc6cc2ae07f095f7fcc5c23947293e0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 16:08:43 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 7826
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 11458
last-modified: Fri, 20 Jan 2023 10:03:00 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"2cc2-185cea1ac20"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: LFXMMJdBRPOTid5X0p8II7o9cMeaGBSrTPXf-EIiWjB6B7FURf5hQA==

GET
H2 200 loading-spinner.svg
www.wellandtribune.ca/assets/img/ 3 KB
4 KB 74ms
68ms Image
image/svg+xml 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wellandtribune.ca/assets/img/loading-spinner.svg

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

9474557b14923e78c9b0b7b44bccd0d7018187fb0150095946932a071f155933

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 15:20:27 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 10722
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 3412
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d54-185cea1a838"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: 4lWxI9tnKeQQRQNNKWjnTslNHkgSY4Sqw9c5jc6j9j94vdjcbCzsUA==

GET
H2 200 logo-round-wellandtribune.svg
www.wellandtribune.ca/assets/svg/ 1 KB
2 KB 75ms
68ms Image
image/svg+xml 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wellandtribune.ca/assets/svg/logo-round-wellandtribune.svg

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

2609725a606791c7a6a552936684ab1aaf9c1f1a1425107771ba7a56f22708bb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:54:26 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 1483
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 1167
last-modified: Fri, 20 Jan 2023 10:03:00 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"48f-185cea1ac20"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: W_mZ8qlnjgP8lHU_1k7794MCo9dnPEHtfsGewNOOTCV1JzYRWG2NQQ==

GET
H2 200 lots-o-prizes-contest-promo-spec-2023-0.jpg
images.thestar.com/FuB_zfS3IbV7LXlgKkLX8v2IiTQ=/968x560/smart/filters:cb(1674753440469):format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/uploads/2023/01/26/ 52 KB
53 KB 29ms
24ms Image
image/webp 13.33.60.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/FuB_zfS3IbV7LXlgKkLX8v2IiTQ=/968x560/smart/filters:cb(1674753440469):format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/uploads/2023/01/26/lots-o-prizes-contest-promo-spec-2023-0.jpg
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-111.ewr52.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 85ce5a2dda877b43ebab78a04b2de60f5982b641f2b42ea1c95267858d19c988

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 14:42:08 GMT
via: 1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: EWR52-C1
age: 13021
etag: "171ac90fae3281441b44a2942e4849a752cb3d8c"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 53642
x-amz-cf-id: 4q1Rqswj6ukxAIpWl3EYpPiIxlAoOwhefphP1WEvSpkP832q7hFQoQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 todays-paper.png
www.wellandtribune.ca/assets/svg/ 5 KB
5 KB 28ms
22ms Image
image/png 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wellandtribune.ca/assets/svg/todays-paper.png

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

583a8735e8714c413ee3ef9baa78afe76f3df8b9c0f8c787f29e78f8f388eb06

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:08 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 22714
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 4805
last-modified: Fri, 20 Jan 2023 10:03:00 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"12c5-185cea1ac20"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: LIdvgUXLcaipIYbsN0kZaQ_h4YLEY6wKaCYdfKwyZo4_p1tmtySYFQ==

GET
H2 200 vendors~bundle.chunk.js Show response
www.wellandtribune.ca/static/ 2 MB
482 KB 27ms
21ms Script
application/javascript 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/static/vendors~bundle.chunk.js?v=f6e17047

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

dfe15d83d6f54bbde676e733f61e8c58abe5487d3ae2f7021bd01a19f7c2d97e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 12:36:49 GMT
content-encoding: gzip
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 20540
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 10:09:38 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"1b07b1-185cea7bed0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: Ilb3jXLiPqbRB7ikz2WyeWbvypmk5-dMQEsVJuxiVbA6V-o-v74_cA==

GET
H2 200 bundle.js Show response
www.wellandtribune.ca/static/ 1 MB
247 KB 26ms
21ms Script
application/javascript 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/static/bundle.js?v=3915f67b

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

7b05ee7daaed99de5a81ba0c9ed1e49e36d42600e1385a886518a35a479709a6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 12:00:35 GMT
content-encoding: gzip
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 22714
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 10:09:38 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"13e6c2-185cea7bed0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: 81WBPp6J6O6QIreDEdlOJO6SMbZ_tKFQedpjAnRGHNEWu_pZWzLvJw==

GET
H2 200 ozpb.js Show response
prebid.the-ozone-project.com/hw/torstar/ 203 KB
63 KB 28ms
23ms Script
application/javascript 2600:9000:23cb:e800:16:970:b940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/wellandtribune-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:e800:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 13:12:15 GMT
content-encoding: gzip
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 18:26:56 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 18421
etag: W/"e08e5a6e68f37184e1c046d32d471d44"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: U3lgl4qxlGI0GDehUsxysbFL2ZMg9CzFNeOEL32s6irm0ejAveP_pw==

GET
H2 200 ozp_global_int.min.js Show response
prebid.the-ozone-project.com/hw/torstar/ 6 KB
3 KB 65ms
61ms Script
application/javascript 2600:9000:23cb:e800:16:970:b940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozp_global_int.min.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/wellandtribune-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:e800:16:970:b940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 10:31:12 GMT
content-encoding: gzip
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
last-modified: Thu, 28 Apr 2022 14:10:53 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 33240
etag: W/"c6e67d08c7c4a89b3155020045b68eb1"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: iyv2NGwr165r3NjmV-xCVHEBuZoshr_2AXrPhuQ-Z2X1LRnjf1hzBg==

GET
H/1.1 200
OK channels.cgi Show response
torstar.gscontxt.net/main/ 29 B
106 B 135ms
25ms Script
application/javascript 129.158.208.173
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.158.208.173 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: e8011af09fbae4569db9251473b98748cd7dbe33a2622460751bd1c4fe318d6a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 29
Content-Type: application/javascript

GET
H2 200 launch-EN5e55511c260e4c0cb05872ba3729b255.min.js Show response
resources.thestar.com/ 355 KB
77 KB 322ms
92ms Script
text/javascript 18.238.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-119.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2dbf2f018be859838890bcc1fc0696c7ec7962b10169bdaf5ef9d91ea408f99d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:33:30 GMT
x-amz-version-id: rjHi1qLYL0bGRsgtkPp9W0o6ESX2NsuZ
content-encoding: gzip
last-modified: Fri, 27 Jan 2023 17:32:33 GMT
server: AmazonS3
via: 1.1 4ac9029cca7343b507846071d1d5dbc8.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
etag: W/"fad43a398d3c06f6012455992faf0e91"
age: 2741
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: XEvGoonvLCELNXUvoG5xKBAIsUjBy4r9_-CiHYYQsp6gOZ7xmDhnYQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 133 KB
51 KB 115ms
45ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RQ2DQF&gtm_auth=_Ytv5s0HjQH9DfF9IafDKw&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4eb694025228719a6abc8d1f513652c494737f09fde34ba3bbf75fcc54a50974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51696
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 6 KB
3 KB 89ms
44ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&random=0.6703922320046525
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1 /
Resource Hash: f0cce552e462bc55bb3003cb9b508718d4b3df574f5e5fa3c2a8bb4e473c4f28

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 27 Jan 2023 18:19:09 GMT
content-encoding: gzip
via: 1.1 google
server: gnv1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 track-f24de6bee43efa9e101c31fd5cdbab70.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 12 KB
4 KB 42ms
41ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-f24de6bee43efa9e101c31fd5cdbab70.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&random=0.6703922320046525
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1 /
Resource Hash: e13dafc848e0598e8f2f95e0fb032539a0f3041fc0cff98ef90edd8326a41e96

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 27 Jan 2023 18:19:09 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 25 Jan 2023 12:16:08 GMT
server: gnv1
etag: "63d11d88-e87"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3719

GET
H2 200 opa-c661412bfd70b46b895604931a6b2eb7.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 110 KB
28 KB 43ms
42ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-c661412bfd70b46b895604931a6b2eb7.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&random=0.6703922320046525
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1 /
Resource Hash: 24758dee06483ee86fb9d0a393ba368faa19154bdd8659c9de20794afa488f8a

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 27 Jan 2023 18:19:09 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 25 Jan 2023 12:16:03 GMT
server: gnv1
etag: "63d11d83-6ff4"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28660

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 44ms
40ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=354908&d=wellandtribune.ca&u=DA79C4897490BF56EA4377EC6B054B45A&h=803c7cb13973ac08f300c3f91c229190&r=0.19478388984067596

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:09 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 16 B
699 B 168ms
72ms Script
text/javascript 35.169.28.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json293

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.28.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-28-192.compute-1.amazonaws.com

Software

- /

Resource Hash

58df7a35860df4afadd0caa7d7df92a287d5a2ce2f8b6785c65a0659d1a608dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK vis_opt.js Show response
d5phz18u4wuww.cloudfront.net/ 168 KB
56 KB 95ms
28ms Script
text/javascript 13.32.207.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.207.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-207-222.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 27 Jan 2023 18:07:04 GMT
Content-Encoding: gzip
Via: 1.1 87f435824e071614a6eded8da925c802.cloudfront.net (CloudFront)
Last-Modified: Thu, 02 May 2019 08:14:16 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD66-C1
Age: 726
ETag: "85932b0cd7c8dce121fa1923529a3189"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57240
X-Amz-Cf-Id: sptZYIQPulc6qOD3zz1jvO8UHBC2r4HXECLypoLv7tC5-cEOtv6M3A==

GET
H2 200 pxid Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 46 B
399 B 153ms
100ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 9f6cda1f3ead995f6780699cb20e58f1a193f2bb902da4ad443d7d7e1d55cc84

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 27 Jan 2023 18:19:09 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.wellandtribune.ca
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
825 B 69ms
18ms XHR
application/json 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 27 Jan 2023 18:19:09 GMT
AN-X-Request-Uuid: b8f2c617-acc2-46e7-815e-b7ffc28e4012
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.wellandtribune.ca
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.179; 149.56.153.179; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 249 B
379 B 139ms
97ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 478e6af52fb68e56ea81b5b785d63530428644c5f656abef360da891644c3243

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 27 Jan 2023 18:19:09 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.wellandtribune.ca
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 179

GET
BLOB 200
OK 69ed21d9-b0bf-4786-9c02-2a8826dae1bc
https://www.wellandtribune.ca/ 193 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.wellandtribune.ca/69ed21d9-b0bf-4786-9c02-2a8826dae1bc
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8df00eec032790021597a4e83a08c313dfa9f323b33cdbf459905386a3aad9a0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 197465
Content-Type

GET
BLOB 200
OK 3c457d08-9fcf-4329-bd79-d6694a6c6162
https://www.wellandtribune.ca/ 20 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.wellandtribune.ca/3c457d08-9fcf-4329-bd79-d6694a6c6162
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cd87dc511a1f132a0690fce2149a427e8075eaee076ca59a6efff3a9dd94329

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 20393
Content-Type

GET
H3 200 vis_opt-f24de6bee43efa9e101c31fd5cdbab70.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 227 KB
64 KB 58ms
57ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-f24de6bee43efa9e101c31fd5cdbab70.js
Requested by: Host: d5phz18u4wuww.cloudfront.net
URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1 /
Resource Hash: da14a6daf057bccbe9c244b7c20a4c1347114fb87432cf44f7a7724f197e2887

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 27 Jan 2023 18:19:09 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 25 Jan 2023 12:16:08 GMT
server: gnv1
etag: "63d11d88-10094"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65684

GET
H2 200 pubads_impl_2023012601.js Show response
securepubads.g.doubleclick.net/gpt/ 386 KB
131 KB 26ms
23ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 16:01:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8247
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133524
x-xss-protection: 0
last-modified: Thu, 26 Jan 2023 09:36:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Jan 2024 16:01:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 208 B
128 B 81ms
39ms XHR
application/json 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wellandtribune.ca

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4519bea38d2de57dc352c525f1d56913e49987cf1d266c8dc5e6e94b29200aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103
x-xss-protection: 0
expires: Fri, 27 Jan 2023 18:19:09 GMT

GET
H/1.1 200
OK embedder Show response
adserver.pressboard.ca/v3/ 351 B
789 B 211ms
32ms Script
application/x-javascript 20.49.104.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Fri, 27 Jan 2023 18:19:10 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 351
request-context: appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c

GET
H2 200 moatcontent.js Show response
z.moatads.com/torontocontentstarcontent37863992/ 165 KB
54 KB 121ms
25ms Script
application/x-javascript 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontocontentstarcontent37863992/moatcontent.js
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:10 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:22:35 GMT
server: AmazonS3
x-amz-request-id: 049299D631B468B5
etag: "491121b0fb1268b17bdb2c53880291f2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31329
accept-ranges: bytes
content-length: 54912
x-amz-id-2: kiU8eEXd+lGlNkZPxhCa4C39L0bCyOALX9aiLXBpzD4Um8Uy570rIVSSClCA4K/zsLu4O1OYLfI=

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 74ms
51ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-c661412bfd70b46b895604931a6b2eb7.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:09 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 25 Jan 2023 12:16:03 GMT
server: gnv1
etag: "63d11d83-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad5fc1a1f2e9f61750da7c5f657b4555458014b20726b06d78d3d2c1e60ee392

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
87 B 129ms
100ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: c1f042ade0dedb93e9393b65c1bc4a1a6759188f134086a8795273a6de2f6998

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 27 Jan 2023 18:19:10 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.wellandtribune.ca
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69

GET
H2 200 TorstarCompressed-Bold.woff2
www.wellandtribune.ca/assets/fonts/ 23 KB
23 KB 43ms
43ms Font
font/woff2 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/assets/fonts/TorstarCompressed-Bold.woff2

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/static/bundle.css?v=2fe22240994a1f90c446

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

97a8cb323b800e312421b5f10b9292a19c964f2de15e15703bbed583e1d78639

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wellandtribune.ca/static/bundle.css?v=2fe22240994a1f90c446
Origin: https://www.wellandtribune.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 15:56:03 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 8587
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 23168
last-modified: Fri, 20 Jan 2023 10:02:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"5a80-185cea1a838"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: 53bS7o4FV-Y56LdPW13oRTeJlNjKDpJS5a0owBqkQXkWC-LV7qjP1A==

GET
H2 200 brandmark-wellandtribune.svg
www.wellandtribune.ca/assets/svg/ 2 KB
2 KB 39ms
39ms Image
image/svg+xml 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wellandtribune.ca/assets/svg/brandmark-wellandtribune.svg

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

7ce178af824bed9686b5ed94787b681bc6eba378967a7189420fd0f38e161b01

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 16:44:32 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 5678
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 1847
last-modified: Fri, 20 Jan 2023 10:03:00 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"737-185cea1ac20"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: _7OEwzvxb4xbSX5YOiziteEJOWIEIuhq9hA1h__lqGmi9DhJdiznzQ==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 74ms
20ms Script
application/javascript 13.225.223.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-81.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 16:38:17 GMT
content-encoding: gzip
via: 1.1 d9d5880faa1278f1716f3a60dd93de56.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: JFK51-C1
age: 6054
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: inkLav28iORrIlVVc1MCFz18ukiLPYr-msfC2andoo_S6a5T89moUA==

GET
H/1.1 200
OK /
d1nxn87txdj54y.cloudfront.net/ 43 B
524 B 142ms
70ms Image
image/gif 13.226.36.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1nxn87txdj54y.cloudfront.net/?a=40727dc8cfba4185b5b471b11fed6eb9
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-70.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 27 Jan 2023 18:19:11 GMT
Via: 1.1 adfcd8d9db57ac29ba98a20a491e750c.cloudfront.net (CloudFront)
Last-Modified: Mon, 22 Apr 2013 19:31:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C2
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache: RefreshHit from cloudfront
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: L9Tdp4VfpvI1hn_003kCbsmu8aggDfmVBRQFIr_tgdsnQmdY5-HZXw==

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 75ms
20ms Script
application/javascript 108.139.38.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-143.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 27 Jan 2023 13:31:10 GMT
Via: 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P2
Age: 17280
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: nLTj4GQNDjbCpNRju1_BNktzDfE9XN451Da5iMAYfY2toUmrRLy9vg==
Expires: Sat, 28 Jan 2023 13:31:10 GMT

GET
H2 200 6he57gj8p5ekjagf-nbc.js Show response
cdn.petametrics.com/ 158 KB
47 KB 157ms
60ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/6he57gj8p5ekjagf-nbc.js?ts=465234
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 234b62981bb720b4351fb77f137ce0aeda66b35ba738056e87f33449cb882d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:10 GMT
content-encoding: gzip
x-amz-version-id: srkbqwEbe9vOVwq.IZXtsfMK12KLIkt_
last-modified: Tue, 27 Sep 2022 01:29:25 GMT
server: AmazonS3
x-sp-metadata: HS256.CK7H0J4GEokBCiRlZDc0YzUzMy1kM2QwLTRiMDItYjNkNS1kMjVhMzM1ODdjNDAQuIjBu7Wc/AIaBgieq9CeBiIOMTQ5LjU2LjE1My4xNzkohrICMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQ3YjY3NGMzYS01NTg1LTQ4MzAtODQ5OC0wYmI1YTNhNmQ4ZmUYtfICIhgIAhIUY2RzMjAyLmRjMi5od2Nkbi5uZXQ=.Lk8tfmL44+CerWo36L4rfM1erFzM5RkhOgaxxnOZN5g=
x-amz-request-id: GJ46P1CTG7D5QCJV
etag: "553f472d344f537261356ef690867f1f"
x-hw: 1674843550.cds193.dc2.hn,1674843550.cds202.dc2.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000
accept-ranges: bytes
content-length: 47413
x-amz-id-2: EZ0fWcEbbYrPS2a8a9eSZ6s/awcSarV2TqxfX244lBzdyr+GQRm36V4lnAQRtWrs9dOXMV4HbJ0=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 191 KB
46 KB 161ms
23ms Script
application/javascript 108.138.115.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-22.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bcfef8a2a9fa224535304fb693a3c009c23478165f8b0c1cae581e301e36ecc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:08 GMT
content-encoding: gzip
via: 1.1 8348c06ca24c7faf1ae00ad6facc20b2.cloudfront.net (CloudFront), 1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
last-modified: Wed, 25 Jan 2023 21:28:25 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P2, JFK50-P3
age: 3303
x-amz-server-side-encryption: AES256
etag: W/"8a6d0f2d51de2b80e524e04684f71215"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: GH3uanjwd20_PdE1auOmbmz1WTdmCn55BuinFwi6E4WpQIdkANrCXw==

GET
H2 200 woo.js Show response
woobox.com/js/plugins/ Frame 410F 25 KB
8 KB 104ms
25ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/plugins/woo.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2d62f94b9d935ef6706803a75b3c71b512ead3a7efbc3e03f69d203661762df6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:10 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:24 GMT
server: nginx
etag: W/"62ccb038-64ee"
content-type: application/javascript

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 79ms
68ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/static/bundle.js?v=3915f67b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d58078f3b8ab019aa085a932f9c8cce9e6d7ac2051943525897daf2f7d587e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27609
x-xss-protection: 0
server: sffe
etag: "1464 / 566 of 1000 / last-modified: 1674821399"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 27 Jan 2023 18:19:10 GMT

GET
H2 200 breakingnews Show response
www.wellandtribune.ca/api/alerts/ 19 B
449 B 21ms
21ms XHR
application/json 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/api/alerts/breakingnews

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6707bbab4dbba0ac7fce42d70d1a036d37a9e2fbeb320156e9d960e193c1d6c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:17:18 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: EWR53-P1
age: 135
x-powered-by: Express
etag: W/"13-dtK7HFxXRJGTWdPpmheUxDbkx20"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
content-length: 19
x-amz-cf-id: DAdIfnEOEaVVcO3rh2Hk4AoSh7Nvc7DXBsurN8AEjbR-JKwBRXxn7A==

GET
H2 200 updates Show response
www.wellandtribune.ca/api/alerts/ 19 B
448 B 21ms
21ms XHR
application/json 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/api/alerts/updates

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:17:18 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: EWR53-P1
age: 134
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
content-length: 19
x-amz-cf-id: 2b71o16KBkjA28rqey0Glr9f8pF8DuEf8oXYAYVRHytV-Gbbz8KwOw==

GET
H2 200 related Show response
api.parsely.com/v2/ 324 B
496 B 134ms
56ms XHR
application/json 44.212.203.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.parsely.com/v2/related?apikey=wellandtribune.ca&tag=tlc_contests&url=https:%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&limit=20&boost=views&pub_date_start=48h
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/static/vendors~bundle.chunk.js?v=f6e17047
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.212.203.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-212-203-26.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 619b3c92561d35009c581330df4891b2a1f924726226b06bcf4455cd1de1f132

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:10 GMT
server: nginx
x-cache-status: MISS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=120
content-length: 324
expires: Fri, 27 Jan 2023 18:21:10 GMT

GET
H2 200 articles Show response
www.wellandtribune.ca/api/ 107 KB
19 KB 20ms
20ms XHR
application/json 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/api/articles?type=top

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6dddc55df57229855f47c60136472783ee679641d4f5ddefdf5708f88ee078da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:04 GMT
content-encoding: gzip
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: EWR53-P1
age: 6
x-powered-by: Express
etag: W/"1ad81-OB8HLs83Ro6IhWsVE9eEe0bV62g"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
x-amz-cf-id: pZJ8oUpANArWHjOkhi9BnR8UkXRSYjW9ZeY8eY3kbeBFRtTxSwVrQQ==

GET
H2 200 posts Show response
api.parsely.com/v2/analytics/ 37 KB
9 KB 125ms
49ms XHR
application/json 44.212.203.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.parsely.com/v2/analytics/posts?apikey=thestar.com&secret=XMZfv5sJ1L3qE6DZfkeSIh4mI4bCvQ1hZdyWNEOZAQg&sort=views&limit=20&page=1&period_start=15m
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/static/vendors~bundle.chunk.js?v=f6e17047
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.212.203.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-212-203-26.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 40942ad28aee88edfa476b3e818b2d9467a476a5a858d06b3393100b3e23aab1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:10 GMT
content-encoding: gzip
server: nginx
x-cache-status: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=600
expires: Fri, 27 Jan 2023 18:29:10 GMT

GET
H2 200 16.css
www.wellandtribune.ca/static/ 257 B
721 B 30ms
30ms Stylesheet
text/css 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/static/16.css?v=77f92dd85f139b4be241

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/static/bundle.js?v=3915f67b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6118aab3972757bc62c6e4c730c32154718c63b74cffc6c66733af493c730139

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 16:06:13 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 7977
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 257
last-modified: Fri, 20 Jan 2023 10:09:38 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"101-185cea7bed0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: VYpXAackzQ4MOoshMAa-S9ZGEtlTsJi_BBZd7KyvfgH9ucnfOu99UQ==

GET
H2 200 RightRailAds-RightRailAds.chunk.js Show response
www.wellandtribune.ca/static/ 5 KB
2 KB 29ms
28ms Script
application/javascript 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/static/RightRailAds-RightRailAds.chunk.js?v=8251ce76

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/static/bundle.js?v=3915f67b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

156ec2f9806700af6469e099df1274d00e53c8d8f5d5302f7cef217d9fc03d0f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 13:07:35 GMT
content-encoding: gzip
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 18695
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 10:09:38 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"141e-185cea7bed0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: ZwYxJXgP0YG6frDI8Q2mP-_yZXejXKpPa94D9vCFquJA-1D1X0R-vQ==

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bba9449f664ef587b3f14043552b6e79a2a86547ffd0bf0047499b712f819b5

Request headers

Referer
Origin: https://www.wellandtribune.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

POST auction
elb.the-ozone-project.com/openrtb2/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
20ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ2DQF&gtm_auth=_Ytv5s0HjQH9DfF9IafDKw&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 27 Jan 2023 18:07:54 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 676
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 27 Jan 2023 20:07:54 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 64ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 27 Jan 2023 18:19:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27859
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 1ExbRZnzl14k3/Wsl7TCtkVNc4fJQKBAE2WsffS0MujSFq+DUHvEwir1Ia4sAhpBlggJXcOXKw9ZD47QxeWN3A==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 292 Show response
bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/ 66 KB
13 KB 57ms
57ms XHR
application/json 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/292?referer=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&bcsessionid=&bctempid=&overruleReferrer=&time=2023-01-27T18%3A19%3A10%2B00%3A00&ts=1674843550553

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

c2c9587bdf270097cbfb71eace33ace364f9ecf68d8807cfc6f1bf8be31f0f7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 27 Jan 2023 18:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 12417
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: RTvBdNNhpjtPvFcqvzLSXrssudcH5MAsOcBcwaR-AcwyeRDL0k6mLA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK services Show response
sr.studiostack.com/v3/ 26 KB
26 KB 2729ms
152ms Script
application/x-javascript 20.49.104.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/v3/services
Requested by: Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3f6aa8c3f26b9c05eccbc5cb9ab359c98c6654f70bba02818713ced398269627

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Fri, 27 Jan 2023 18:19:13 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 26227
request-context: appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1674843550567&ns_c=UTF-8&c7=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.h...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1674843550567&ns_c=UTF-8&c7=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest....

0
191 B

2430ms
2430ms

Image
text/plain

13.225.223.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1674843550567&ns_c=UTF-8&c7=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&c8=Lots%20O%27%20Prizes%20Contest!%20%7C%20wellandtribune.ca&c9=
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Server: 13.225.223.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-81.jfk51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
via: 1.1 d9d5880faa1278f1716f3a60dd93de56.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
x-amz-cf-id: NDDsD7LWGgwEOJGUIIJrFR5vDtKIgv9PvhwaZG2m8Ee5iqXo9o4z4g==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1674843550567&ns_c=UTF-8&c7=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&c8=Lots%20O%27%20Prizes%20Contest!%20%7C%20wellandtribune.ca&c9=
date: Fri, 27 Jan 2023 18:19:10 GMT
via: 1.1 d9d5880faa1278f1716f3a60dd93de56.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
content-length: 0
x-amz-cf-id: Q2gfHhAYJG6PrxVcg-nJimhIERjW1BqbtkB9Nf_rDG2K3ujjiB3X9A==
x-cache: Miss from cloudfront

GET
H2 200 p.js Show response
cdn.parsely.com/keys/wellandtribune.ca/ 56 KB
21 KB 2512ms
2443ms Script
application/javascript 18.164.101.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/wellandtribune.ca/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-101-60.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: c31bf90d39f9a89100e1077a257c532174aebcf879cf0aeab873f37e0d7fdf02

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: public
date: Fri, 27 Jan 2023 16:12:22 GMT
content-encoding: gzip
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jun 2022 01:41:35 GMT
server: nginx
x-amz-cf-pop: JFK50-P5
age: 7620
etag: W/"62b5164f-df50"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: XTqr-OoSaFpFXC-RpCOPt-5TdMnixmquaorXGXxQdhtU1mdaVukHeA==
expires: Sat, 28 Jan 2023 16:12:10 GMT

GET
H2 200 4ijhj7 Show response
woobox.com/ Frame CB5F 30 KB
11 KB 2505ms
2505ms Document
text/html 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Requested by: Host: woobox.com
URL: https://woobox.com/js/plugins/woo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bf7c14fcc89fb5e0fe4e0bf43ce769680e2a4fe0e5eaa6a958ee4cc09a9460d2

Request headers

Referer: https://www.wellandtribune.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-transform
content-encoding: gzip
content-security-policy-report-only: block-all-mixed-content; report-uri /campaign/errorlog/csp
content-type: text/html; charset=UTF-8
date: Fri, 27 Jan 2023 18:19:10 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx

GET
H2 200 port_ucc.jpg
images.thestar.com/nd8PRwVe4aLCpqQK3Qog4Qf8DoI=/100x100/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/news/niagara-region/2023/01/26/hospital-system-working-to... 2 KB
3 KB 22ms
20ms Image
image/webp 13.33.60.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/nd8PRwVe4aLCpqQK3Qog4Qf8DoI=/100x100/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/news/niagara-region/2023/01/26/hospital-system-working-to-ensure-south-niagara-residents-continue-to-have-access-to-care/port_ucc.jpg
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-111.ewr52.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 866cabc02a7d7af3ebd3fc316482d74412b7c5082213db5222c1ce34af013d7e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 22:57:53 GMT
via: 1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: EWR52-C1
age: 69677
etag: "124a4b5dd3acd79553335865cb1ed946a3cfe2c1"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2464
x-amz-cf-id: r1wpCfavIASrxbVqmniCMy3pjqV0q5m9iYnOXUKn5uecca_1Jxsrlw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 food_banks_4.jpg
images.thestar.com/yN1xmz2Ikm3g0wzX254z4gEEIBQ=/100x100/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/news/council/2023/01/26/hope-centre-receives-city-grant-a... 3 KB
4 KB 24ms
23ms Image
image/webp 13.33.60.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/yN1xmz2Ikm3g0wzX254z4gEEIBQ=/100x100/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/news/council/2023/01/26/hope-centre-receives-city-grant-as-food-bank-sees-significant-increase-in-use/food_banks_4.jpg
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-111.ewr52.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fc22a24805616861afbe5b0a0d063c6220a539742eb4639927b4a50a8a34ab1f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 22:02:26 GMT
via: 1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: EWR52-C1
age: 73004
etag: "c47b14b60d99ef979cf05a11928f74120aea0377"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 3552
x-amz-cf-id: YtkVwERszhNAm1PAatqu3Tc_rueGYTQ2-uMkbqfuwQAurBHeP3VG0A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 southworth_1.jpg
images.thestar.com/ti3o8LyPdAGMhV4TCBbpeZVxmxU=/100x100/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/news/niagara-region/2023/01/26/firefighters-had-to-use-ex... 3 KB
3 KB 24ms
23ms Image
image/webp 13.33.60.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/ti3o8LyPdAGMhV4TCBbpeZVxmxU=/100x100/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/news/niagara-region/2023/01/26/firefighters-had-to-use-extreme-caution-battling-blaze-at-welland-auto-shop/southworth_1.jpg
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-111.ewr52.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f0b46e7ede63589ea096f1b0e4f41c6928a31c86e84abfc49ed9a9d5e4171851

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 22:02:26 GMT
via: 1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: EWR52-C1
age: 73004
etag: "fd44f5eb63d29282b1c0626eca4811531245998b"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2718
x-amz-cf-id: _wxPWFLAivJeWZOWOe6JiRGRXreTvyWerqF3tTpwuPsx0xXBC0we9Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 marineland.jpg
images.thestar.com/2W7AGy8IIv390g-vYOCLadLU5xE=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/business/2023/01/26/marineland-seeks-new-own... 2 KB
2 KB 22ms
21ms Image
image/webp 13.33.60.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/2W7AGy8IIv390g-vYOCLadLU5xE=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/business/2023/01/26/marineland-seeks-new-owner-to-evolve-develop-and-grow-the-park/marineland.jpg
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-111.ewr52.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3a0f9dd242db7661773294988424e49d1fd34934f461cdd9c2a9beeba4688f83

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 20:24:53 GMT
via: 1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: EWR52-C1
age: 78857
etag: "c2732c7ed9b87f9606d3446f469d425f9290dc6a"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2162
x-amz-cf-id: Gyxo74nL1Lwe2Nwzxe2wwU4shs5InEbm3dIajrNhASnf8glryYd9TQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scs20200513jj006.jpg
images.thestar.com/9xNO4Is0H2G0rEhScB1sZkSbxjA=/100x100/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/news/crime/2023/01/26/shoplifter-pulled-what-appeared-to-... 2 KB
2 KB 23ms
22ms Image
image/webp 13.33.60.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/9xNO4Is0H2G0rEhScB1sZkSbxjA=/100x100/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/news/crime/2023/01/26/shoplifter-pulled-what-appeared-to-be-a-handgun-on-a-security-officer-at-pen-centre-court-told/scs20200513jj006.jpg
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-111.ewr52.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 816ddcea429a59d80eacb9d0396c05c1158ab6b4148c71512059309a9afd1cf5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 22:02:27 GMT
via: 1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: EWR52-C1
age: 73003
etag: "d557fa3e5a31af3456b7f031cddd28c07291c4c8"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 1906
x-amz-cf-id: swrjLbdbaQH6-8qfK9byuCyMKAKYyCcmnYb9GNdJfhPnJ_mUNYboNg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 __activity.gif
query.petametrics.com/v3/6he57gj8p5ekjagf/7d57b5b1-6edf-4367-baec-398adc440813/ 35 B
175 B 2977ms
41ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/6he57gj8p5ekjagf/7d57b5b1-6edf-4367-baec-398adc440813/__activity.gif?e=pageview&ct=Lots+O%27+Prizes+Contest!&ccu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&tspl=1565&blst=1007&ist=1559&iet=1563&bdst=1008&bdet=1199&bcttt=8&jsfv=nbc&ts=1674843550619&jsk=6he57gj8p5ekjagf&jsv=20220926&cu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&uid=7d57b5b1-6edf-4367-baec-398adc440813&sid=a7956d33-bb49-4c7e-f829-5aaf9d585427&pvid=3ef0e8cc-2049-46e9-de03-adebc9a94e4b&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.119+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Jan 2023 18:19:13 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
315 B 2445ms
2444ms XHR
text/plain 108.138.115.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.wellandtribune.ca
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-22.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 15:26:52 GMT
via: 1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
age: 10337
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: xwfiGuwRdnra6eafseipsD-2RrhuIrw12ACtjDDhswIhO6FVRD6JvA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 2494ms
23ms XHR
application/javascript 108.138.115.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-22.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
date: Thu, 26 Jan 2023 21:29:29 GMT
x-amz-cf-pop: JFK50-P3
age: 74985
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 2bvr1oZ_J90u6S-ZeqU2H--H9afz_LzIBMKeSfWBTQzRHV8-VK8yJg==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 387 B
1 KB 2757ms
86ms XHR
application/json 52.88.128.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1674843550646

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-128-19.us-west-2.compute.amazonaws.com

Software

Resource Hash

944b64be259500aed1c70ae813d267675b613d619b48b715cbe27fccf8c59a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-2-v041-05dab4ffe.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: B4n6Kz7lRuI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.wellandtribune.ca
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 326
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 2495ms
2494ms Script
text/javascript 18.238.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-119.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:33:30 GMT
x-amz-version-id: PXDj44TUJOhqP2hnfD9UI3sdwXoMIMIC
content-encoding: gzip
last-modified: Fri, 27 Jan 2023 17:32:00 GMT
server: AmazonS3
via: 1.1 4ac9029cca7343b507846071d1d5dbc8.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
etag: W/"dfdd9e1f988805f0c2fbb10cd6b8f034"
age: 2744
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: uFWRaeKPm-5lOutbV1CKiyl1uST32pCpab6ZOoBcyyk3fwh7ws2t1w==

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 2495ms
2495ms Script
text/javascript 18.238.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-119.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:33:30 GMT
x-amz-version-id: GMvzoJ.gRMvZkPkqQ1kAxy3_uAZGs.Yc
content-encoding: gzip
last-modified: Fri, 27 Jan 2023 17:32:00 GMT
server: AmazonS3
via: 1.1 4ac9029cca7343b507846071d1d5dbc8.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
etag: W/"b89fcb8870ac40eecb6d3cc844d35389"
age: 2744
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: uaHH9ilaxsPQimW33EHnwSJAPbwbCfiHLWMKiEO6PK5xV9C4nuIQ4w==

POST
H2 200 model Show response
query.petametrics.com/v3/6he57gj8p5ekjagf/7d57b5b1-6edf-4367-baec-398adc440813/ 10 KB
3 KB 3050ms
149ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/6he57gj8p5ekjagf/7d57b5b1-6edf-4367-baec-398adc440813/model
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/static/vendors~bundle.chunk.js?v=f6e17047
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 2d7b76ec15b0f7f9aac83017cc54fe3a704128a66364313366661cbd95849295

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 200 90274f33e3f8f85d026eabf0aced12f2 Show response
bc.wellandtribune.ca/plugin/plugin/ 199 KB
44 KB 2418ms
2418ms Script
text/javascript 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/plugin/plugin/90274f33e3f8f85d026eabf0aced12f2

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

7fb7b844173d86b8a4cc54bb68f9e676d426f59b9b011649b492856bdcb4dc0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
age: 359152
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 44584
x-xss-protection: 1; mode=block
last-modified: Sun, 22 Jan 2023 14:33:21 GMT
server: -
etag: 90274f33e3f8f85d026eabf0aced12f2
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: SRutaiXmF8blQ-CYAAY4l9pspxtRWmI7Cwnpm6YgAp2PPa26xb6_6w==
expires: Tue, 23 Jan 2024 14:33:21 GMT

POST auction
elb.the-ozone-project.com/openrtb2/ 0
0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 2359ms
2359ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1978194600&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&ul=en-us&de=UTF-8&dt=Lots%20O%27%20Prizes%20Contest!%20%7C%20wellandtribune.ca&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=37784826&gjid=640884131&cid=735371051.1674843551&tid=UA-73335503-1&_gid=167804481.1674843551&_r=1&_slc=1&gtm=2wg1p05RQ2DQF&z=962922170

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 2354ms
2354ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1978194600&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&ul=en-us&de=UTF-8&dt=Lots%20O%27%20Prizes%20Contest!%20%7C%20wellandtribune.ca&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=1073277492&gjid=1131397755&cid=735371051.1674843551&tid=UA-114875189-1&_gid=167804481.1674843551&_r=1&_slc=1&gtm=2wg1p05RQ2DQF&z=2131627316

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 238428956832148 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 2320ms
2319ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/238428956832148?v=2.9.94&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e8bb5d53faaeb66ee294fbba02b5a6d60cee4db032795951085226c1b1e1f4f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 27 Jan 2023 18:19:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110200
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: cei05hAPKV6kDZUzsl5UYsjRT4I90yVoDtiLmK1jM+PIPyJnCrFjdA5T7PKHtDzc/zHgQljkumSD3VzR984f3w==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ruleenginedata Show response
www.wellandtribune.ca/api/ 2 KB
1000 B 2286ms
2285ms XHR
application/json 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/api/ruleenginedata

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

f450e54148af782dee3be8a6134cfc4342cac1b60da61bd0dab0106fff044ee5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:17:21 GMT
content-encoding: gzip
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: EWR53-P1
age: 116
x-powered-by: Express
etag: W/"691-dbfxcbZIq/0pwPxQ+0f20UhGpS8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
x-amz-cf-id: tWqY6wrYuWPfe8QzaAqcOAgYu-D95ezCLwFQL5sGCmAKwM9q6ucuMA==

POST
H2 200 events Show response
api.permutive.com/v2.0/batch/ 301 B
230 B 3433ms
3432ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 82d9527ad6efbc1540811e523c1d52d437e3ddeb5dc577fa9417b1dc07ff0426

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.wellandtribune.ca
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164

POST
H2 200 state Show response
api.permutive.com/v1.0/ 0
80 B 2949ms
2949ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 133 B
579 B 1523ms
176ms XHR
text/javascript 108.138.124.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&pid=LAl94pEi1wxB5&cb=0&ws=1600x1200&v=23.123.1617&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2258580620%2Fwelland_tribune%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest%2Fhub%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2258580620%2Fwelland_tribune%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest%2Fhub%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fwelland_tribune%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest%2Fhub%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fwelland_tribune%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest%2Fhub%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-5%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fwelland_tribune%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest%2Fhub%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-6%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fwelland_tribune%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest%2Fhub%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-7%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fwelland_tribune%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest%2Fhub%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-8%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fwelland_tribune%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest%2Fhub%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-9%22%2C%22s%22%3A%5B%222x1%22%5D%2C%22sn%22%3A%2258580620%2Fwelland_tribune%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest%2Fhub%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-10%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fwelland_tribune%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest%2Fhub%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.124.226 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-124-226.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

dc9d3694ac8584500e32ea00478092c3139260f5179a51c1b942f6c24b0416ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 25c8a58d4773aeef98fa0f0f950689bc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P4
x-amz-rid: RC4757PMDQ68DWJAB87K
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.wellandtribune.ca
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 133
x-amz-cf-id: vEAA8UlKv88Kt4_rI6HFRdgSdiRwMqmYehVim4y7_80UyDex7LC2SA==

GET
H2 200 bootstrap-modal.css
woobox.com/assets/lib/bootstrap-2.3.2/ Frame CB5F 8 KB
2 KB 42ms
24ms Stylesheet
text/css 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/assets/lib/bootstrap-2.3.2/bootstrap-modal.css
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 754023a7784a05314c8cdb02b50e16026fe973f426b7b29ad5efc0956282b1ba

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:24 GMT
server: nginx
etag: W/"62ccb038-1f10"
content-type: text/css

GET
H2 200 vex.css
woobox.com/assets/lib/vex/ Frame CB5F 6 KB
1 KB 45ms
26ms Stylesheet
text/css 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/assets/lib/vex/vex.css?v2.1
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2eba071154ddc365dcb29a67f28c494cc630a361b7a1e7741aee8f49303f98a2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:24 GMT
server: nginx
etag: W/"62ccb038-166e"
content-type: text/css

GET
H2 200 vex-theme-plain.css
woobox.com/assets/lib/vex/ Frame CB5F 9 KB
1 KB 43ms
25ms Stylesheet
text/css 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/assets/lib/vex/vex-theme-plain.css?v2.1
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2bbdbddf897ead2d7343230faef4923919d1e467d6c772c325d7193371842c2b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:24 GMT
server: nginx
etag: W/"62ccb038-24d8"
content-type: text/css

GET
H/1.1 200
OK campaign.min.css
offertabs.s3.amazonaws.com/offer/4ijhj7/assets/ Frame CB5F 398 KB
41 KB 161ms
42ms Stylesheet
text/css 54.231.230.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offertabs.s3.amazonaws.com/offer/4ijhj7/assets/campaign.min.css?v=d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.230.241 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 49a05b9d1841351cdb27b23f4e277f16627e32e0a68dc3b45697232be14ff74a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 27 Jan 2023 18:19:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Jan 2023 21:37:04 GMT
Server: AmazonS3
x-amz-request-id: M6PF8KG16KGFH6SB
ETag: "35141bc57b7f0ccfa88900cb62b2f756"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 41801
x-amz-id-2: b5IR8ElYir0mi6xtYgbOJ1f5FSw5cOCquxIovCjSHlV5BK5zVOSPlQAIelDYe5pCLg8UrQzHkrU=

GET
H2 200 icon-font.css
woobox.com/assets/css/app/ Frame CB5F 615 B
476 B 43ms
26ms Stylesheet
text/css 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/assets/css/app/icon-font.css?v=2022_06_01_1400
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 960169e1ef6dac92caa3bdabe8369489f61449ec651f443034378d833c8be161

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:22 GMT
server: nginx
etag: W/"62ccb036-267"
content-type: text/css

GET
H2 200 jquery.min.js Show response
woobox.com/js/ Frame CB5F 91 KB
38 KB 66ms
49ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/jquery.min.js
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:24 GMT
server: nginx
etag: W/"62ccb038-16cfb"
content-type: application/javascript

GET
H2 200 jquery.waitforimages.min.js Show response
woobox.com/js/ Frame CB5F 1 KB
833 B 43ms
27ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/jquery.waitforimages.min.js
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a1eac1d01c2bc33725911f934e1a2d5f92008964a454bd856fd662094a219dcf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:24 GMT
server: nginx
etag: W/"62ccb038-4d5"
content-type: application/javascript

GET
H2 200 woo_controller.js Show response
woobox.com/js/plugins/ Frame CB5F 4 KB
2 KB 43ms
28ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/plugins/woo_controller.js?v=2022_06_01_1400
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4f9d9905ff86ac06315b0c0cb46fd1d6465b82c8629c076b7ebc5d488b9480ad

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:24 GMT
server: nginx
etag: W/"62ccb038-11c8"
content-type: application/javascript

GET
H2 200 bootstrap-modalmanager.js Show response
woobox.com/js/ Frame CB5F 10 KB
4 KB 62ms
47ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/bootstrap-modalmanager.js
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9275313f8b5f0db6885ff9a8ae4ab7feeef3ff9aa4ecf76347a45db88a293b14

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:23 GMT
server: nginx
etag: W/"62ccb037-29dd"
content-type: application/javascript

GET
H2 200 bootstrap-modal.js Show response
woobox.com/js/ Frame CB5F 9 KB
3 KB 42ms
29ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/bootstrap-modal.js
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3c46f680e735ccae23f9109b955da2e1f7dc3d369a531d9526bdf70b5c529df3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:23 GMT
server: nginx
etag: W/"62ccb037-2427"
content-type: application/javascript

GET
H2 200 bootstrap-dropdown.min.js Show response
woobox.com/js/ Frame CB5F 2 KB
1 KB 61ms
48ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/bootstrap-dropdown.min.js
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 860572b2c9befd8d62c9f3219caec377b5e4eb0c1110676a1e9b3ca3522b16a0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:23 GMT
server: nginx
etag: W/"62ccb037-762"
content-type: application/javascript

GET
H2 200 jquery.simplyCountable.js Show response
woobox.com/js/ Frame CB5F 3 KB
1 KB 63ms
50ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/jquery.simplyCountable.js
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8ace01e5d24f154714cc487d6a2def8bef2feb5ab1cc59913854fb67220e6bf6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:24 GMT
server: nginx
etag: W/"62ccb038-dd4"
content-type: application/javascript

GET
H2 200 handlebars.min.js Show response
woobox.com/js/ Frame CB5F 60 KB
22 KB 88ms
75ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/handlebars.min.js
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 89bfdfa1a555fc4048aabd08e06d5851e7cbc02dd9d48b73e491434e7fa23963

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:24 GMT
server: nginx
etag: W/"62ccb038-ef90"
content-type: application/javascript

GET
H2 200 Placeholders.min.js Show response
woobox.com/js/ Frame CB5F 4 KB
2 KB 63ms
50ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/Placeholders.min.js
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5262542bd8bcb8b1fd2f1ca9858ec8ead6d37762b0f5bd42a910a3e5fee84073

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:23 GMT
server: nginx
etag: W/"62ccb037-f79"
content-type: application/javascript

GET
H2 200 vex.js Show response
woobox.com/js/vex/ Frame CB5F 7 KB
2 KB 88ms
76ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/vex/vex.js?v1.1
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0da717836db275560f8005dd2e9b1c3f3a54e8599a79a84fe30fdc9dc1a2a5f3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:24 GMT
server: nginx
etag: W/"62ccb038-1c75"
content-type: application/javascript

GET
H2 200 offersv4.js Show response
woobox.com/js/ Frame CB5F 3 KB
1 KB 83ms
71ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/offersv4.js?v=2022_06_01_1400
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 382deffa886ab0402adef5293de9607e87ebb375733e001bc730a1ca300d808a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:24 GMT
server: nginx
etag: W/"62ccb038-c53"
content-type: application/javascript

GET
H2 200 util.js Show response
woobox.com/js/app/ Frame CB5F 6 KB
3 KB 89ms
78ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/app/util.js?v=2022_06_01_1400
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c4134d07c61ec344bc275b859684e418dc6a63cfb1d6e03e0b089e1c0364eee8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:23 GMT
server: nginx
etag: W/"62ccb037-160e"
content-type: application/javascript

GET
H2 200 facebook.js Show response
woobox.com/js/app/ Frame CB5F 8 KB
3 KB 83ms
72ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/app/facebook.js?v=2022_06_01_1400
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e352a6dd12b2b0fa5cd8621a63397c53e56c3efa80b2cec302a79cb08ecedb74

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:23 GMT
server: nginx
etag: W/"62ccb037-20cd"
content-type: application/javascript

GET
H2 200 context.js Show response
woobox.com/js/app/ Frame CB5F 7 KB
3 KB 84ms
74ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/app/context.js?v=2022_06_01_1400
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 42dd18e2bc8f3b49a82ce626d2208108737a8100c6639b6f4c86748d83c56856

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:23 GMT
server: nginx
etag: W/"62ccb037-1da9"
content-type: application/javascript

GET
H2 200 fields.js Show response
woobox.com/js/app/ Frame CB5F 3 KB
1 KB 83ms
72ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/app/fields.js?v=2022_06_01_1400
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f1fb45c321edd8c7591e95d967d106af5ae52ab6ab94a3eaba1ca910111ff836

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:23 GMT
server: nginx
etag: W/"62ccb037-c69"
content-type: application/javascript

GET
H2 200 share.js Show response
woobox.com/js/app/ Frame CB5F 11 KB
4 KB 85ms
74ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/app/share.js?v=2022_06_01_1400
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: eea25e34dfec061bf84b953300a9543e0215267e79a7553638b49efcab06d2f1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:23 GMT
server: nginx
etag: W/"62ccb037-2d57"
content-type: application/javascript

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame CB5F 85 KB
30 KB 87ms
23ms Script
text/javascript 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 14:23:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 14:23:50 GMT

GET
H2 200 entrypage.js Show response
woobox.com/js/app/ Frame CB5F 14 KB
5 KB 83ms
73ms Script
application/javascript 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woobox.com/js/app/entrypage.js?v2.9
Requested by: Host: woobox.com
URL: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c9802b443bd944757bb83a73e50a72eed7bc79343af3b94b7bcc13c49df66346

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/4ijhj7?embed=1&plugin=%257B%2522pid%2522%253A%25224ijhj7_0%2522%252C%2522fid%2522%253A%2522offer%2522%257D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:23 GMT
server: nginx
etag: W/"62ccb037-3924"
content-type: application/javascript

GET
H2 200 Tribune Show response
www.wellandtribune.ca/api/overlaydatarule/ 34 KB
7 KB 20ms
20ms XHR
application/json 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/api/overlaydatarule/Tribune

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

66cf2e301a65fc93affc7c283e1edf3d3c8eec658798105a894e577e1c0569ec

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:17:25 GMT
content-encoding: gzip
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: EWR53-P1
age: 115
x-powered-by: Express
etag: W/"866b-FqZxf0P0yv/C0nF1rno6YzqKw4Q"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
x-amz-cf-id: vrpuqsx7U_rwwC72LEbk5c4h8ll174f93yvE7RVpEhvKJ1zbq4EMOQ==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 133ms
25ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1674843553125&plid=31337453&idsite=wellandtribune.ca&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%22%22%2C%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A4730%2C%22_trustBar%22%3A2656%7D&sid=1&surl=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&sref=&sts=1674843553115&slts=0&title=Lots+O%27+Prizes+Contest!+%7C+wellandtribune.ca&date=Fri+Jan+27+2023+18%3A19%3A13+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=91688637&u=pid%3D20cf132b905142d1e198d98ec56017ed
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 27 Jan 2023 18:19:13 GMT
Cache-Control: no-cache
Last-Modified: Friday, 27-Jan-2023 18:19:13 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
351 B 105ms
35ms XHR
text/plain 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-73335503-1&cid=735371051.1674843551&jid=37784826&gjid=640884131&_gid=167804481.1674843551&_u=YEBAAAAAAAAAAC~&z=1689256321

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 27 Jan 2023 18:19:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 overlaydata Show response
www.wellandtribune.ca/api/ 38 KB
7 KB 23ms
20ms XHR
application/json 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/api/overlaydata

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6e2d933581137289d632cfd0525c8ff37232a4012e313903e31dd11dec911725

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:15:53 GMT
content-encoding: gzip
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: EWR53-P1
age: 200
x-powered-by: Express
etag: W/"9730-hqs7H32bkEq/TSPsHa7ZXZ9+92I"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Hit from cloudfront
cache-control: max-age=180
x-amz-cf-id: hMWvL6pIm2J3AUIfCO-TDxBo1ussIdeqyN3Vkcw6tsNaV2oSzkrHZQ==

GET
H2 200 mdc.textfield.min.js Show response
bc.wellandtribune.ca/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/ 66 KB
12 KB 23ms
22ms Script
text/javascript 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/mdc.textfield.min.js

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 08:22:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
age: 2886990
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 11561
x-xss-protection: 1; mode=block
last-modified: Sat, 24 Dec 2022 08:22:43 GMT
server: -
etag: 6255d33f94b82e67e60ed3d71ba26fe3
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: 1MPRPevVpw3C1KBUF6pUtA2C4sc0R6O6-oFO4sG_GVn1RvICucMqow==
expires: Mon, 25 Dec 2023 08:22:43 GMT

GET
H2 200 8552f9c6b53c11a4f009a16ae75a9712 Show response
bc.wellandtribune.ca/plugin/library/ 290 KB
92 KB 22ms
22ms Script
text/javascript 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/plugin/library/8552f9c6b53c11a4f009a16ae75a9712

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

609bf78678197937d024c8c1cda3d194f611f9b8a86f4950b88574436218eec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:33:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
age: 359151
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 93463
x-xss-protection: 1; mode=block
last-modified: Sun, 22 Jan 2023 14:33:22 GMT
server: -
etag: 8552f9c6b53c11a4f009a16ae75a9712
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: xE5_1lifyjG1f4gVcGx9V2Y0xvmu7h44g5ptIIZpa6PB_RiTtxaKWg==
expires: Tue, 23 Jan 2024 14:33:22 GMT

POST
H2 200 LB-Zone-2 Show response
bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/292/ 2 KB
2 KB 55ms
53ms XHR
application/json 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/292/LB-Zone-2?referer=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&bcsessionid=&bctempid=56f9a5fd-ff2c-40c9-bed2-14dd2a77f9c5&overruleReferrer=&time=2023-01-27T18%3A19%3A13%2B00%3A00&ts=1674843553151

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

64ff84ee18031a15c2fdc0deb9d28cb2d2dd09b5f8d63abde1a8c092549e61d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 955
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: pzKUegB84mw3Q3pHj_Wagdsl6duRIPAi10BV9t7OQ1s8G9jWXekNBw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 logo-welland-tribune.png
bc.wellandtribune.ca/rest/dialogues/files/44b5c87c-5300-467c-94ba-83637def6131/ 24 KB
25 KB 35ms
34ms Image
image/png 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bc.wellandtribune.ca/rest/dialogues/files/44b5c87c-5300-467c-94ba-83637def6131/logo-welland-tribune.png

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

1c12fbcb5deba7f265920a35b60cd201ade4930366dfc33dd6fd9f0943212980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:45:51 GMT
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
age: 5607202
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 24850
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Nov 2022 20:45:51 GMT
server: -
etag: f749b9b783cda5bbc311e42c33700b7b
content-type: image/png
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: ArM5N4pL1mRCUJr9pKFhqirKoSEWqfKA59F0ksFs21UjqfeZpTTwaw==
expires: Thu, 23 Nov 2023 20:45:51 GMT

GET
H2 200 new-year-sale-12-for-24-488x300_03.jpg
www.thestar.com/content/dam/thestar/static_images/subscription/ 187 KB
187 KB 96ms
23ms Image
image/jpeg 18.164.116.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/content/dam/thestar/static_images/subscription/new-year-sale-12-for-24-488x300_03.jpg

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-90.jfk50.r.cloudfront.net

Software

Apache/2.4.53 () OpenSSL/1.0.2k-fips Communique/4.3.3 /

Resource Hash

a5a689a4d533e78b5721df67496598cb8b8d320ca36e2e0643e0a682258ab14e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 15:21:36 GMT
via: 1.1 7c55514b62254664b7255cfc5da6dc92.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 15:21:36 GMT
server: Apache/2.4.53 () OpenSSL/1.0.2k-fips Communique/4.3.3
x-amz-cf-pop: JFK50-P6
age: 615457
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31546000
accept-ranges: bytes
content-length: 191327
x-amz-cf-id: 1hssfpEHjOdXvN9jQ_Y3j0SvXyLtLTOJNVe25tnXUEG97YCITIZGvA==
expires: Sat, 20 Jan 2024 18:08:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 69ms
20ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238428956832148&ev=PageView&dl=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&rl=&if=false&ts=1674843553176&sw=1600&sh=1200&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674843553175.130299356&it=1674843550766&coo=false&rqm=GET

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 27 Jan 2023 18:19:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 12 KB
5 KB 84ms
82ms Script
text/javascript 18.238.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-119.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c7ee67a4a7168b8dea0055b9fa4b364a6967b7c694b733519e3b4756d272a46

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:32:43 GMT
x-amz-version-id: 37GMV0vDyTbnkCjAXQIwEyQMnsFC.NEv
content-encoding: gzip
last-modified: Fri, 27 Jan 2023 17:32:00 GMT
server: AmazonS3
via: 1.1 4ac9029cca7343b507846071d1d5dbc8.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
etag: W/"d98b7b1983b686f33b91cd0b48958bba"
age: 2791
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: uVpUah57HR8RJ2hQk2P85iKfBgdTCQBZkgumTlkFLsWzPo16NnzEtA==

POST
H2 200 292 Show response
bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/ 6 KB
3 KB 105ms
105ms XHR
application/json 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/292?referer=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&bcsessionid=56f9a5fd-ff2c-40c9-bed2-14dd2a77f9c5&bctempid=&overruleReferrer=&time=2023-01-27T18%3A19%3A13%2B00%3A00&ts=1674843553270

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

e411365c4ab2c8d2f47d1701525bb1b2214b16f0ab8cff0d6c741e1a71765bba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2490
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: UcDss1L-6wU6AzSstp2fS6NNdo0pWcV1AZ3OWc74AqfAEXwbvuxSiw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 66 B
865 B 79ms
78ms Script
text/javascript 35.169.28.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=56f9a5fd-ff2c-40c9-bed2-14dd2a77f9c5&&callback=bc_json294

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.28.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-28-192.compute-1.amazonaws.com

Software

- /

Resource Hash

0700bd1440f534716f8bc71d8cedbeb8eb39fb771651818b0091131960783e8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 292 Show response
bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/ 187 B
1 KB 52ms
51ms XHR
application/json 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/292?referer=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&bcsessionid=56f9a5fd-ff2c-40c9-bed2-14dd2a77f9c5&bctempid=&overruleReferrer=&time=2023-01-27T18%3A19%3A13%2B00%3A00&ts=1674843553330

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

b6682b02dc1e7ac827824b85e61a6d6c6a103ee39874472a2f5f13c80534c789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 174
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: JSbbIo20lHAqF_jdm8GJaPcegJ5RR7AiKBfWAWKdVGiqwt7TttJaPA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 292 Show response
bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/ 6 KB
3 KB 60ms
60ms XHR
application/json 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/292?referer=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&bcsessionid=56f9a5fd-ff2c-40c9-bed2-14dd2a77f9c5&bctempid=&overruleReferrer=&time=2023-01-27T18%3A19%3A13%2B00%3A00&ts=1674843553336

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

1131756bbc6a908393c40fce0ba48888b62475c16b26de4072a1a1467ee8a1b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2490
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: PJ9tfo2QgHL70XvKIqVEKZt2tRLXRWsrUpVHlLF5r4CLQUD2npvLkA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 jquery.fancybox.pack.js Show response
bc.wellandtribune.ca/plugins/lightboxinteractiontype_torstar/ts_290479a801b4198c27927de5770d3c7c/frontend/src/lib/fancybox/ 23 KB
9 KB 20ms
19ms Script
text/javascript 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/plugins/lightboxinteractiontype_torstar/ts_290479a801b4198c27927de5770d3c7c/frontend/src/lib/fancybox/jquery.fancybox.pack.js

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

99c2257ab0c877ef811c0dde48d17bfb2cf1f1a5bd5bc6a9e9a7f4a114f4df3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
age: 1241516
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 8529
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Jan 2023 09:27:17 GMT
server: -
etag: bcd257ffe249380dcdc2e45c7ca35fb1
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: 3GRFdY7jlWjOyvzr_BFoa1oDqNrbiAyz2gvRMSnp7I-Bq3AjOMZqVQ==
expires: Sat, 13 Jan 2024 09:27:17 GMT

POST
H2 200 292 Show response
bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/ 6 KB
3 KB 56ms
56ms XHR
application/json 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/292?referer=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&bcsessionid=56f9a5fd-ff2c-40c9-bed2-14dd2a77f9c5&bctempid=&overruleReferrer=&time=2023-01-27T18%3A19%3A13%2B00%3A00&ts=1674843553355

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

dd698ff3deb9627a393b22d343189461da4be8639610dfbb5b831e678575a3f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2489
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: aKBbqVAdeP7zwC2OGMln05ZeWciRe88xXE3AID4ZuveyDTEn0CCUmQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 549886031832745 Show response
connect.facebook.net/signals/config/ 567 KB
166 KB 21ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/549886031832745?v=2.9.94&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7778b037832318135d28c4b9d0ae89b5771f42d65153dce47de11a5ef5ca42f0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 27 Jan 2023 18:19:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 169704
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: gs1z4muI1OMaGUiRNsNh+SQePT1jCpSNvuDYmGwx/q7NUGTj2IBaRQ4kaf8uoFZmkxU+rCl6/+mOc1CU/OG5GA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 292 Show response
bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/ 381 B
1 KB 53ms
52ms XHR
application/json 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/292?referer=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&bcsessionid=56f9a5fd-ff2c-40c9-bed2-14dd2a77f9c5&bctempid=&overruleReferrer=&time=2023-01-27T18%3A19%3A13%2B00%3A00&ts=1674843553362

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

9cc3fc5d0df8f9e0d0504a99ed3e14f01d5aa7d2538415828689183b3920dcae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 179
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: H2Ub4JerRFBWqkNv0LqNznKkPYyuLN34Rx18D_TN9jWbNFxb9UMFHA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 292 Show response
bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/ 191 B
1 KB 55ms
55ms XHR
application/json 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/292?referer=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&bcsessionid=56f9a5fd-ff2c-40c9-bed2-14dd2a77f9c5&bctempid=&overruleReferrer=&time=2023-01-27T18%3A19%3A13%2B00%3A00&ts=1674843553363

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

102a5436fe6b2fe8e6fc14299bd2b58f65e8bd5037191e1ee2eec1ae44657a7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 169
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: cFwIrxI2P-RCySJuLodciDVKL0zv5Hu7Wc4JU9bepvV9SiUhCrWTDg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 loader_32x32_666666.gif
woobox.com/img/loaders/ Frame CB5F 2 KB
2 KB 24ms
24ms Image
image/gif 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://woobox.com/img/loaders/loader_32x32_666666.gif
Requested by: Host: offertabs.s3.amazonaws.com
URL: https://offertabs.s3.amazonaws.com/offer/4ijhj7/assets/campaign.min.css?v=d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 37235f382c01fe85cc514781ff34920d56d1953216cfd534cd84a7bcfef54079

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offertabs.s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
last-modified: Mon, 11 Jul 2022 23:20:23 GMT
server: nginx
accept-ranges: bytes
etag: "62ccb037-84a"
content-length: 2122
content-type: image/gif

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame CB5F 3 KB
2 KB 31ms
31ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: woobox.com
URL: https://woobox.com/js/app/facebook.js?v=2022_06_01_1400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

006273b397853b9db3a31f7329a15f93f49de3a43bf827b601118778c1184705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 27 Jan 2023 18:19:13 GMT
content-md5: GKqpW/OECBpf47+uwlnGOQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: L+VNe4KsiCfvIAOxrGoPWS8pI6xSwo48LkYfuQnSP1TYxHmbsmY0pwpeBhN3elSScqlhJvn5BttvYVNH7gH3xA==
x-fb-content-md5: c4f090d18e3c74c2649b0c708ce82f9a
cross-origin-opener-policy: same-origin-allow-popups
etag: "9c45c11cb42f82e7ee91b36482ca6e4f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 Jan 2023 18:39:00 GMT

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 46ms
35ms XHR
text/plain 20.49.104.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Fri, 27 Jan 2023 18:19:13 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c

GET
H2 200 RC5e3aa078185a404a90c26089a206fc93-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 1 KB
1 KB 82ms
81ms Script
text/javascript 18.238.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RC5e3aa078185a404a90c26089a206fc93-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-119.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96bce0dc390de0439f3bb050107878d05765f4ad3632340aa63e610955462ce3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:32:44 GMT
x-amz-version-id: EgY35pYUiv3d1TBobg8snb4ZtFf5vo0i
content-encoding: gzip
last-modified: Fri, 27 Jan 2023 17:32:00 GMT
server: AmazonS3
via: 1.1 4ac9029cca7343b507846071d1d5dbc8.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
etag: W/"ae082f44e83d2a2465fdb5589d066b09"
age: 2790
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 2rC8Rd-C8sFhsmZ_SYu8jPw_kqGBf4QLRK9m6Zk6N9Fgl1zRVngglw==

GET
H/1.1 200
OK dest5.html Show response
torontostarnewspaperslimited.demdex.net/ Frame 4A52 7 KB
3 KB 375ms
86ms Document
text/html 34.216.93.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.93.162 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-93-162.us-west-2.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.wellandtribune.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-usw2-2-v041-08288d5db.edge-usw2.demdex.com 4 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: W3m8o8dgQlQ=
content-encoding: gzip
date: Fri, 27 Jan 2023 18:19:13 GMT
last-modified: Fri, 28 Oct 2022 11:27:19 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
s.wellandtribune.ca/ 48 B
468 B 163ms
29ms XHR
application/x-javascript 63.140.38.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://s.wellandtribune.ca/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=12408685775456223961447203200906820823&ts=1674843553427

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.139 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-139.data.adobedc.net

Software

jag /

Resource Hash

59c0367321c919d9a416b5aecd4c9ca790fd1cd0f3811855f98f1d65ae5c17c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.wellandtribune.ca
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y9QVoQAAABpKeAN2
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=12400270736168246941448042300693980893
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9QVoQAAABpKeAN2

42 B
942 B

87ms
86ms

Image
image/gif

52.88.128.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9QVoQAAABpKeAN2

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

HTTP/1.1

Server

52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-128-19.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v041-0c7928642.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: G8BXQ2BCQho=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9QVoQAAABpKeAN2
Date: Fri, 27 Jan 2023 18:19:13 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 site_logo_on_light.svg
woobox.com/assets/img/website/brand/woobox/ Frame CB5F 4 KB
2 KB 24ms
24ms Image
image/svg+xml 3.229.16.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://woobox.com/assets/img/website/brand/woobox/site_logo_on_light.svg
Requested by: Host: offertabs.s3.amazonaws.com
URL: https://offertabs.s3.amazonaws.com/offer/4ijhj7/assets/campaign.min.css?v=d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.16.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-16-82.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a68c1620e53d516ed29745e0598e16207f81d19f9dfb2882f86c85a9182b8650

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offertabs.s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 23:20:23 GMT
server: nginx
etag: W/"62ccb037-e00"
content-type: image/svg+xml

GET
H/1.1 200
OK attention-data Show response
sr.studiostack.com/track/ 154 B
641 B 348ms
300ms XHR
application/json 20.49.104.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-data?media=130507&ref=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7126503d0b1308543125891e317ccdb35d86f414c5d9602cacf7b9c84d896ff4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Fri, 27 Jan 2023 18:19:13 GMT
ETag: W/"9a-ZkJTmV4UwDuamiKQxOfF1rjEaBI"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 154
request-context: appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c

GET
H2 200 jquery.fancybox.css
bc.wellandtribune.ca/plugins/lightboxinteractiontype_torstar/ts_290479a801b4198c27927de5770d3c7c/frontend/src/lib/fancybox/ 5 KB
2 KB 20ms
20ms Stylesheet
text/css 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/plugins/lightboxinteractiontype_torstar/ts_290479a801b4198c27927de5770d3c7c/frontend/src/lib/fancybox/jquery.fancybox.css

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/plugin/plugin/90274f33e3f8f85d026eabf0aced12f2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

27eb87df8f4eb3164ad81ff266aed79d50a33f6869c249ee27ac80ad0c1e3dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 22:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
age: 2661981
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1429
x-xss-protection: 1; mode=block
last-modified: Mon, 26 Dec 2022 22:52:52 GMT
server: -
etag: a422994bd079b12c03bcc1bd67573254
content-type: text/css; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: L2xtprH_EQZnOyU-Z6fqu6IRD65lBa4RBvt9lrt6ikgigisn9MRP2Q==
expires: Wed, 27 Dec 2023 22:52:52 GMT

GET
H2 200 lightbox.css
bc.wellandtribune.ca/plugins/lightboxinteractiontype_torstar/ts_290479a801b4198c27927de5770d3c7c/frontend/src/css/ 219 B
705 B 21ms
21ms Stylesheet
text/css 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/plugins/lightboxinteractiontype_torstar/ts_290479a801b4198c27927de5770d3c7c/frontend/src/css/lightbox.css

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/plugin/plugin/90274f33e3f8f85d026eabf0aced12f2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

e4058b846286433d019ff33bb22b2eca434c9d36249df436d5a3c623825674d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 09:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
age: 1672115
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 174
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Jan 2023 09:50:38 GMT
server: -
etag: 509ab20e0f70a848e487fc09470fbf83
content-type: text/css; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: 56VWSwHh9vLFmd4W-fBqdrkl0t3B3K4XPne74zkozIwVKJRheH1Uzw==
expires: Mon, 08 Jan 2024 09:50:38 GMT

GET
H2 200 __activity.gif
query.petametrics.com/v3/6he57gj8p5ekjagf/7d57b5b1-6edf-4367-baec-398adc440813/ 35 B
94 B 96ms
69ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/6he57gj8p5ekjagf/7d57b5b1-6edf-4367-baec-398adc440813/__activity.gif?e=conversion_shown&ct=Lots+O%27+Prizes+Contest!&ccu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&tspl=4460&blst=1007&ist=1559&iet=1563&bdst=1008&bdet=1199&bcttt=15&jsfv=nbc&ts=1674843553514&jsk=6he57gj8p5ekjagf&jsv=20220926&cu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&uid=7d57b5b1-6edf-4367-baec-398adc440813&sid=a7956d33-bb49-4c7e-f829-5aaf9d585427&pvid=3ef0e8cc-2049-46e9-de03-adebc9a94e4b&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.119+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BWEL%5D%20Overlay_NonSubsDesktop_Q123_JanuarySale&sdk=bc-pixel
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Jan 2023 18:19:13 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 92ms
32ms Preflight
text/html 20.49.104.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.wellandtribune.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Fri, 27 Jan 2023 18:19:13 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame CB5F 306 KB
86 KB 44ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=3b0ac0060e47e92a2d64e96245ce4d16

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b0f29a9d1ba26877494c6ba9777a978bc7d9656e210a2400ca7e4f6b8ac6b0ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://woobox.com/
Origin: https://woobox.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 27 Jan 2023 18:19:13 GMT
content-md5: jfxc1OCMhTQV/Q18De2sGA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88415
x-fb-rlafr: 0
x-fb-debug: QSVmyN+ThgyHYbrxDEaAOKMZfDCoIdqUERxL6Jqjl348v4L3kIR62MD88TSA/oFnYTVtVAW+VIiFKz22+3+yuA==
x-fb-content-md5: 39e8cfb63894509bc47bf42ba0e3bd08
cross-origin-opener-policy: same-origin-allow-popups
etag: "977e2cac4e6e9729d7361464f5ee4422"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 27 Jan 2024 16:40:27 GMT

GET
H2 200 RCc150445a040d4802b87fe750d55df33a-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 930 B
1 KB 80ms
80ms Script
text/javascript 18.238.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RCc150445a040d4802b87fe750d55df33a-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-119.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c63888d02b9bade3b9f57dfa3f0d159fcab60c8ca12817bda4b707c937aae35

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:32:45 GMT
x-amz-version-id: U9biAJlXSK5RdFuxPpLwrgOBttsnI3ls
via: 1.1 4ac9029cca7343b507846071d1d5dbc8.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 17:32:00 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 2789
etag: "de54ee6c26cc532e0031c549c77d95f3"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 930
x-amz-cf-id: Zw2idQ8p2KBaW4NvYFuyhoe64jmqWsGAZ03iatwqKks_Zs1Yhq3OgQ==

POST
H2 200 events Show response
pixel.thestar.com/ 0
121 B 159ms
25ms XHR
text/plain 2600:1f18:1430:9000:71fb:550e:293a:404e
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.thestar.com/events
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.94&r=stable
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1430:9000:71fb:550e:293a:404e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.wellandtribune.ca
date: Fri, 27 Jan 2023 18:19:13 GMT
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 22ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&rl=&if=false&ts=1674843553596&sw=1600&sh=1200&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674843553175.130299356&eid=ob3_plugin-set_045acdcd84baec20d882a78a116aeb4c7d6c40352680d78fb219e10f73c11eb4&it=1674843550766&coo=false&rqm=GET

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 27 Jan 2023 18:19:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 23ms
20ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238428956832148&ev=ViewContent&dl=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&rl=&if=false&ts=1674843553597&sw=1600&sh=1200&v=2.9.94&r=stable&ec=1&o=30&fbp=fb.1.1674843553175.130299356&it=1674843550766&coo=false&rqm=GET

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 27 Jan 2023 18:19:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 events Show response
pixel.thestar.com/ 0
122 B 157ms
24ms XHR
text/plain 2600:1f18:1430:9000:71fb:550e:293a:404e
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.thestar.com/events
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.94&r=stable
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1430:9000:71fb:550e:293a:404e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.wellandtribune.ca
date: Fri, 27 Jan 2023 18:19:13 GMT
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 22ms
21ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=549886031832745&ev=ViewContent&dl=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&rl=&if=false&ts=1674843553598&sw=1600&sh=1200&v=2.9.94&r=stable&ec=1&o=30&fbp=fb.1.1674843553175.130299356&eid=ob3_plugin-set_db9f0c781027b952a704640b10b9225700eea27918738d696c81abdbadc5a836&it=1674843550766&coo=false&rqm=GET

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 27 Jan 2023 18:19:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 RC518669eb80134c629229b164ea843f63-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 2 KB
1 KB 81ms
80ms Script
text/javascript 18.238.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RC518669eb80134c629229b164ea843f63-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-119.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4be7f956a5bee1a33475e18df8ae5fa4783fb7b7533233a608ee627792cb754

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:32:45 GMT
x-amz-version-id: O3SNVu8UIXradogx5Jc8KUUpePmPIzED
content-encoding: gzip
last-modified: Fri, 27 Jan 2023 17:32:00 GMT
server: AmazonS3
via: 1.1 4ac9029cca7343b507846071d1d5dbc8.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
etag: W/"868ac1f3a88fac9e89a6810379830058"
age: 2789
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: dAaWVskAmjZw9eSrzyWEFysf4i_xm-Lfd36RMd6L5-MBZNzvaNKz-Q==

GET
H3 200 status
www.facebook.com/x/oauth/ Frame CB5F 0
0 53ms
53ms Fetch
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.wellandtribune.ca%2Chttps%3A%2F%2Fwww.wellandtribune.ca&client_id=143103275748075&input_token&origin=1&redirect_uri=https%3A%2F%2Fwoobox.com%2F4ijhj7%3Fembed%3D1%26plugin%3D%25257B%252522pid%252522%25253A%2525224ijhj7_0%252522%25252C%252522fid%252522%25253A%252522offer%252522%25257D&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=3b0ac0060e47e92a2d64e96245ce4d16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://woobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Fri, 27 Jan 2023 18:19:13 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: YQJ2B5JXz4ipxmNiVQaT+BT9957ZqzQIYbjuUO8Hejev8G+PN7KslKAtTjDsNbSIWBqGtdxXbUaUwNu6ziosXg==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://woobox.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 91B3 0
15 B 20ms
20ms Document
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.wellandtribune.ca
Referer: https://www.wellandtribune.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.wellandtribune.ca
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 18:19:13 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 292 Show response
bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/ 194 B
1 KB 54ms
53ms XHR
application/json 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/292?referer=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&bcsessionid=56f9a5fd-ff2c-40c9-bed2-14dd2a77f9c5&bctempid=&overruleReferrer=&time=2023-01-27T18%3A19%3A13%2B00%3A00&ts=1674843553694

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

4192de6c04e898bd9ac677f90692efc8eb97a17ac364b76d8e52b2b166722da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 155
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: w4vHPoNLSyi95Ii7djmsFwvlTyUNGDnBzcCc_m8SOBNPiRy4ojbkEg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 images Show response
www.wellandtribune.ca/api/liftigniter/ 9 KB
2 KB 36ms
36ms XHR
application/json 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/api/liftigniter/images

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

0adbf12bcaa48a21c46e7258b03e749ce2cb3b2bb229ad92b9c75b07640fa401

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: EWR53-P1
x-powered-by: Express
etag: W/"22c8-D/BlyYQmC46F8UYpiK7FXeBIkuE"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: wQeiLFrlxyANUuG0neIWQgoueJSdLSciZbgCmMcpfJB-b8VF8MmlmQ==

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
531 B 119ms
42ms Script
application/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.wellandtribune.ca

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 94ms
41ms Script
application/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wellandtribune.ca

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame D5A5
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-vmg_ox-db5_an-db5
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-vmg_ox-db5_an-db5&dcc=t

303 B
1 KB

59ms
59ms

Document
text/html

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-vmg_ox-db5_an-db5&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

eaa85531e5a7ed29ffe844c5d639e6581187d9ba058c08e66036183409ec54f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.wellandtribune.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 303
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 27 Jan 2023 18:19:13 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: A5A8WDC4H98MXKWAK85H

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 27 Jan 2023 18:19:13 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-vmg_ox-db5_an-db5&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: RXQA2V5X63H3V5GXF55C

POST
H2 200 292 Show response
bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/ 187 B
1 KB 30ms
30ms XHR
application/json 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.wellandtribune.ca/DG/DEFAULT/rest/rpc/292?referer=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&bcsessionid=56f9a5fd-ff2c-40c9-bed2-14dd2a77f9c5&bctempid=&overruleReferrer=&time=2023-01-27T18%3A19%3A13%2B00%3A00&ts=1674843553789

Requested by

Host: bc.wellandtribune.ca
URL: https://bc.wellandtribune.ca/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

057fe4dd7645567909220c75608857b0b28f7703fd808a202dc5e5efb6a5cf84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 174
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: _Gb6AFvA_zupEKMTsueJ6AYMdBvOF6X2pbxzfHLSS6CRshnfeL16eg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 images Show response
www.wellandtribune.ca/api/liftigniter/ 8 KB
2 KB 34ms
34ms XHR
application/json 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/api/liftigniter/images

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

2ae66856cf0900759f51b164e42196336e62ef8addb4390a077a80c57fe11b4c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: EWR53-P1
x-powered-by: Express
etag: W/"2052-eO7ehyqGeNGjY0PRMuY4j3dkcH4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: VlCZzLssjohNAHSyv7f-FyhoPXGhLn9r8ZtkpNcv-ARx-kdJVNG2uw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 39ms
38ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac621298347cf95ce6597e601b29b42566ecace1bc9fcf1fd85a735d7b7c3725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68978
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Jan 2023 18:19:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 65ms
64ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95ad3ceef234eec1bb7fe0cbe418ad503c1a3264198cf05cc195575705ea71af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44352
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Jan 2023 18:19:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
67 KB 68ms
67ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ2DQF&gtm_auth=_Ytv5s0HjQH9DfF9IafDKw&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0cb5a42cc68d0195db3907eca56d474f13eb308fddbf31bc8493c504e7772111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68996
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Jan 2023 18:19:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 45ms
44ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ2DQF&gtm_auth=_Ytv5s0HjQH9DfF9IafDKw&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1f0190b8812a984be44f4442a8e5af7b939a5a5e4dd94948b4de6e96ce1eea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44371
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Jan 2023 18:19:13 GMT

GET
H2 200 RCcf6c41d85a5d48ecbc8941416ef1057a-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 981 B
1 KB 82ms
81ms Script
text/javascript 18.238.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RCcf6c41d85a5d48ecbc8941416ef1057a-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-119.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6d627c1400f6246a64cfaff3165e87c18455e790b85df2bf319de0a06af4cd5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:32:46 GMT
x-amz-version-id: nh6CQDADuv0QrjM25kViriV_wpKT03Ls
via: 1.1 4ac9029cca7343b507846071d1d5dbc8.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 17:32:00 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 2788
etag: "3a4139048c3bdca88df9171ccecd6b34"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 981
x-amz-cf-id: xYvxbLmrKA3FnQoDaRclypP5_nzQswOcy7k4xHeUUHEoYYx3uZAuPw==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
20 KB 331ms
330ms XHR
text/plain 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1939649690493622&correlator=4448898652893676&eid=31071822%2C31071972&output=ldjh&gdfp_req=1&vrg=2023012601&ptt=17&impl=fif&iu_parts=58580620%2Cwelland_tribune%2Ccontests%2C2023%2C01%2Cwt-lots-o-prizes-contest%2Chub&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5%2F6&prev_iu_szs=728x90&ifi=1&adks=2917319533&sfv=1-0-40&prev_scp=pos%3D1%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3Drts%26prmtvsdk%3Dweb%26tkspo%3D4%26env%3Dbeta%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26assetid%3D8881602b-5540-47ef-b9c3-fb98fdfe4cba%26kvng%3Dcontests%252Crules%252Csponsored_content%26kvcalais%3D%2520%26key%3D%2520%26article_b%3Dtrue%26gs_channels%3Dgx_norobots&sc=1&cookie_enabled=1&abxe=1&dt=1674843553807&lmt=1674843553&dlt=1674843549390&idt=733&adxs=436&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&ga_vid=735371051.1674843551&ga_sid=1674843554&ga_hid=1978194600&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8c3c0c9fe948e5b9b023d0555f2c5c49d9490188c642aca3939c5c6c0393bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20265
x-xss-protection: 0
google-lineitem-id: 6153922256
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138411970247
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
79587f69b5f37fdc5ef5ffc55bbfd9d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FFB8 6 KB
3 KB 122ms
39ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://79587f69b5f37fdc5ef5ffc55bbfd9d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wellandtribune.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 18:19:13 GMT
expires: Sat, 27 Jan 2024 18:19:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
20 KB 581ms
581ms XHR
text/plain 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1939649690493622&correlator=4448898652893676&eid=31071822%2C31071972&output=ldjh&gdfp_req=1&vrg=2023012601&ptt=17&impl=fif&iu_parts=58580620%2Cwelland_tribune%2Ccontests%2C2023%2C01%2Cwt-lots-o-prizes-contest%2Chub&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5%2F6&prev_iu_szs=300x250%7C300x600&ifi=2&adks=3138932591&sfv=1-0-40&prev_scp=pos%3D1%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3Drts%26prmtvsdk%3Dweb%26tkspo%3D4%26env%3Dbeta%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26assetid%3D8881602b-5540-47ef-b9c3-fb98fdfe4cba%26kvng%3Dcontests%252Crules%252Csponsored_content%26kvcalais%3D%2520%26key%3D%2520%26article_b%3Dtrue%26gs_channels%3Dgx_norobots&sc=1&cookie_enabled=1&abxe=1&dt=1674843553822&lmt=1674843553&dlt=1674843549390&idt=733&adxs=1050&adys=1426&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&frm=20&vis=1&psz=300x250&msz=300x250&fws=516&ohw=1600&ga_vid=735371051.1674843551&ga_sid=1674843554&ga_hid=1978194600&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9569cfb9ab214cfda02ebc64408d733e52d73cfaf00a8303480ac9e6cae85e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20068
x-xss-protection: 0
google-lineitem-id: 6153922256
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138412070814
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 584 B
330 B 579ms
579ms XHR
text/plain 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1939649690493622&correlator=4448898652893676&eid=31071822%2C31071972&output=ldjh&gdfp_req=1&vrg=2023012601&ptt=17&impl=fif&iu_parts=58580620%2Cwelland_tribune%2Ccontests%2C2023%2C01%2Cwt-lots-o-prizes-contest%2Chub&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5%2F6&prev_iu_szs=1x1&ifi=3&adks=2057199468&sfv=1-0-40&prev_scp=pos%3D1%26refresh%3Dundefined%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3Drts%26prmtvsdk%3Dweb%26tkspo%3D4%26env%3Dbeta%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26assetid%3D8881602b-5540-47ef-b9c3-fb98fdfe4cba%26kvng%3Dcontests%252Crules%252Csponsored_content%26kvcalais%3D%2520%26key%3D%2520%26article_b%3Dtrue%26gs_channels%3Dgx_norobots&sc=1&cookie_enabled=1&abxe=1&dt=1674843553830&lmt=1674843553&dlt=1674843549390&idt=733&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&frm=20&vis=1&psz=1600x0&msz=1x-1&fws=4&ohw=1600&ga_vid=735371051.1674843551&ga_sid=1674843554&ga_hid=1978194600&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b23d8ec3a50a2c5b10adaf75d3accff39dc42c6dda20ae38303d05e8dbfa219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 300
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 576ms
576ms XHR
text/plain 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1939649690493622&correlator=4448898652893676&eid=31071822%2C31071972&output=ldjh&gdfp_req=1&vrg=2023012601&ptt=17&impl=fif&iu_parts=58580620%2Cwelland_tribune%2Ccontests%2C2023%2C01%2Cwt-lots-o-prizes-contest%2Chub&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5%2F6&prev_iu_szs=2x1&ifi=4&adks=3180173401&sfv=1-0-40&prev_scp=pos%3D1%26refresh%3Dfalse%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3Drts%26prmtvsdk%3Dweb%26tkspo%3D4%26env%3Dbeta%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26assetid%3D8881602b-5540-47ef-b9c3-fb98fdfe4cba%26kvng%3Dcontests%252Crules%252Csponsored_content%26kvcalais%3D%2520%26key%3D%2520%26article_b%3Dtrue%26gs_channels%3Dgx_norobots&sc=1&cookie_enabled=1&abxe=1&dt=1674843553834&lmt=1674843553&dlt=1674843549390&idt=733&adxs=1036&adys=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&frm=20&vis=1&psz=328x1&msz=328x1&fws=4&ohw=1600&ga_vid=735371051.1674843551&ga_sid=1674843554&ga_hid=1978194600&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b10cdd31348fbbb07f67339cccddcc355cd59b7caf8390ab367ebcabbe54ffd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9920
x-xss-protection: 0
google-lineitem-id: 5886863882
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138378437674
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 images Show response
www.wellandtribune.ca/api/liftigniter/ 2 KB
946 B 35ms
35ms XHR
application/json 2600:9000:2209:d800:18:681a:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellandtribune.ca/api/liftigniter/images

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/static/vendors~bundle.chunk.js?v=f6e17047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:d800:18:681a:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

afe75304e7d39674f31f5653b15e816df4ce9b53bbe858e7b39264f385e07eed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Jan 2023 18:19:13 GMT
content-encoding: gzip
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: EWR53-P1
x-powered-by: Express
etag: W/"9b5-QP+EhsO5iR4iTt9hXkbZNVmGoOI"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: GBHzZ7dOmvlY-9gJ-HNwHv8AbItNjpDO_DvGHz7wgvNP6_gCyjdTFg==

GET
H2

200

activityi;dc_pre=CIfi3biu6PwCFS2KgwgdJzYC7Q;src=10230056;type=ret01;cat=land01;ord=5346153482110;gtm=2od1p0;auiddc=905774472.1674843554;~oref=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2... Show response
10230056.fls.doubleclick.net/ Frame 27C7
Redirect Chain

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=5346153482110;gtm=2od1p0;auiddc=905774472.1674843554;~oref=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F202...
https://10230056.fls.doubleclick.net/activityi;dc_pre=CIfi3biu6PwCFS2KgwgdJzYC7Q;src=10230056;type=ret01;cat=land01;ord=5346153482110;gtm=2od1p0;auiddc=905774472.1674843554;~oref=https%3A%2F%2Fwww....

537 B
474 B

43ms
42ms

Document
text/html

142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10230056.fls.doubleclick.net/activityi;dc_pre=CIfi3biu6PwCFS2KgwgdJzYC7Q;src=10230056;type=ret01;cat=land01;ord=5346153482110;gtm=2od1p0;auiddc=905774472.1674843554;~oref=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

785cc4e92ca0e7fe5226fe1b4138ee1c102f484b4731a9d8998d16a170fd3537

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wellandtribune.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 298
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 18:19:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 18:19:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10230056.fls.doubleclick.net/activityi;dc_pre=CIfi3biu6PwCFS2KgwgdJzYC7Q;src=10230056;type=ret01;cat=land01;ord=5346153482110;gtm=2od1p0;auiddc=905774472.1674843554;~oref=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 intersection_1.jpg
images.thestar.com/x2-WUukLYX7JqghHGPWzzzlqMeM=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/news/niagara-region/2023/01/25/new-rule-at-b... 61 KB
61 KB 24ms
23ms Image
image/webp 13.33.60.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/x2-WUukLYX7JqghHGPWzzzlqMeM=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/news/niagara-region/2023/01/25/new-rule-at-busy-welland-intersection-put-in-place-with-pedestrian-safety-in-mind-says-region/intersection_1.jpg
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-111.ewr52.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0e01737eada003a4bea056f9774866e858bb1e334807d7644ea5cfa5b90e98ee

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 14:02:15 GMT
via: 1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: EWR52-C1
age: 101818
etag: "f004fc4a5d315f51539d26f2eaf448e989d19939"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 62298
x-amz-cf-id: QHbpvfn1eHv-lTphZ9SKB6rV14AO7heLw1Tsydfd-vzFM1krnGqbYQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 10840388_floodingimpact.JPG
images.thestar.com/ur_K7dj154y3_KBYcd51ATCZDqs=/690x460/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/localcommunities/port_colborne_leader/news/2023/01/26/canal-flooding-lea... 81 KB
82 KB 48ms
46ms Image
image/webp 13.33.60.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/ur_K7dj154y3_KBYcd51ATCZDqs=/690x460/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/localcommunities/port_colborne_leader/news/2023/01/26/canal-flooding-leaves-port-colborne-shops-looking-to-city-hall-for-solutions/10840388_floodingimpact.JPG
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-111.ewr52.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6c7ebcd7cee0f6b7621217f982c07373a3b5fc916d430ddbac06490e46ae4913

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 10:47:16 GMT
via: 1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: EWR52-C1
age: 113517
etag: "bfc107dd20d13a173316a73cf795d8f26301c2d2"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 83390
x-amz-cf-id: 23cF208O1cHU-qIEvNn02n-NuiP-Mc3thwtKwZotX1bIgx7qH-R5dA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 port_ucc.jpg
images.thestar.com/As41uY0NHPLfg2TeE-ajMm6HOaE=/690x460/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/news/niagara-region/2023/01/26/hospital-system-working-to... 41 KB
41 KB 33ms
32ms Image
image/webp 13.33.60.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/As41uY0NHPLfg2TeE-ajMm6HOaE=/690x460/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/news/niagara-region/2023/01/26/hospital-system-working-to-ensure-south-niagara-residents-continue-to-have-access-to-care/port_ucc.jpg
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-111.ewr52.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7e909e483f6dce0ad2a220362b5a389622f5fa115230bb89e6407ad8272efa94

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 22:44:25 GMT
via: 1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: EWR52-C1
age: 70488
etag: "3d2a97df820befa22d56d73f26525ff645a1b72b"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 41960
x-amz-cf-id: 5FPohQruRj5ZtR3nV5eVxErwRPN1bYfbIH1VfCA092MIIonMTnPQ1Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 southworth_1.jpg
images.thestar.com/yGqUPUYsufsX9JxMq82Fbql-2M4=/690x460/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/news/niagara-region/2023/01/26/firefighters-had-to-use-ex... 55 KB
56 KB 38ms
37ms Image
image/webp 13.33.60.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/yGqUPUYsufsX9JxMq82Fbql-2M4=/690x460/smart/filters:format(webp)/https://www.wellandtribune.ca/content/dam/niagaradailies/news/niagara-region/2023/01/26/firefighters-had-to-use-extreme-caution-battling-blaze-at-welland-auto-shop/southworth_1.jpg
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-111.ewr52.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8d95863c406c7c9dd8d08a0ef19a5110f5bee4ff90ed321f5833f366c9db2c63

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 21:27:00 GMT
via: 1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: EWR52-C1
age: 75133
etag: "800af2aede9114bca54e9b08bb05d4ca7874123f"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 56586
x-amz-cf-id: F1S8ybRa0m0gt3436KgtwnFAFIKZsf1cQ7BMK1uYHww1l6BU6i0uJA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 __activity.gif
query.petametrics.com/v3/6he57gj8p5ekjagf/7d57b5b1-6edf-4367-baec-398adc440813/ 35 B
94 B 45ms
44ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/6he57gj8p5ekjagf/7d57b5b1-6edf-4367-baec-398adc440813/__activity.gif?e=widget_shown&ct=Lots+O%27+Prizes+Contest!&ccu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&tspl=4879&blst=1007&ist=1559&iet=1563&bdst=1008&bdet=1199&bcttt=16&jsfv=nbc&ts=1674843553933&jsk=6he57gj8p5ekjagf&jsv=20220926&cu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&uid=7d57b5b1-6edf-4367-baec-398adc440813&sid=a7956d33-bb49-4c7e-f829-5aaf9d585427&pvid=3ef0e8cc-2049-46e9-de03-adebc9a94e4b&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.119+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=wellandtribune_ymbii&source=LI&pl=null&tr=null&st=4877&vi=%5B%22https%3A%2F%2Fwww.wellandtribune.ca%2Fnews%2Fniagara-region%2F2023%2F01%2F25%2Fnew-rule-at-busy-welland-intersection-put-in-place-with-pedestrian-safety-in-mind-says-region.html%22%2C%22https%3A%2F%2Fwww.wellandtribune.ca%2Flocal-port-colborne%2Fnews%2F2023%2F01%2F26%2Fcanal-flooding-leaves-port-colborne-shops-looking-to-city-hall-for-solutions.html%22%2C%22https%3A%2F%2Fwww.wellandtribune.ca%2Fnews%2Fniagara-region%2F2023%2F01%2F26%2Fhospital-system-working-to-ensure-south-niagara-residents-continue-to-have-access-to-care.html%22%2C%22https%3A%2F%2Fwww.wellandtribune.ca%2Fnews%2Fniagara-region%2F2023%2F01%2F26%2Ffirefighters-had-to-use-extreme-caution-battling-blaze-at-welland-auto-shop.html%22%5D&sdk=bc-pixel
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Jan 2023 18:19:13 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 2 KB
1 KB 181ms
120ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1674843553977&cv=11&fst=1674843553977&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&tiba=Lots%20O%27%20Prizes%20Contest!%20%7C%20wellandtribune.ca&auid=905774472.1674843554&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8837db0462a83206559a9d97063973242a263f311f13caf5aa7f4a24f217b606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 923
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RCfc98541866c44adc8969609b572bc808-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 1 KB
958 B 82ms
82ms Script
text/javascript 18.238.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RCfc98541866c44adc8969609b572bc808-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-119.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d98942b504ffe9f347ae6da5775f3e4432d1f63f51cecf34a3bef251bb846673

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:32:46 GMT
x-amz-version-id: GEBIpX3p38yQ84Aow6kDyna8pkLvf.Fa
content-encoding: gzip
last-modified: Fri, 27 Jan 2023 17:32:00 GMT
server: AmazonS3
via: 1.1 4ac9029cca7343b507846071d1d5dbc8.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
etag: W/"71bba86a6ad2931365ec57c49caf3c37"
age: 2789
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 9TMOFSChU2oA0mK5xvLWjTyTKQxs6P_TME_-KyCom7Iof_Ypoxo1Jg==

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 292F 1 KB
2 KB 36ms
36ms Document
text/html 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_n-vmg_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-vmg_ox-db5_an-db5&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

6d96ff715872001a82d995f03b85910c1ec897405a9dc45f73a2a449602fd362

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_rbd_n-vmg_ox-db5_an-db5&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1413
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 27 Jan 2023 18:19:14 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: CXEJY3GWHRVGPPDB55VQ

GET
H2 200 / Show response
match.sharethrough.com/jwumXNuB/v1/ Frame 66A3 427 B
612 B 105ms
26ms Document
text/html 35.173.104.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_n-vmg_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.104.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-104-42.compute-1.amazonaws.com
Software: /
Resource Hash: 53f4fc10e6fa7efccc7da9186a8a47ec597d45148b7a437387c986d2c0cde22a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 427
date: Fri, 27 Jan 2023 18:19:14 GMT

GET
H2

200

cm Show response
u.openx.net/w/1.0/ Frame 6554
Redirect Chain

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...

722 B
794 B

17ms
16ms

Document
text/html

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_n-vmg_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: fd38c766df215dedeec2f0ce0d37f9b1557bf41f4022a9ade3426205901e39b0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 461
content-type: text/html
date: Fri, 27 Jan 2023 18:19:14 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 27 Jan 2023 18:19:14 GMT
location: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E7BF 281 B
554 B 131ms
22ms Document
text/html 104.105.42.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_n-vmg_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-42-146.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 27 Jan 2023 18:19:14 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 7218
Redirect Chain

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JcnQxc2MxRTJ1SzAzeXZUNGxqNlREYy5yMzFVOUZZQ35B

43 B
479 B

38ms
38ms

Document
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JcnQxc2MxRTJ1SzAzeXZUNGxqNlREYy5yMzFVOUZZQ35B

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_n-vmg_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 27 Jan 2023 18:19:14 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: JPC94RR7TN3TZBVTSH51

Redirect headers

age: 0
content-length: 0
date: Fri, 27 Jan 2023 18:19:14 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JcnQxc2MxRTJ1SzAzeXZUNGxqNlREYy5yMzFVOUZZQ35B
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 010C
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://s.amazon-adsystem.com/ecm3?id=9170963943015918012&ex=appnexus.com

43 B
479 B

53ms
38ms

Document
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?id=9170963943015918012&ex=appnexus.com

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_ox-db5_rbd_n-vmg_an-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 27 Jan 2023 18:19:14 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: HZY5QSQE2ZC4PX2MYCPM

Redirect headers

AN-X-Request-Uuid: bcb5d1e5-3080-4b5f-8ff8-bc3124a36287
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Fri, 27 Jan 2023 18:19:14 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://s.amazon-adsystem.com/ecm3?id=9170963943015918012&ex=appnexus.com
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 149.56.153.179; 149.56.153.179; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2 200 RCe46cbcc54abd406cab4e76bfe42b5d04-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 1 KB
994 B 80ms
80ms Script
text/javascript 18.238.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RCe46cbcc54abd406cab4e76bfe42b5d04-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-119.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e3db724b393f39920a94a2ab7767929530374d8b52c18830bba21fbd9c91483

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:32:47 GMT
x-amz-version-id: K5sh7b0l3Tn0JhYiRp1XTDTxnLj_yW5f
content-encoding: gzip
last-modified: Fri, 27 Jan 2023 17:32:00 GMT
server: AmazonS3
via: 1.1 4ac9029cca7343b507846071d1d5dbc8.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
etag: W/"fee1d732b28d479f644a693f2b34ba2f"
age: 2788
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: aatITIcg3av_iPXuZRzxxm69ZHjZF5Z3Iz6FFDoJsG1Gf1N8fKUddQ==

GET
H2 200 dc_pre=CIfi3biu6PwCFS2KgwgdJzYC7Q;src=10230056;type=ret01;cat=land01;ord=5346153482110;gtm=2od1p0;auiddc=905774472.1674843554;~oref=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-l... Show response
adservice.google.com/ddm/fls/i/ Frame 2FD3 536 B
534 B 48ms
45ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIfi3biu6PwCFS2KgwgdJzYC7Q;src=10230056;type=ret01;cat=land01;ord=5346153482110;gtm=2od1p0;auiddc=905774472.1674843554;~oref=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html

Requested by

Host: 10230056.fls.doubleclick.net
URL: https://10230056.fls.doubleclick.net/activityi;dc_pre=CIfi3biu6PwCFS2KgwgdJzYC7Q;src=10230056;type=ret01;cat=land01;ord=5346153482110;gtm=2od1p0;auiddc=905774472.1674843554;~oref=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94b24e2d65b0155b654cf6e21b55259f171982406f9da1f0d4c03840e9e10777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10230056.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 298
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 18:19:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 2 KB
1 KB 103ms
103ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1674843554124&cv=11&fst=1674843554124&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&tiba=Lots%20O%27%20Prizes%20Contest!%20%7C%20wellandtribune.ca&auid=905774472.1674843554&uamb=0&uaw=0&data=event%3Dform_start&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e48fd9ae38d0a8744d6da1841c7d40da89c55a121d27e05796502771fb1683a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 923
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 2 KB
1 KB 109ms
109ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1674843554132&cv=11&fst=1674843554132&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&tiba=Lots%20O%27%20Prizes%20Contest!%20%7C%20wellandtribune.ca&auid=905774472.1674843554&uamb=0&uaw=0&data=event%3Dform_submit&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81be5fdf7574778e05b5063c0e70fcf7f5d05e4027f599210524ec1614f72407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 924
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame AA51 0
15 B 20ms
19ms Document
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.wellandtribune.ca
Referer: https://www.wellandtribune.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.wellandtribune.ca
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 18:19:14 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 close.png
bc.wellandtribune.ca/rest/dialogues/files/38bbb8e6-2ab5-4aca-b63f-d8596ddc3ba8/ 269 B
775 B 27ms
19ms Image
image/png 18.164.116.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bc.wellandtribune.ca/rest/dialogues/files/38bbb8e6-2ab5-4aca-b63f-d8596ddc3ba8/close.png

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-67.jfk50.r.cloudfront.net

Software

- /

Resource Hash

f5ee1f486d72b4c1b2ba4a16320729616508e9d67b4440aa5fc3a78fd18cd0e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 16:39:17 GMT
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: JFK50-P6
age: 2684397
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 269
x-xss-protection: 1; mode=block
last-modified: Mon, 26 Dec 2022 16:39:17 GMT
server: -
etag: bdffbfd63e3bf04b6c6c464895067bcf
content-type: image/png
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: NKRoJ97qiRf2Mx089KhMZc6dG3OiyQnwiZlZbT4ajDvm_f4j1LZ1xw==
expires: Wed, 27 Dec 2023 16:39:17 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 6554 43 B
479 B 33ms
32ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=1a444e54-c43d-8cd2-8c07-66198c3d537c

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Jan 2023 18:19:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6BMEDYRFW6SB5NQV5SXT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6554
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y9QVoQAAABpKeAN2

43 B
180 B

21ms
14ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y9QVoQAAABpKeAN2
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-yul12830-YUL
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1674843554.226434,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y9QVoQAAABpKeAN2
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 d655546d-483b-a561-7dde-f27b1b5955d5
pr-bh.ybp.yahoo.com/sync/openx/ Frame 6554 43 B
602 B 103ms
28ms Image
image/gif 2600:1f18:4e9:5a07:d5b4:f192:17b5:1772
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/d655546d-483b-a561-7dde-f27b1b5955d5?gdpr=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a07:d5b4:f192:17b5:1772 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 6554
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=42923229-d897-3728-4c09-e48ee40e989c&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=42923229-d897-3728-4c09-e48ee40e989c&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5a239b24-4623-4fc0-944c-33debdf9cf5b&ttd_puid=42923229-d897-3728-4c09-e48ee40e989c&gdpr=0&gdpr_consent=

43 B
62 B

19ms
14ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=5a239b24-4623-4fc0-944c-33debdf9cf5b&ttd_puid=42923229-d897-3728-4c09-e48ee40e989c&gdpr=0&gdpr_consent=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=5a239b24-4623-4fc0-944c-33debdf9cf5b&ttd_puid=42923229-d897-3728-4c09-e48ee40e989c&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 6554 170 B
409 B 113ms
38ms Image
image/png 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmVmZGUxZTMtMTFlMC02OThjLTU5ZTktYmUzNzJlZWM1NmZj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 6554
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBtiPyRuQWChtFrBoi85qF4&google_cver=1

43 B
61 B

22ms
21ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBtiPyRuQWChtFrBoi85qF4&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBtiPyRuQWChtFrBoi85qF4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CIfi3biu6PwCFS2KgwgdJzYC7Q;src=10230056;type=ret01;cat=land01;ord=5346153482110;gtm=2od1p0;auiddc=905774472.1674843554;~oref=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-l... Show response
adservice.google.ca/ddm/fls/i/ Frame 5533 194 B
301 B 52ms
49ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/ddm/fls/i/dc_pre=CIfi3biu6PwCFS2KgwgdJzYC7Q;src=10230056;type=ret01;cat=land01;ord=5346153482110;gtm=2od1p0;auiddc=905774472.1674843554;~oref=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIfi3biu6PwCFS2KgwgdJzYC7Q;src=10230056;type=ret01;cat=land01;ord=5346153482110;gtm=2od1p0;auiddc=905774472.1674843554;~oref=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 18:19:14 GMT
expires: Fri, 27 Jan 2023 18:19:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5AD8 0
0 52ms
47ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMretXvhB5yphn5IEpAcRtPh7b1Vc7cKlicWpGUeWaoZ5_bUA8LNh7U6JAlkYaYE09k-jNC1mlT-p4Gxqrd4GAi8FPCuSTSFVmZ3GbE7agPB1uzASYCCzhopLu0L9nv0fN5nC6y-Uc01HNXI5MOHkDq8E3zI9xmaDajt_wXr_1uYXWaQPEFdcCwO3gU-0zT7h9ZALVMo8jTUry5Uu57kwPAcjB4SVtOtaA4Rdcvy-KgM7bvKaTj4BD12gtNmsdwtE-Lfg-SJO8mrqRvE9q9-u-HV2fEFjKYhRo1dGpjjp6b2cp0jHyB285FqpuPkuVCTp1enLZZINq4QpqTAWNXJZ_PVKZx5Cm5Azf-wg9nse1ME5hKlBJ2dUTf8SwBaR5ajkBhd04YAo-EA&sai=AMfl-YQkkb0JsU5CpoLn57X7B4Z-h7YxsHiG0m9jzaRzw4DGPdf_q-Um3F3FYljowKZmHsieFeAcR_pJDIAJ8TR-AWGQ6UhoFoypIVP5L-kna9GbT-gvDvmGNcMYG9lSjGZMVVc_A5xYRnwah5HdHFUurmY&sig=Cg0ArKJSzJZYq8Uu561SEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 27 Jan 2023 18:19:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 5AD8 22 KB
9 KB 117ms
45ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 22:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Feb 2023 22:23:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 5AD8 3 KB
2 KB 93ms
21ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 22:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Feb 2023 22:23:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5AD8 156 KB
48 KB 128ms
125ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 18:19:14 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/torontostar63296366476/ Frame 5AD8 12 KB
5 KB 22ms
19ms Script
application/x-javascript 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontostar63296366476/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 084a02c1e44e77a00d52a22de4b659a58f488162ced9165c865baf77b231b303

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 17:31:50 GMT
server: AmazonS3
x-amz-request-id: E8PJ63K9GRAENRDS
etag: "c085bb79672ed3b0f6735b8e17b40ec5"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31211
accept-ranges: bytes
content-length: 4608
x-amz-id-2: pligoBQUsD+5YWWwu+LULOs9BjkEGpwWLBaaDfOaByRAcUgqssK0OfSXtOdGYW9EptyD9UmWybY=

GET
H2 200 3113694854849167458
tpc.googlesyndication.com/simgad/ Frame 5AD8 486 KB
487 KB 96ms
26ms Image
image/gif 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3113694854849167458

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6fb48e8d0261e0f0c1785c020ced408256e8e323e4b97d55b7b2ec5aa0d5f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 12:44:18 GMT
x-content-type-options: nosniff
age: 20096
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 497625
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 22:01:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jan 2024 12:44:18 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 66A3 43 B
479 B 88ms
35ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=b3101338-6dd8-42c1-932f-102bfecd1b4f

Requested by

Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Jan 2023 18:19:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QHN58ZM3SWKSPBZC2E16
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 66A3
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212088455594955

68 B
279 B

26ms
24ms

Image
image/png

35.173.104.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212088455594955
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 35.173.104.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-104-42.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:13 GMT
referrer-policy: unsafe-url
server: 33XP011
x-33x-status: 100000000008200000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212088455594955
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 66A3
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d600c8ef-2c70-46cd-a66a-55d36b0df7d9&gdpr=0&gdpr_consent=

68 B
279 B

26ms
25ms

Image
image/png

35.173.104.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d600c8ef-2c70-46cd-a66a-55d36b0df7d9&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 35.173.104.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-104-42.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d600c8ef-2c70-46cd-a66a-55d36b0df7d9&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 66A3
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2...
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=8cf1c714-6ad3-0ac5-09a2-c2c4eec53af4

68 B
279 B

25ms
24ms

Image
image/png

35.173.104.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=8cf1c714-6ad3-0ac5-09a2-c2c4eec53af4
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 35.173.104.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-104-42.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=8cf1c714-6ad3-0ac5-09a2-c2c4eec53af4
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 66A3
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5a239b24-4623-4fc0-944c-33debdf9cf5b&gdpr=0&gdpr_consent=

68 B
279 B

25ms
24ms

Image
image/png

35.173.104.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5a239b24-4623-4fc0-944c-33debdf9cf5b&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 35.173.104.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-104-42.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5a239b24-4623-4fc0-944c-33debdf9cf5b&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H2 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
455 B 112ms
37ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1674843553977&cv=11&fst=1674842400000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&tiba=Lots%20O%27%20Prizes%20Contest!%20%7C%20wellandtribune.ca&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1719876974&rmt_tld=0&ipr=y

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/698108511/ 42 B
455 B 122ms
46ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/698108511/?random=1674843553977&cv=11&fst=1674842400000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&tiba=Lots%20O%27%20Prizes%20Contest!%20%7C%20wellandtribune.ca&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1719876974&rmt_tld=1&ipr=y

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E7BF 34 KB
10 KB 26ms
20ms Script
text/html 104.105.42.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-42-146.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 2838be0b0a0c43f56e928ea13ac850de05e28a8c9ceda176f909674667a02764

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 27 Jan 2023 18:19:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Jan 2023 12:05:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63972
Connection: keep-alive
Content-Length: 10036
Expires: Sat, 28 Jan 2023 12:05:26 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
108 B 82ms
39ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1674843554124&cv=11&fst=1674842400000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&tiba=Lots%20O%27%20Prizes%20Contest!%20%7C%20wellandtribune.ca&data=event%3Dform_start&fmt=3&is_vtc=1&random=3583223231&rmt_tld=0&ipr=y

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/698108511/ 42 B
108 B 91ms
47ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/698108511/?random=1674843554124&cv=11&fst=1674842400000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&tiba=Lots%20O%27%20Prizes%20Contest!%20%7C%20wellandtribune.ca&data=event%3Dform_start&fmt=3&is_vtc=1&random=3583223231&rmt_tld=1&ipr=y

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
108 B 75ms
39ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1674843554132&cv=11&fst=1674842400000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&tiba=Lots%20O%27%20Prizes%20Contest!%20%7C%20wellandtribune.ca&data=event%3Dform_submit&fmt=3&is_vtc=1&random=651486243&rmt_tld=0&ipr=y

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/698108511/ 42 B
108 B 87ms
50ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/698108511/?random=1674843554132&cv=11&fst=1674842400000&bg=ffffff&guid=ON&async=1&gtm=2oa1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&tiba=Lots%20O%27%20Prizes%20Contest!%20%7C%20wellandtribune.ca&data=event%3Dform_submit&fmt=3&is_vtc=1&random=651486243&rmt_tld=1&ipr=y

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E7BF 284 B
934 B 109ms
25ms Image
image/jpg 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
DATA 200
OK truncated
/ Frame 5AD8 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e070e45b6c1ce870087c46a091ee24f14b4658e472e5e8d5551df370ef2446a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 s84389562953955 Show response
s.wellandtribune.ca/b/ss/torontodnnlocal/1/JS-2.23.0-LCXS/ 43 B
333 B 30ms
29ms XHR
image/gif 63.140.38.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://s.wellandtribune.ca/b/ss/torontodnnlocal/1/JS-2.23.0-LCXS/s84389562953955

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.139 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-139.data.adobedc.net

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 28 Jan 2023 18:19:14 GMT
server: jag
etag: 3596699145341829120-4619811437015388478
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.wellandtribune.ca
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Thu, 26 Jan 2023 18:19:14 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5AD8 0
0 47ms
46ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3WuCXVY1-ympUV0rjtp5se5pxQGhi4DMDtCN7afL-4FK8xcUF5nJgFKrUiJy6ZHJ7fKKM_UWMBfhm71SYLCGsI77TEzNjgoXKUDd1dmnwZTelFHR3Hvu23d22g3r2O7s0pdPiV9PAAQCO-IC6sw7ejMTEDNmFe9thJRPinxUIPJM9LblAGs0vTWRAiDSic2UPNP0fSdpWzOjEK0_V2D797KMJX-cuzQK6JWsDZ2uY7-pcfX-CjyNHyO2VwwKG1nyJq0vP1uiUhPaeq6s8RvzC7KuOZgA65V6FdoIyZXBNut1A5FUvIEPvwLFjkWmT_CfuXuGYC4GjoKZSIDdeIUTcfqKZUXaEt-KT82JIdMNVPhaQ83S2n-qPvRzXclru-zNZ67fNHwoy2gsS&sai=AMfl-YTJgW92mr7zzXLAizqQg42AXEM4jkKWP1ENrH9f4Ucs5y6_AdI8wb7jnj4Uws9YRe9WuZfEhKhpafWGGgC4yXJyWYzfTZsI5Z0-cclWDaC9ZoHF5qsSdyq0VQH6fms6EVyiZS-3OPL--136iqP8muM&sig=Cg0ArKJSzM4oTwLpf5TiEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 27 Jan 2023 18:19:14 GMT

GET
H2 200 moatcore.js Show response
z.moatads.com/torontostar63296366476/ Frame 5AD8 312 KB
107 KB 19ms
18ms Script
application/x-javascript 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontostar63296366476/moatcore.js
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/torontostar63296366476/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 93c5745f6fff3ae1e1ebfcc5bc98540bb02ac6c1a121a8456cd3020a58c2a337

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 17:32:28 GMT
server: AmazonS3
x-amz-request-id: KCX1GCV27REHTBZ0
etag: "6204144fc241deace889724586df8549"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31097
accept-ranges: bytes
content-length: 108832
x-amz-id-2: 0RHm1r9lJE8TvpAS+uRExrw0sFGVZyhz7asoQunD6lB40Ag+3HHbdDIj5SXCjcTnWBwOBQfQCMA=

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E7BF
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LDEULXEG-1Z-FEL7
https://s.amazon-adsystem.com/ecm3?id=LDEULXEG-1Z-FEL7&ex=d-rubiconproject.com&status=ok

43 B
479 B

36ms
35ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LDEULXEG-1Z-FEL7&ex=d-rubiconproject.com&status=ok

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Jan 2023 18:19:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2KPAMA8QMSSFER50JJP5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LDEULXEG-1Z-FEL7&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
Expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 39AE 0
0 53ms
53ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPwv8lPs78tXrNR9yjAdkeN6LcADMO_sXkqwu2j6YX129mdWxIdlbtu99VHM9C2hLMl1jKIli3lUvmQXAxleBI3Eaj_vkM1wOk0T2v9QWWOUh2F9ZMf0-Om1GtBw97xRWVSXeoPfZS9VyMJ8EFLRjRQo1UGR16RjL5RFCJ4LgjfV3f4wd1fXm8iUoBR90gB8bxuVGmv_NfAOcWBeS64OWZxkVlS0a-FfT-bcxfJkUv0l-oX8wf7r4SS19RlvxeskQ_P63AQdQ0BA9kW5RrvwA4pSiDVS7vdaJmRSywlLhv647GcacLQ5nY08ig-iqJkjnB2O4rdFEicDHmUHOlAGGtfcFzaJwBuIHm1HVSEBaWgvmlkEXMBSZYUwfRy3gtA2qp0NH32lZsbQ&sai=AMfl-YQtZX7kl0q6hZp-87GE8t1rUdcjr4EZTkDisFsuXPhAv25fiPpOjFuIagRpOX9K9r54fKf2hqTBPDrPQg9ktybaplHwZtFaco5w5xXSgvJkP74t1ikeCwDb_KtuP0y498S0gZg25tvynui86MiOd04&sig=Cg0ArKJSzEUrCMuNb-VQEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 39AE 22 KB
9 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 22:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Feb 2023 22:23:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 39AE 3 KB
1 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 22:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Feb 2023 22:23:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 39AE 156 KB
48 KB 46ms
45ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 18:19:14 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/torontostar63296366476/ Frame 39AE 12 KB
5 KB 27ms
26ms Script
application/x-javascript 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontostar63296366476/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 084a02c1e44e77a00d52a22de4b659a58f488162ced9165c865baf77b231b303

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 17:31:50 GMT
server: AmazonS3
x-amz-request-id: E8PJ63K9GRAENRDS
etag: "c085bb79672ed3b0f6735b8e17b40ec5"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31211
accept-ranges: bytes
content-length: 4608
x-amz-id-2: pligoBQUsD+5YWWwu+LULOs9BjkEGpwWLBaaDfOaByRAcUgqssK0OfSXtOdGYW9EptyD9UmWybY=

GET
H2 200 2619787363394091450
tpc.googlesyndication.com/simgad/ Frame 39AE 526 KB
526 KB 25ms
25ms Image
image/gif 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2619787363394091450

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e4254a8d6b170c80c85ea1b72f78feb735b9a598bc8204bc90b224bc14580f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 21:10:39 GMT
x-content-type-options: nosniff
age: 335315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 538515
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 22:01:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 23 Jan 2024 21:10:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D7E3 0
0 45ms
44ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvr0PKoSbCzw2FJRSHbwLg5K53lRJrx97t2QVMK3XRY1k7URO9a0HYE0xOMm9VSazqP8QHXtFndxNJBZjbC1tW1PcLaA_nEDxJGN4caxjl_JucfksQ83VfoZMoqdR5z0623mi_2y2BToNRz485YpjFvkjkjBGEHuVOZGzIPQUOhlVpOhb0y1ST0AdllUmVPoaXNmPAX4fuOXl9E5iTlxjf2Pn2e-3hiO9_HXHkjQB89h23A2lAd4Fq2uV9PG-4drAiKMMGlv7PIZQdynfzhQHgRt4EizeGWtzj6vqjKYJOuTPl0zV7kQRjYjDPaEC2994Nq72Uq6VX8Dlp8ltFNr3BAlAeeZzRjKb-ouVy7Rl08qy9ymbnqRQ1rxIf9LI-IGhMyux7G&sai=AMfl-YSRxNQxs69hro0PKSRdQnprReBMyjPBddp9kLbD24llMfpDxCpHDT1BeZ4nKSNHWD3MblhzU-xcdzx-182zuWN07AavA7OZl4Qh1TAgJofjfOhHYhevsCM0m4VkayJ8uiyn-s0WbIer5a_Wrj5rBQ&sig=Cg0ArKJSzMER6XYjzSAsEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK freeskreen.min.js Show response
static.freeskreen.com/ba/22/ Frame D7E3 28 KB
10 KB 98ms
19ms Script
text/javascript 52.85.61.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/ba/22/freeskreen.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-19.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7bb05bc0a6f02c90de52b1a2600ee3524a379b0a1bc01b14079b2c19371c1af1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: Qb5vjlXI9EC2gLvpj6f5a4y5gFJRZ1o3
Content-Encoding: gzip
Via: 1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
Date: Fri, 27 Jan 2023 14:28:26 GMT
Last-Modified: Wed, 29 Sep 2021 21:16:14 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-P1
Age: 22138
ETag: "4d0871684e9b79b9dcde7ccd604b0c1e"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9641
X-Amz-Cf-Id: 55R2ifCASdGFldjmjngRmbfPhMOllYUwaox_mEv1D2M-bNoXmeoWuQ==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D7E3 156 KB
48 KB 67ms
67ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 18:19:14 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/torontostar63296366476/ Frame D7E3 12 KB
5 KB 26ms
26ms Script
application/x-javascript 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontostar63296366476/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 084a02c1e44e77a00d52a22de4b659a58f488162ced9165c865baf77b231b303

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 17:31:50 GMT
server: AmazonS3
x-amz-request-id: E8PJ63K9GRAENRDS
etag: "c085bb79672ed3b0f6735b8e17b40ec5"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31211
accept-ranges: bytes
content-length: 4608
x-amz-id-2: pligoBQUsD+5YWWwu+LULOs9BjkEGpwWLBaaDfOaByRAcUgqssK0OfSXtOdGYW9EptyD9UmWybY=

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 45ms
19ms Image
image/gif 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TORONTOSTAR1&hp=1&wf=1&ra=1&pxm=7&sgs=3&vb=10&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1674843554503&de=666176910138&m=0&ar=67fa5e2a4e8-clean&iw=7b77214&q=2&cb=0&ym=0&cu=1674843554503&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4836894608%3A3108344094%3A6153922256%3A138411970247&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatCURL=wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&zMoatDev=Desktop&zMoatOrigSlicer1=57580740&zMoatOrigSlicer2=21736044861&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&id=1&ii=4&bo=57580740&bd=21736044861&dfp=0%2C1&la=21736044861&gw=torontostar63296366476&fd=1&it=500&ti=0&ih=2&pe=1%3A896%3A1679%3A0%3A1036&iq=na&tt=na&tu=&tp=&fs=201243&na=567590343&cs=0
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 27 Jan 2023 18:19:14 GMT

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame E7BF 43 B
855 B 506ms
186ms Image
image/gif 54.239.33.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Jan 2023 18:19:15 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: V3P7QBF5M5V67GQTXTKH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E7BF
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d600c8ef-2c70-46cd-a66a-55d36b0df7d9&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

121ms
26ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d600c8ef-2c70-46cd-a66a-55d36b0df7d9&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d600c8ef-2c70-46cd-a66a-55d36b0df7d9&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E7BF
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDEULXEG-1Z-FEL7

0
574 B

128ms
56ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDEULXEG-1Z-FEL7
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C2262664B3C04FDEB0EEE7B869D9DA74 Ref B: YTO01EDGE0707 Ref C: 2023-01-27T18:19:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzQucjg99feVJ5lCsQjw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDEULXEG-1Z-FEL7
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E7BF
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aarDlQ4QSuy5zBeqiClk_w&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aarDlQ4QSuy5zBeqiClk_w

43 B
479 B

37ms
37ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aarDlQ4QSuy5zBeqiClk_w

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Jan 2023 18:19:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MK14VE5DBZSC0HBX1PZH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aarDlQ4QSuy5zBeqiClk_w
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5c765cf7d1bd0738e8bf9e7ecb99ef6d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E7BF
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/RKexgQ2_D7E48StyJny0l8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tjeDzlZE2oL_2iPkNtCBC8ocIktSNZA1rRs1Vg--~A

42 B
691 B

103ms
27ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tjeDzlZE2oL_2iPkNtCBC8ocIktSNZA1rRs1Vg--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 27 Jan 2023 18:19:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tjeDzlZE2oL_2iPkNtCBC8ocIktSNZA1rRs1Vg--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7BF
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODBkZmFkOGE0MjkxMzlhYzIwODhhOTA5MWM2ZDUxNTBjMzkwYjk3ZQ

170 B
188 B

39ms
38ms

Image
image/png

142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODBkZmFkOGE0MjkxMzlhYzIwODhhOTA5MWM2ZDUxNTBjMzkwYjk3ZQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODBkZmFkOGE0MjkxMzlhYzIwODhhOTA5MWM2ZDUxNTBjMzkwYjk3ZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E7BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH0fT6EqlZzyMQY9jpWNKbI&google_cver=1

42 B
691 B

121ms
26ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH0fT6EqlZzyMQY9jpWNKbI&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH0fT6EqlZzyMQY9jpWNKbI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7BF
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERFVUxYRUctMVotRkVMNw==

170 B
188 B

40ms
39ms

Image
image/png

142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERFVUxYRUctMVotRkVMNw==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERFVUxYRUctMVotRkVMNw==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5c765cf7d1bd0738e8bf9e7ecb99ef6d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 b
engagefront.theweathernetwork.com/x/ 42 B
309 B 468ms
313ms Image
image/gif 34.120.23.223
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://engagefront.theweathernetwork.com/x/b?data=%7B%22advertiser_org_id%22%3A%2261731269aabe2aa0d6cf5785%22%2C%22event_name%22%3A%2249695385_45a9_4217_b0c5_58934bb70a35%22%2C%22subevent%22%3A%2278386%22%7D
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.23.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 223.23.120.34.bc.googleusercontent.com
Software: TornadoServer/4.2 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:15 GMT
via: 1.1 google
server: TornadoServer/4.2
etag: "d5fceb6532643d0d84ffe09c40c481ecdf59e15a"
p3p: policyref='/static/w3c/p3p.xml', CP='NOI DSP COR DEVa TAIa OUR BUS UNI'
content-type: image/gif
cache-control: max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Fri, 27 Jan 2023 18:19:15 GMT

GET
DATA 200
OK truncated
/ Frame 39AE 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bdff3b34a64235a65b95ffece660ed83c3e6f2ec83ae47ec783bc3a125b7312

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 39AE 0
0 44ms
44ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBiT4RbT9NMQw25SsH319FsAg1QNyxR9W6NjFsjQWpn6wqz2lm1oP75zxtGlqVVKWXNxyeIAPdR64urVjapkTfSs7k7_tMvwb3jdImdJGpu7IYDDWqdXp4vFG_JRmbSizthYEwHhvGbNRsfnz7EBzQUFdjw03xpTWJPJfaMhxvfWA8nG-A9Kb5b2qcs7o01Eu6iXN661OTnDKOSfSQptKbS8DUM1ymFdxEUc574_aVVJyZCQWX5LoEVst2pFWDjXhDhvbUzQa2kMo_BWn3ZpXdTtr2NF2_2tjJpzVXduh_tfx1LoTVfEUyyywIxCyzXZ4_p262ynqJtto-jlgee726DoKqHiQaYCGJtp8V842fCXbpBDkXcoAd_vhrW-ZPcm2z87oRtSqLE1nn&sai=AMfl-YRX8scX5m_21Mv-Rhy416SF3wjez4bnzto3EqL1lzW3q6aJuTAcOZbmwP5_tI9dtotnPwLgiSr5Wuu0xcrAadq7zDCLwt2ca9eUngbRtmqe0S1cXi6-RqJ2TT-mvh6NSPZyE3LFQSBs5pQZzkNN5DE&sig=Cg0ArKJSzJwMG4DBIBbKEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 27 Jan 2023 18:19:14 GMT

GET
H2 200 moatcore.js Show response
z.moatads.com/torontostar63296366476/ Frame 39AE 312 KB
107 KB 19ms
19ms Script
application/x-javascript 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontostar63296366476/moatcore.js
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/torontostar63296366476/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 93c5745f6fff3ae1e1ebfcc5bc98540bb02ac6c1a121a8456cd3020a58c2a337

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 17:32:28 GMT
server: AmazonS3
x-amz-request-id: KCX1GCV27REHTBZ0
etag: "6204144fc241deace889724586df8549"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31097
accept-ranges: bytes
content-length: 108832
x-amz-id-2: 0RHm1r9lJE8TvpAS+uRExrw0sFGVZyhz7asoQunD6lB40Ag+3HHbdDIj5SXCjcTnWBwOBQfQCMA=

GET
H2 200 script.js Show response
sb.freeskreen.com/publisher/ 78 KB
22 KB 238ms
124ms Script
text/html 34.197.86.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.freeskreen.com/publisher/script.js?bai=22&ut=&uts=&p_cust_params=amznbid%253D2%2526amznp%253D2%2526article_b%253Dtrue%2526assetid%253D8881602b-5540-47ef-b9c3-fb98fdfe4cba%2526cutpoint%253Dlarge%2526env%253Dbeta%2526environment%253Dproduction%2526gs_channels%253Dgx_norobots%2526key%253D%2526kvcalais%253D%2526kvng%253Dcontests%252Crules%252Csponsored_content%2526permutive%253Drts%2526pos%253D1%2526prmtvsdk%253Dweb%2526referrer%253Dunknown%2526refresh%253Dfalse%2526registered%253Dno%2526subscribed%253Dno%2526tkspo%253D4&flc=other&slc=&windowlocation=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&usp=&gdpr=-1&cs=-1
Requested by: Host: static.freeskreen.com
URL: https://static.freeskreen.com/ba/22/freeskreen.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.86.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-86-172.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0010a3bf46745b576d8799faf73cf260b9232a6f2614a10a7ea350256935eabc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: gzip
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-length: 22346
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 moatcore.js Show response
z.moatads.com/torontostar63296366476/ Frame D7E3 312 KB
107 KB 19ms
18ms Script
application/x-javascript 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontostar63296366476/moatcore.js
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/torontostar63296366476/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 93c5745f6fff3ae1e1ebfcc5bc98540bb02ac6c1a121a8456cd3020a58c2a337

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 17:32:28 GMT
server: AmazonS3
x-amz-request-id: KCX1GCV27REHTBZ0
etag: "6204144fc241deace889724586df8549"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31097
accept-ranges: bytes
content-length: 108832
x-amz-id-2: 0RHm1r9lJE8TvpAS+uRExrw0sFGVZyhz7asoQunD6lB40Ag+3HHbdDIj5SXCjcTnWBwOBQfQCMA=

GET
H2 200 pixel.gif
px.moatads.com/ Frame D7E3 43 B
274 B 20ms
20ms Image
image/gif 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&d=TORONTOSTAR1%3A57580740%3A21736044861%3A-&de=127741264371&t=1674843554705&i=MOAT_FEATHER_DEBUG1&gw=torontostar63296366476&cm=10&f=0&bq=0&ar=67fa5e2a4e8-clean&iw=311a9ef&dMoatOQs=moatClientLevel1%3D49123500%26moatClientLevel2%3D2966557918%26moatClientLevel3%3D5886863882%26moatClientLevel4%3D138378437674%26moatClientSlicer1%3D57580740%26moatClientSlicer2%3D21736044861%26zMoatSZ%3D2x1%26zMoatMData%3D%26zMoatMMV%3D%26zMoatMGV%3D%26zMoatMSafety%3D&fq=0&sy=0&gh=0&wb=0&g=0&na=1394314640&cs=0
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 27 Jan 2023 18:19:14 GMT

GET
DATA 200
OK truncated
/ Frame D7E3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f2601707c2ed4255a325707f1f3aefe7ca21fc01da11f4485ad56a48d2fcbda

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 19ms
19ms Image
image/gif 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=7&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3113694854849167458&i=TORONTOSTAR1&ol=3599224442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-6ZoJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-4XOvBihjElCFgA%3D%3D&sc=1&os=1-OQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&id=1&ii=4&f=0&j=&t=1674843554503&de=666176910138&cu=1674843554503&m=89&ar=67fa5e2a4e8-clean&iw=7b77214&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A896%3A1679%3A0%3A1036&as=0&ag=33&an=0&gf=33&gg=0&ix=33&ic=33&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=33&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=65&cd=0&ah=65&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4836894608%3A3108344094%3A6153922256%3A138411970247&bo=57580740&bd=21736044861&gw=torontostar63296366476&zMoatOrigSlicer1=57580740&zMoatOrigSlicer2=21736044861&dfp=0%2C1&la=21736044861&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatCURL=wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&zMoatDev=Desktop&dfpSlotId=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-2&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-2&iq=na&tt=na&tu=&tp=&tc=0&fs=201243&na=1504179593&cs=0
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 27 Jan 2023 18:19:14 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 19ms
19ms Image
image/gif 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TORONTOSTAR1&hp=1&wf=1&ra=1&pxm=7&sgs=3&vb=10&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1674843554800&de=556875859351&m=0&ar=67fa5e2a4e8-clean&iw=7b77214&q=5&cb=0&ym=0&cu=1674843554800&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4836894608%3A3108344094%3A6153922256%3A138412070814&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatCURL=wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&zMoatDev=Desktop&zMoatOrigSlicer1=57580740&zMoatOrigSlicer2=21736044861&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&id=1&ii=4&bo=57580740&bd=21736044861&dfp=0%2C1&la=21736044861&gw=torontostar63296366476&fd=1&it=500&ti=0&ih=2&pe=1%3A896%3A1679%3A0%3A1036&iq=na&tt=na&tu=&tp=&fs=201243&na=1563009833&cs=0
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 27 Jan 2023 18:19:14 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame D7E3 43 B
274 B 19ms
19ms Image
image/gif 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&d=TORONTOSTAR1%3A57580740%3A21736044861%3A-&de=127741264371&t=1674843554705&i=MOAT_FEATHER_DEBUG1&gw=torontostar63296366476&cm=10&f=0&bq=0&ar=67fa5e2a4e8-clean&iw=311a9ef&dMoatOQs=moatClientLevel1%3D49123500%26moatClientLevel2%3D2966557918%26moatClientLevel3%3D5886863882%26moatClientLevel4%3D138378437674%26moatClientSlicer1%3D57580740%26moatClientSlicer2%3D21736044861%26zMoatSZ%3D2x1%26zMoatMData%3D%26zMoatMMV%3D%26zMoatMGV%3D%26zMoatMSafety%3D&fq=0&sy=0&gh=0&wb=0&g=1&tc=1&na=2113348755&cs=0
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 27 Jan 2023 18:19:14 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 20ms
18ms Image
image/gif 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=7&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F2619787363394091450&i=TORONTOSTAR1&ol=3599224442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-6ZoJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-4XOvBihjElCFgA%3D%3D&sc=1&os=1-OQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&id=1&ii=4&f=0&j=&t=1674843554800&de=556875859351&cu=1674843554800&m=14&ar=67fa5e2a4e8-clean&iw=7b77214&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6212&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A896%3A1679%3A0%3A1036&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5&cd=0&ah=5&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4836894608%3A3108344094%3A6153922256%3A138412070814&bo=57580740&bd=21736044861&gw=torontostar63296366476&zMoatOrigSlicer1=57580740&zMoatOrigSlicer2=21736044861&dfp=0%2C1&la=21736044861&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatCURL=wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&zMoatDev=Desktop&dfpSlotId=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-10&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-10&iq=na&tt=na&tu=&tp=&tc=0&fs=201243&na=167824918&cs=0
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 27 Jan 2023 18:19:14 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D7E3 0
0 44ms
44ms Fetch
image/gif 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTPktgNf01qbYGtAZY1hOClpnZPd7v_9ns3voFFCR5JLI6v_aUAMftp_3mJ9onrgQJVKMULYmZGtE8maq1kfSPABSabP9e5M0Cg9Z__TUp6jtnnDeMtgZELrDXDOocyOIsREO8IWHBzq6WKynfLXUKk_-S5nHqz_Pokvgwj1Dlwlhd6DsZFm261AD2gptzHO4jesMwS04iXZTRJXLdz4lEPVUMZiKUPYWKtehcjTcUdsz5rDFM5N-0At5vm7mgQFDubu6GZdug0VkCF2bNj89xCkFg-No-C2y3je_64R80zTYJkPRRCbLy8ZZqDPIYUjL8pkojCEqdAw90uZZ31f9L0gMZe4TFc_fyFG1Ke4RtQDHKUp6I8R2KbbP6N2c2FV5hVmCoydk&sai=AMfl-YQShBYL19Eu37UlWGXQf75_ujdHAk62DLwBOjuH3WuA7yd6oYhcwhr48B23jJQRTduHb6PFCo8ycGiu7Z9GorI5fPT06kTHxG7icnspaapEir6lYL6B7ZLO2PV-cPLCECOFQoZMWVjWUuEcJqhCGw&sig=Cg0ArKJSzBxd1cJzTqqoEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 27 Jan 2023 18:19:14 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 19ms
19ms Image
image/gif 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TORONTOSTAR1&hp=1&wf=1&ra=1&pxm=7&sgs=3&vb=10&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1674843554817&de=263469123909&m=0&ar=67fa5e2a4e8-clean&iw=7b77214&q=8&cb=0&ym=0&cu=1674843554817&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=49123500%3A2966557918%3A5886863882%3A138378437674&zMoatSZ=2x1&zMoatMMV_MAX=na&zMoatCURL=wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&zMoatDev=Desktop&zMoatOrigSlicer1=57580740&zMoatOrigSlicer2=21736044861&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&id=1&ii=4&bo=57580740&bd=21736044861&dfp=0%2C1&la=21736044861&gw=torontostar63296366476&fd=1&it=500&ti=0&ih=2&pe=1%3A896%3A1679%3A0%3A1036&iq=na&tt=na&tu=&tp=&fs=201243&na=596576755&cs=0
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 27 Jan 2023 18:19:14 GMT

GET
H/1.1 200
OK ac Show response
ww1772.smartadserver.com/ 2 KB
2 KB 118ms
29ms Script
application/javascript 23.105.12.130
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=9305723349&out=js
Requested by: Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=22&ut=&uts=&p_cust_params=amznbid%253D2%2526amznp%253D2%2526article_b%253Dtrue%2526assetid%253D8881602b-5540-47ef-b9c3-fb98fdfe4cba%2526cutpoint%253Dlarge%2526env%253Dbeta%2526environment%253Dproduction%2526gs_channels%253Dgx_norobots%2526key%253D%2526kvcalais%253D%2526kvng%253Dcontests%252Crules%252Csponsored_content%2526permutive%253Drts%2526pos%253D1%2526prmtvsdk%253Dweb%2526referrer%253Dunknown%2526refresh%253Dfalse%2526registered%253Dno%2526subscribed%253Dno%2526tkspo%253D4&flc=other&slc=&windowlocation=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&usp=&gdpr=-1&cs=-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.130 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: eec64cc1e5caf8f9453cbdd5fa591ead419508677e20afbe0101886f8e77e4fe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: application/javascript; charset=UTF-8
x-smrt-i: 7974420
cache-control: no-cache,no-store

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 182E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

281 B
554 B

35ms
34ms

Document
text/html

104.105.42.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Requested by: Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=22&ut=&uts=&p_cust_params=amznbid%253D2%2526amznp%253D2%2526article_b%253Dtrue%2526assetid%253D8881602b-5540-47ef-b9c3-fb98fdfe4cba%2526cutpoint%253Dlarge%2526env%253Dbeta%2526environment%253Dproduction%2526gs_channels%253Dgx_norobots%2526key%253D%2526kvcalais%253D%2526kvng%253Dcontests%252Crules%252Csponsored_content%2526permutive%253Drts%2526pos%253D1%2526prmtvsdk%253Dweb%2526referrer%253Dunknown%2526refresh%253Dfalse%2526registered%253Dno%2526subscribed%253Dno%2526tkspo%253D4&flc=other&slc=&windowlocation=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&usp=&gdpr=-1&cs=-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-42-146.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.wellandtribune.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 27 Jan 2023 18:19:15 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 27 Jan 2023 18:19:14 GMT
location: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
server: AkamaiGHost

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1
https://sb.freeskreen.com/um?sa=4884833608015776692

43 B
457 B

27ms
27ms

Image
image/gif

34.197.86.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?sa=4884833608015776692
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Server: 34.197.86.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-86-172.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:15 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type: image/gif
cache-control: no-cache, no-store
content-length: 43
expires: -1

Redirect headers

location: https://sb.freeskreen.com/um?sa=4884833608015776692
date: Fri, 27 Jan 2023 18:19:14 GMT
content-length: 0

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
https://sb.freeskreen.com/um?tlr=8a3e5112504c4f22905852e156ba8bc6

43 B
506 B

26ms
26ms

Image
image/gif

34.197.86.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?tlr=8a3e5112504c4f22905852e156ba8bc6
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Server: 34.197.86.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-86-172.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:15 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type: image/gif
cache-control: no-cache, no-store
content-length: 43
expires: -1

Redirect headers

location: https://sb.freeskreen.com/um?tlr=8a3e5112504c4f22905852e156ba8bc6
date: Fri, 27 Jan 2023 18:19:15 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H/1.1 204
No Content smaato
cs.admanmedia.com/sync/ 0
199 B 68ms
19ms Image
text/plain 80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID}

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 27 Jan 2023 18:19:14 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://loadeu.exelator.com/load/?p=204&g=1300&j=0
https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1
https://sb.freeskreen.com/um?ni=3c9d6a631d355030ae98457fff9d54d6

43 B
472 B

26ms
25ms

Image
image/gif

34.197.86.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?ni=3c9d6a631d355030ae98457fff9d54d6
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Server: 34.197.86.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-86-172.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:15 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type: image/gif
cache-control: no-cache, no-store
content-length: 43
expires: -1

Redirect headers

date: Fri, 27 Jan 2023 18:19:15 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sb.freeskreen.com/um?ni=3c9d6a631d355030ae98457fff9d54d6
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 t.gif
sb.freeskreen.com/ Frame F861 43 B
257 B 25ms
25ms Image
image/gif 34.197.86.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/t.gif?tm=1674843554&p=3455&c=5215&ttm=1674843554811&s=&d=&v=&t=b8281d7a-16d1-4f9d-ac02-91878d867689&co=CA&pr=CA-QC&ci=Montreal&dm=GM&flc=other&slc=&e=AdOpened&m=2&x=null
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.86.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-86-172.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:14 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type: image/gif
cache-control: no-cache, no-store
content-length: 43
expires: -1

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 83BA
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
410 B

21ms
20ms

Document
text/html

104.105.42.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: ww1772.smartadserver.com
URL: https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=9305723349&out=js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-42-146.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.wellandtribune.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Fri, 27 Jan 2023 18:19:15 GMT
etag: "40010-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 27 Jan 2023 18:19:15 GMT
location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 182E 34 KB
10 KB 22ms
21ms Script
text/html 104.105.42.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-42-146.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 2838be0b0a0c43f56e928ea13ac850de05e28a8c9ceda176f909674667a02764

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 27 Jan 2023 18:19:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Jan 2023 12:05:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63971
Connection: keep-alive
Content-Length: 10036
Expires: Sat, 28 Jan 2023 12:05:26 GMT

GET
H2

200

um
sb.freeskreen.com/ Frame 182E
Redirect Chain

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=LDEULXEG-1Z-FEL7
https://sb.freeskreen.com/um?mg=LDEULXEG-1Z-FEL7

43 B
546 B

27ms
26ms

Image
image/gif

34.197.86.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?mg=LDEULXEG-1Z-FEL7
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: H2
Server: 34.197.86.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-86-172.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:15 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type: image/gif
cache-control: no-cache, no-store
content-length: 43
expires: -1

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sb.freeskreen.com/um?mg=LDEULXEG-1Z-FEL7
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 38e4f02b0a3578e88f1c1fd47938679e
Expires: 0

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 83BA 34 KB
10 KB 22ms
21ms Script
text/html 104.105.42.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-42-146.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 2838be0b0a0c43f56e928ea13ac850de05e28a8c9ceda176f909674667a02764

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:15 GMT
content-encoding: gzip
last-modified: Fri, 27 Jan 2023 12:05:00 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=63971
content-length: 10036
expires: Sat, 28 Jan 2023 12:05:26 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 83BA
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver&khaos=LDEULXEG-1Z-FEL7
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LDEULXEG-1Z-FEL7

43 B
406 B

167ms
55ms

Image
image/gif

199.187.193.193
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LDEULXEG-1Z-FEL7
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Server: 199.187.193.193 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:15 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LDEULXEG-1Z-FEL7
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ab5e55007c9747024b4f039df5ce6b
Expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5AD8 42 B
404 B 99ms
41ms Fetch
image/gif 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWttCPACk2VF2ERdz4odvm_NP1eTdH_kwKKcES-JJ-ogjY7I05YREBqAB6eARAtdqWV0_8dWO3uI1RJkP9Na46NSGiaCSC7PqYcqigrzY1Hw09VGft&sig=Cg0ArKJSzN9Tn8_bSylEEAE&id=lidar2&mcvt=1000&p=10,436,100,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230125&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2917319533&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674843554198&rpt=223&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Jan 2023 18:19:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 19ms
19ms Image
image/gif 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=7&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTOSTAR1&ol=3599224442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-6ZoJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-4XOvBihjElCFgA%3D%3D&sc=1&os=1-OQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&id=1&ii=4&f=0&j=&t=1674843554503&de=666176910138&cu=1674843554503&m=1052&ar=67fa5e2a4e8-clean&iw=7b77214&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A896%3A1679%3A0%3A1036&as=1&ag=1004&an=33&gi=1&gf=1004&gg=33&ix=1004&ic=1004&ez=1&ck=1004&kw=835&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1004&bx=33&ci=1004&jz=835&dj=1&aa=0&ad=901&cn=0&gk=901&gl=0&ik=901&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=835&cd=65&ah=835&am=65&xd=00&rf=0&re=1&ft=718&fv=0&fw=718&wb=1&cl=0&at=0&d=4836894608%3A3108344094%3A6153922256%3A138411970247&bo=57580740&bd=21736044861&gw=torontostar63296366476&zMoatOrigSlicer1=57580740&zMoatOrigSlicer2=21736044861&dfp=0%2C1&la=21736044861&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatCURL=wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&zMoatDev=Desktop&dfpSlotId=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-2&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-2&iq=na&tt=na&tu=&tp=&tc=0&fs=201243&na=1261237708&cs=0
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 27 Jan 2023 18:19:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 20ms
20ms Image
image/gif 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=7&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTOSTAR1&ol=3599224442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-6ZoJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-4XOvBihjElCFgA%3D%3D&sc=1&os=1-OQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&id=1&ii=4&f=0&j=&t=1674843554503&de=666176910138&cu=1674843554503&m=1053&ar=67fa5e2a4e8-clean&iw=7b77214&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A896%3A1679%3A0%3A1036&as=1&ag=1004&an=1004&gi=1&gf=1004&gg=1004&ix=1004&ic=1004&ez=1&ck=1004&kw=835&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1004&bx=1004&ci=1004&jz=835&dj=1&aa=0&ad=901&cn=901&gk=901&gl=901&ik=901&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=835&cd=835&ah=835&am=835&xd=00&rf=0&re=1&ft=718&fv=718&fw=718&wb=1&cl=0&at=0&d=4836894608%3A3108344094%3A6153922256%3A138411970247&bo=57580740&bd=21736044861&gw=torontostar63296366476&zMoatOrigSlicer1=57580740&zMoatOrigSlicer2=21736044861&dfp=0%2C1&la=21736044861&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatCURL=wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&zMoatDev=Desktop&dfpSlotId=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-2&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-2&iq=na&tt=na&tu=&tp=&tc=0&fs=201243&na=1146905434&cs=0
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 27 Jan 2023 18:19:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 20ms
20ms Image
image/gif 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=7&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTOSTAR1&ol=3599224442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-6ZoJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-4XOvBihjElCFgA%3D%3D&sc=1&os=1-OQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&id=1&ii=4&f=0&j=&t=1674843554503&de=666176910138&cu=1674843554503&m=1054&ar=67fa5e2a4e8-clean&iw=7b77214&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A896%3A1679%3A0%3A1036&as=1&ag=1004&an=1004&gi=1&gf=1004&gg=1004&ix=1004&ic=1004&ez=1&ck=1004&kw=835&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1004&bx=1004&ci=1004&jz=835&dj=1&aa=0&ad=901&cn=901&gk=901&gl=901&ik=901&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=835&cd=835&ah=835&am=835&xd=00&rf=0&re=1&ft=718&fv=718&fw=718&wb=1&cl=0&at=0&d=4836894608%3A3108344094%3A6153922256%3A138411970247&bo=57580740&bd=21736044861&gw=torontostar63296366476&zMoatOrigSlicer1=57580740&zMoatOrigSlicer2=21736044861&dfp=0%2C1&la=21736044861&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatCURL=wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&zMoatDev=Desktop&dfpSlotId=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-2&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-2&iq=na&tt=na&tu=&tp=&tc=0&fs=201243&na=492406298&cs=0
Requested by: Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 27 Jan 2023 18:19:15 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
127 B 135ms
135ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 51d31b3924379e68b9f345a9b9b67b2a0a38a66fcf19fe1fb575cdcc2f14b3bb

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 27 Jan 2023 18:19:15 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.wellandtribune.ca
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 56ms
56ms XHR
application/json 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2d33892eb70ff10ca610ab83dfd2baea81056207b427315ca1f189d8ae553f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11255
x-xss-protection: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 101 KB
39 KB 37ms
37ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57Q9DV2

Requested by

Host: www.wellandtribune.ca
URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a12d033771bd7e767660ea01f24a21fa4d9c8fe1d1e5a455513dfdc2b7ddc1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40183
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Jan 2023 18:19:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 19ms
19ms Image
image/gif 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&pxm=7&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTOSTAR1&ol=3599224442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-6ZoJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-4XOvBihjElCFgA%3D%3D&sc=1&os=1-OQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&id=1&ii=4&f=0&j=&t=1674843554503&de=666176910138&cu=1674843554503&m=1268&ar=67fa5e2a4e8-clean&iw=7b77214&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A896%3A1679%3A6709%3A1036&as=1&ag=1220&an=1004&gi=1&gf=1220&gg=1004&ix=1220&ic=1220&ez=1&ck=1004&kw=835&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1220&bx=1004&ci=1004&jz=835&dj=1&aa=1&ad=1117&cn=901&gn=1&gk=1117&gl=901&ik=1117&co=1117&cp=1036&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1036&cd=835&ah=1036&am=835&xd=00&rf=0&re=1&ft=934&fv=718&fw=718&wb=1&cl=0&at=0&d=4836894608%3A3108344094%3A6153922256%3A138411970247&bo=57580740&bd=21736044861&gw=torontostar63296366476&zMoatOrigSlicer1=57580740&zMoatOrigSlicer2=21736044861&dfp=0%2C1&la=21736044861&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatCURL=wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&zMoatDev=Desktop&dfpSlotId=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-2&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-2&iq=na&tt=na&tu=&tp=&tc=0&fs=201243&na=1548492252&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 27 Jan 2023 18:19:15 GMT

GET
H3 200 __inventory.gif
query.petametrics.com/v1/ 35 B
48 B 42ms
41ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v1/__inventory.gif?ts=1674843555776&jsk=6he57gj8p5ekjagf&jsv=20220926&cu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&item=%7B%22content_tier%22%3A%5B%22free%22%5D%2C%22publisher%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Fniagarafallsreview%22%5D%2C%22published_time%22%3A%5B%222023-01-18T18%3A00%3A00Z%22%5D%2C%22modified_time%22%3A%5B%222023-01-26T21%3A38%3A32.898Z%22%5D%2C%22section%22%3A%5B%22Contests%22%5D%2C%22title%22%3A%5B%22Lots%20O%27%20Prizes%20Contest!%22%5D%2C%22type%22%3A%5B%22article%22%5D%2C%22url%22%3A%5B%22https%3A%2F%2Fwww.wellandtribune.ca%2Fnd%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html%22%5D%2C%22description%22%3A%5B%22SUBSCRIBERS%20HAVE%20A%20CHANCE%20TO%20WIN%20OVER%20%246000%20IN%20PRIZES!%22%5D%2C%22site_name%22%3A%5B%22niagarafallsreview.ca%22%5D%2C%22image%22%3A%5B%22https%3A%2F%2Fimages.thestar.com%2FIndqz_M28KtC61pVrSKigU95kyE%3D%2F0x0%3A1251x1043%2F1280x1024%2Fsmart%2Ffilters%3Acb(1674753364835)%2Fhttps%3A%2F%2Fwww.niagarafallsreview.ca%2Fcontent%2Fdam%2Fniagaradailies%2Fuploads%2F2023%2F01%2F26%2Flotsoprizes-contest-promo-v02-02-0.png%22%5D%2C%22truncatedDescription%22%3A%5B%22SUBSCRIBERS%20HAVE%20A%20CHANCE%20TO%20WIN%20OVER%20%246000%20IN%20PRIZES!%22%5D%2C%22inHouseArticle%22%3A%5B%22false%22%5D%2C%22enableLivechat%22%3A%5B%22false%22%5D%2C%22images%22%3A%5B%22https%3A%2F%2Fwww.stcatharinesstandard.ca%2Fassets%2Fimg%2Fstcatharinesstandard-ribbon.png%22%5D%2C%22noShow%22%3A%5B%22false%22%5D%2C%22enableConversations%22%3A%5B%22false%22%5D%2C%22hasImage%22%3A%5B%22true%22%5D%2C%22abstract%22%3A%5B%22SUBSCRIBERS%20HAVE%20A%20CHANCE%20TO%20WIN%20OVER%20%246000%20IN%20PRIZES!%22%5D%2C%22asset_id%22%3A%5B%228881602b-5540-47ef-b9c3-fb98fdfe4cba%22%5D%2C%22enableLivechatadmin%22%3A%5B%22false%22%5D%2C%22thumbor_image%22%3A%5B%22%7B%5C%22imageid%5C%22%3A%5C%22%5C%22%2C%5C%22origImageSize%5C%22%3A%5C%221251x1043%5C%22%2C%5C%22lastmodified%5C%22%3A1674753364785%2C%5C%22fullWindowMainart%5C%22%3Afalse%2C%5C%22forceoriginal%5C%22%3Afalse%2C%5C%22caption%5C%22%3A%5C%22%20%5C%22%2C%5C%22source%5C%22%3A%5C%22%20%5C%22%2C%5C%22type%5C%22%3A%5C%22image%5C%22%2C%5C%22credit%5C%22%3A%5C%22%20%5C%22%2C%5C%22mainartSize%5C%22%3A%5C%22medium%5C%22%2C%5C%22url%5C%22%3A%5C%22%2Fcontent%2Fdam%2Fniagaradailies%2Fuploads%2F2023%2F01%2F26%2Flotsoprizes-contest-promo-v02-02-0.png%5C%22%2C%5C%22crop%5C%22%3A%5C%220%2C0%2C1251%2C1043%5C%22%7D%22%5D%2C%22last_modified%22%3A%5B%222023-01-26T21%3A34%3A36.088Z%22%5D%7D&ttl=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:15 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 18:19:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C5B7 13 KB
5 KB 21ms
20ms Document
text/html 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wellandtribune.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 17:55:19 GMT
expires: Sat, 27 Jan 2024 17:55:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 500A 783 B
952 B 42ms
41ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

142b54dd20bf8f64819c8159dad11c8d3526f4612f6d45c9add64cf036add70a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VLkrQxs8BEjhEDDmpfsFzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wellandtribune.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-VLkrQxs8BEjhEDDmpfsFzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 18:19:15 GMT
expires: Fri, 27 Jan 2023 18:19:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ndpca2HbatLwKNxS7dvlJFKe5fdM9rHtoHQTHStku2E.js Show response
pagead2.googlesyndication.com/bg/ Frame C5B7 36 KB
14 KB 63ms
20ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ndpca2HbatLwKNxS7dvlJFKe5fdM9rHtoHQTHStku2E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35da5c6b61db6ad2f028dc52eddbe524529ee5f74cf6b1eda074131d2b64bb61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 20:27:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 337925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14214
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jan 2024 20:27:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 500A 0
0 68ms
42ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012601&jk=1939649690493622&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C5B7 0
10 B 20ms
20ms Image
text/plain 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4o3oKg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:19:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012601&jk=1939649690493622&bg=!JCelJ2PNAAZSrDxfcqw7ACkAdvg8Wn2GWbxlbKZn6bL75xC4TR0EklxSbPHzKzGwlTsmgEnPvnEHWAIAAABUUgAAAANoAQcKAEs-mi4_kfeRm1gw_QIwpTRima-ojAU1n-4bhkIq64wK6ICP79Q8HSTmrVpx3iFuEXJBKnwvyCx-1TuQoCimNWS3AAvqawXmLU5nNaKZArUufZTmjlm0NzsIgMMq8Bu6p_xr0MRHO0EZ1pjeycKuTkNGlz1FXKxAtLZm8zm5ffIqXsicXic-fHp0vMWdg-H7tN_zwya42lqB7JItPgqrxp_Dlj9BgZhVpJSEvrTPnVOl73teLOH4DYLAIEZm7fNvvbZ7js970p6ei9IyxEyGLwt0yDYY9Mf3_8a1NyIYa82ckXt-TLzfrVT1DkNxzaP1aAfGOKWyvlKTf-RwCU-YJ9BvJhFxIdyXoVMzNgKFCq1Zy-OmCYQZkrS9Se-txR8LJeQQ1PM3bIc04_o5diWbZ1umoygjr6h-0VsrqxX1fngB6j6c35F7MwNLCpOTR_4lfTljyrNIpKkdnPPqWa3MR4OPeHRTMRcLeBihyL47aHP_grLGMDOLW_BnKnaw6hxkeZFtow01dNOTWL_Dfghzd5I1K3ZXjj5juAMRjN5_ukLVVUUvJ_jUlpp4RYUAxgOJQHnQ9vE6BFp6-BnvrWBn-SMLDELU1-Fupgyq2wBUQpPyIXv3y6L4iWDiPuD2uf38BA5wjFEQRq7_I5djCbRNGdUf6A3rlcuZ5uTxs45NLC7lWLiBmN_IsDWmvt7qgh20_p26Ueftp3KnnQiPtFbs81AAtB3_S2C_IiBY20Kinv5pU9Jgm1DRBe2Qs-teREBIkQ1RSi-MuKagEbXwHCHO8msnoIh2Ky-4c9sv_Duj5-HS28wEV1aQ5bc42X2_ZV7_-MR9HVGl_PV4ZCADK7oqkUb13XBmHd1rVFw82NRCFdzCmcXuuD85201_Su2EhWVgKdM3eNeYm2ULJ55LkhDqTp1tDG3NRMgMLFnSfxxee3szjKGD92KprCegYC41vctIjsTPoWtZxV4_URknRRekbPHfZJ6tmwQx00YoxbqHDPcjzOd58xLC0PHemzOckE4YJLQK6qU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 31ms
30ms XHR
text/plain 20.49.104.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wellandtribune.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Fri, 27 Jan 2023 18:19:18 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 34ms
33ms Preflight
text/html 20.49.104.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.104.19 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.wellandtribune.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Fri, 27 Jan 2023 18:19:18 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 20ms
20ms Image
image/gif 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=4&q=0&ai=4671&wr=4664&hp=1&wf=1&ra=1&pxm=7&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTOSTAR1&ol=3599224442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-6ZoJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-4XOvBihjElCFgA%3D%3D&sc=1&os=1-OQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&id=1&ii=4&f=0&j=&t=1674843554503&de=666176910138&cu=1674843554503&m=4671&ar=67fa5e2a4e8-clean&iw=7b77214&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A896%3A1679%3A6709%3A1036&as=1&ag=4439&an=1220&gi=1&gf=4439&gg=1220&ix=4439&ic=4439&ez=1&ck=1004&kw=835&aj=1&pg=100&pf=100&ib=0&cc=1&bw=4439&bx=1220&ci=1004&jz=835&dj=1&aa=1&ad=4336&cn=1117&gn=1&gk=4336&gl=1117&ik=4336&co=1117&cp=1036&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4471&cd=1036&ah=4471&am=1036&xd=00&rf=0&re=1&ft=4153&fv=934&fw=718&wb=2&cl=0&at=0&d=4836894608%3A3108344094%3A6153922256%3A138411970247&bo=57580740&bd=21736044861&gw=torontostar63296366476&zMoatOrigSlicer1=57580740&zMoatOrigSlicer2=21736044861&dfp=0%2C1&la=21736044861&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatCURL=wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&zMoatDev=Desktop&dfpSlotId=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-2&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-2&iq=na&tt=na&tu=&tp=&tc=0&fs=201243&na=1644340808&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 27 Jan 2023 18:19:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 20ms
19ms Image
image/gif 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=4&q=0&ai=4671&wr=4664&hp=1&wf=1&ra=1&pxm=7&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTOSTAR1&ol=3599224442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-6ZoJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-4XOvBihjElCFgA%3D%3D&sc=1&os=1-OQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&id=1&ii=4&f=0&j=&t=1674843554800&de=556875859351&cu=1674843554800&m=4375&ar=67fa5e2a4e8-clean&iw=7b77214&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6212&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A896%3A1679%3A6709%3A1036&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4220&cd=5&ah=4220&am=5&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4836894608%3A3108344094%3A6153922256%3A138412070814&bo=57580740&bd=21736044861&gw=torontostar63296366476&zMoatOrigSlicer1=57580740&zMoatOrigSlicer2=21736044861&dfp=0%2C1&la=21736044861&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatCURL=wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&zMoatDev=Desktop&dfpSlotId=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-10&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-10&iq=na&tt=na&tu=&tp=&tc=0&fs=201243&na=480167876&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 27 Jan 2023 18:19:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 20ms
19ms Image
image/gif 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=7&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTOSTAR1&ol=3599224442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-6ZoJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-4XOvBihjElCFgA%3D%3D&sc=1&os=1-OQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&id=1&ii=4&f=0&j=&t=1674843554503&de=666176910138&cu=1674843554503&m=5090&ar=67fa5e2a4e8-clean&iw=7b77214&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A896%3A1679%3A6709%3A1036&as=1&ag=5042&an=4439&gi=1&gf=5042&gg=4439&ix=5042&ic=5042&ez=1&ck=1004&kw=835&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5042&bx=4439&ci=1004&jz=835&dj=1&aa=1&ad=4939&cn=4336&gn=1&gk=4939&gl=4336&ik=4939&co=1117&cp=1036&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4873&cd=4471&ah=4873&am=4471&xd=00&rf=0&re=1&ft=4756&fv=4153&fw=718&wb=2&ai=4671&wr=4664&cl=0&at=0&d=4836894608%3A3108344094%3A6153922256%3A138411970247&bo=57580740&bd=21736044861&gw=torontostar63296366476&zMoatOrigSlicer1=57580740&zMoatOrigSlicer2=21736044861&dfp=0%2C1&la=21736044861&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatCURL=wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&zMoatDev=Desktop&dfpSlotId=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-2&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-2&iq=na&tt=na&tu=&tp=&tc=0&fs=201243&na=1063486457&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 27 Jan 2023 18:19:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 19ms
19ms Image
image/gif 23.206.218.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=7&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTOSTAR1&ol=3599224442&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-6ZoJRKfKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-4XOvBihjElCFgA%3D%3D&sc=1&os=1-OQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&id=1&ii=4&f=0&j=&t=1674843554800&de=556875859351&cu=1674843554800&m=5230&ar=67fa5e2a4e8-clean&iw=7b77214&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6212&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A896%3A1679%3A6709%3A1036&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5024&cd=4220&ah=5024&am=4220&xd=00&rf=0&re=1&wb=1&ai=4671&wr=4664&cl=0&at=0&d=4836894608%3A3108344094%3A6153922256%3A138412070814&bo=57580740&bd=21736044861&gw=torontostar63296366476&zMoatOrigSlicer1=57580740&zMoatOrigSlicer2=21736044861&dfp=0%2C1&la=21736044861&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatCURL=wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&zMoatDev=Desktop&dfpSlotId=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-10&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-large-contests-2023-01-wt-lots-o-prizes-contest-hub-10&iq=na&tt=na&tu=&tp=&tc=0&fs=201243&na=1259380617&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.218.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-218-21.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 27 Jan 2023 18:19:20 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 27 Jan 2023 18:19:20 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 73ms
25ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1674843560063&plid=31337453&idsite=wellandtribune.ca&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%22%22%2C%22_scrollIncrement%22%3A1%2C%22_scrollMethod%22%3A%22setinterval%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A6212%2C%22_trustBar%22%3A3699%7D&sid=1&surl=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&sref=&sts=1674843553115&slts=0&title=Lots+O%27+Prizes+Contest!+%7C+wellandtribune.ca&date=Fri+Jan+27+2023+18%3A19%3A20+GMT%2B0000+(GMT)&action=_scroll&pvid=91688637&u=pid%3D20cf132b905142d1e198d98ec56017ed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.wellandtribune.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 27 Jan 2023 18:19:20 GMT
Cache-Control: no-cache
Last-Modified: Friday, 27-Jan-2023 18:19:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET __activity.gif
query.petametrics.com/v3/6he57gj8p5ekjagf/7d57b5b1-6edf-4367-baec-398adc440813/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/openrtb2/auction

Domain: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/openrtb2/auction

Domain: query.petametrics.com
URL: https://query.petametrics.com/v3/6he57gj8p5ekjagf/7d57b5b1-6edf-4367-baec-398adc440813/__activity.gif?e=stuck_10s&ct=Lots+O%27+Prizes+Contest!&ccu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&tspl=11564&blst=1007&ist=1559&iet=1563&bdst=1008&bdet=1199&bcttt=20&jsfv=nbc&ts=1674843560618&jsk=6he57gj8p5ekjagf&jsv=20220926&cu=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&uid=7d57b5b1-6edf-4367-baec-398adc440813&sid=a7956d33-bb49-4c7e-f829-5aaf9d585427&pvid=3ef0e8cc-2049-46e9-de03-adebc9a94e4b&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.119+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=null&source=null&sdk=bc-pixel

Verdicts & Comments Add Verdict or Comment

240 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bc.wellandtribune.ca/DG/DEFAULT	1970-01-20 18:50:03	Name: BCSessionID Value: 56f9a5fd-ff2c-40c9-bed2-14dd2a77f9c5
torstar.blueconic.net/DG/DEFAULT	1970-01-20 17:59:39	Name: BCSessionID Value: 56f9a5fd-ff2c-40c9-bed2-14dd2a77f9c5
.wellandtribune.ca/	1970-01-20 18:01:05	Name: _vwo_uuid_v2 Value: DA79C4897490BF56EA4377EC6B054B45A\|803c7cb13973ac08f300c3f91c229190
www.wellandtribune.ca/	1970-01-20 17:59:39	Name: last_visit_bc Value: 1674843549634
.wellandtribune.ca/	1970-01-20 17:59:39	Name: bc_tstgrp Value: 4
.wellandtribune.ca/	1970-01-20 13:34:41	Name: permutive-id Value: 568e52a1-5846-4ca0-bd0b-dbabb8e5b49c
.wellandtribune.ca/	1970-01-20 11:38:03	Name: _vis_opt_s Value: 1%7C
.wellandtribune.ca/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.wellandtribune.ca/	1970-01-20 18:50:03	Name: _vwo_uuid Value: DA79C4897490BF56EA4377EC6B054B45A
.wellandtribune.ca/	1970-01-20 09:14:05	Name: _vwo_sn Value: 0%3A1
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/	1970-01-20 11:23:39	Name: pxid Value: af044ff4-3191-49f1-8628-6dcb5f8ddbb2
.wellandtribune.ca/	1970-01-20 11:23:39	Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A0%241674843549%3A29.83610308%3A%3A%3A3_0%2C2_0%3A0
www.wellandtribune.ca/	1970-01-20 09:57:15	Name: AccessToken Value: idv2ldeulu87n4ruh2j8ksijzj5tfufj3o
www.wellandtribune.ca/	1970-01-20 09:57:15	Name: _pbjs_userid_consent_data Value: 3524755945110770
.scorecardresearch.com/	1970-01-20 18:50:03	Name: UID Value: 198a24f15a23069f5fc48b31674843550
www.wellandtribune.ca/	1969-12-31 23:59:59	Name: _igt Value: a7956d33-bb49-4c7e-f829-5aaf9d585427
www.wellandtribune.ca/	1970-01-20 17:59:39	Name: _ig Value: 7d57b5b1-6edf-4367-baec-398adc440813
www.wellandtribune.ca/	1969-12-31 23:59:59	Name: userSegmentLogin Value: false
.wellandtribune.ca/	1970-01-20 18:50:03	Name: _ga Value: GA1.2.735371051.1674843551
.wellandtribune.ca/	1970-01-20 09:15:29	Name: _gid Value: GA1.2.167804481.1674843551
.wellandtribune.ca/	1970-01-20 09:14:03	Name: _gat_UA-73335503-1 Value: 1
.wellandtribune.ca/	1970-01-20 09:14:03	Name: _gat_UA-114875189-1 Value: 1
www.wellandtribune.ca/	1970-01-20 17:59:39	Name: selectedPersonalizedCategories Value: []
www.wellandtribune.ca/	1970-01-20 17:59:39	Name: personalizedListModeEnabled Value: true
www.wellandtribune.ca/	1969-12-31 23:59:59	Name: latestContentTier Value: 0
www.wellandtribune.ca/	1970-01-20 17:59:39	Name: rememberMeML Value: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html
.woobox.com/	1970-01-20 09:15:29	Name: 4ijhj7_pastviews Value: offer
.woobox.com/	1970-01-20 09:15:29	Name: 4ijhj7_visit Value: 1
.wellandtribune.ca/	1970-01-20 09:14:05	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html%22%2C%22sref%22:%22%22%2C%22sts%22:1674843553115%2C%22slts%22:0}
.wellandtribune.ca/	1970-01-20 18:43:27	Name: _parsely_visitor Value: {%22id%22:%22pid=20cf132b905142d1e198d98ec56017ed%22%2C%22session_count%22:1%2C%22last_session_ts%22:1674843553115}
.wellandtribune.ca/	1970-01-20 11:23:39	Name: _fbp Value: fb.1.1674843553175.130299356
www.wellandtribune.ca/	1969-12-31 23:59:59	Name: BCSessionID Value: 56f9a5fd-ff2c-40c9-bed2-14dd2a77f9c5
torstar.blueconic.net/	1970-01-20 09:24:08	Name: AWSALBCORS Value: VDHmtHGool+R/1B9w4OW4tNLUx55LQntx9kNJKQWJ+ZPlntqN7BsJeHdaAjIrP+wIL0S0B+PQJoFFJYhJBwxdbmDb9sCMzzPMFNqBNIuUZglCl9bS/yzD3OMV8E0
.demdex.net/	1970-01-20 13:33:15	Name: demdex Value: 12400270736168246941448042300693980893
.wellandtribune.ca/	1969-12-31 23:59:59	Name: __psid Value: 1674843553407
.wellandtribune.ca/	1969-12-31 23:59:59	Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 17:59:39	Name: everest_g_v2 Value: g_surferid~Y9QVoQAAABpKeAN2
.wellandtribune.ca/	1970-01-20 18:50:03	Name: s_ecid Value: MCMID%7C12408685775456223961447203200906820823
.dpm.demdex.net/	1970-01-20 13:33:15	Name: dpm Value: 12400270736168246941448042300693980893
.wellandtribune.ca/	1970-01-20 18:50:03	Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 179643557%7CMCIDTS%7C19385%7CMCMID%7C12408685775456223961447203200906820823%7CMCAAMLH-1675448353%7C9%7CMCAAMB-1675448353%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1674850753s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19392%7CvVersion%7C5.5.0
bc.wellandtribune.ca/	1970-01-20 09:24:08	Name: AWSALB Value: H8xBX1rbfVkCPrKkHu8cffsF1kj59cgZCMXaAt4qo5CEpbp0Pyb+/Q8YImi5mDVdXUtbWZ9fGTiRA5XrUxl2QUhUxwA4ypYhbGADtAbiESQnKcg80LzN67lGhtrG
bc.wellandtribune.ca/	1970-01-20 09:24:08	Name: AWSALBCORS Value: H8xBX1rbfVkCPrKkHu8cffsF1kj59cgZCMXaAt4qo5CEpbp0Pyb+/Q8YImi5mDVdXUtbWZ9fGTiRA5XrUxl2QUhUxwA4ypYhbGADtAbiESQnKcg80LzN67lGhtrG
.wellandtribune.ca/	1970-01-20 11:23:39	Name: _gcl_au Value: 1.1.905774472.1674843554
.amazon-adsystem.com/	1970-01-20 15:09:44	Name: ad-id Value: A-5LGuBtQUQetFR-NbpL2uc
.amazon-adsystem.com/	1970-01-20 18:50:03	Name: ad-privacy Value: 0
.openx.net/	1970-01-20 17:59:39	Name: i Value: 913e0d70-7110-08df-16df-2c668029ab61\|1674843554
.openx.net/	1970-01-20 09:35:39	Name: pd Value: v2\|1674843554\|vMgakWgyiK
.sharethrough.com/	1970-01-20 09:57:15	Name: stx_user_id Value: b3101338-6dd8-42c1-932f-102bfecd1b4f
.adnxs.com/	1970-01-20 11:23:39	Name: uuid2 Value: 9170963943015918012
.analytics.yahoo.com/	1970-01-20 17:59:39	Name: IDSYNC Value: 18y3~29nu
.yahoo.com/	1970-01-20 18:00:01	Name: A3 Value: d=AQABBKIV1GMCEK3VgTj6bAd4bwjt3ofxPPMFEgEBAQFn1WPdYwAAAAAA_eMAAA&S=AQAAAm8wa_e8Vf9dtROWlQjD_gs
.doubleclick.net/	1970-01-20 18:50:03	Name: IDE Value: AHWqTUnyHQIEl6vpkGp4kZtyMQCP7NGaAUGTEZmpMDAd2eH9soFUQUw7XLg6HFqWTUw
.openx.net/	1970-01-20 09:35:39	Name: univ_id Value: 537072971\|5a239b24-4623-4fc0-944c-33debdf9cf5b\|1674843554329756
.adsrvr.org/	1970-01-20 17:59:39	Name: TDID Value: d600c8ef-2c70-46cd-a66a-55d36b0df7d9
.wellandtribune.ca/	1970-01-20 09:57:15	Name: s_nr Value: 1674843554373-New
.wellandtribune.ca/	1970-01-20 17:59:39	Name: s_nr2 Value: 1674843554375-New
.wellandtribune.ca/	1969-12-31 23:59:59	Name: s_cc Value: true
.rubiconproject.com/	1970-01-20 17:59:39	Name: khaos Value: LDEULXEG-1Z-FEL7
.doubleclick.net/	1970-01-20 09:14:04	Name: test_cookie Value: CheckForPermission
.33across.com/	1970-01-20 17:59:39	Name: 33x_ps Value: u%3D212088455594955%3As1%3D1674843554397%3Ats%3D1674843554397
.wellandtribune.ca/	1970-01-20 18:35:39	Name: __gads Value: ID=671be81cd9b5dce6:T=1674843553:S=ALNI_MZCBVL6gYYfyw3DI81Os92ts5xkMA
.wellandtribune.ca/	1970-01-20 18:35:39	Name: __gpi Value: UID=000009940aa44ef1:T=1674843553:RT=1674843553:S=ALNI_MZ_bq3lHGk2wL7Va-y5FSjF9dcWvg
.adsrvr.org/	1970-01-20 17:59:39	Name: TDCPM Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIwtzN8aCnwDsQBRIWCgdydWJpY29uEgsIsNSt9KCnwDsQBRgFIAIoAjILCJj-lZ63p8A7EAU4AQ..
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:59:39	Name: bcookie Value: "v=2&d7b2ba0a-7a3d-4fa1-8985-6b53cb1bb0fc"
.linkedin.com/	1970-01-20 09:15:29	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2569:u=1:x=1:i=1674843554:t=1674929954:v=2:sig=AQEgqjcrgOYcZaIRVxbsYmXhUVD2Rhgk"
.freeskreen.com/	1970-01-20 09:24:08	Name: a Value: NTIxNT0xfHw7NDAzNT0xfHw7
.smartadserver.com/	1970-01-20 17:59:39	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 104685=5297419
.smartadserver.com/	1970-01-20 17:59:39	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 17:59:39	Name: pid Value: 4884833608015776692
.smartadserver.com/	1970-01-20 09:15:29	Name: sasd2 Value: q=%24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0&c=1&l=1501522464&lo=384595258&lt=638104403550582320&o=1
.smartadserver.com/	1970-01-20 09:15:29	Name: sasd Value: %24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0
.exelator.com/	1970-01-20 12:06:51	Name: EE Value: "3c9d6a631d355030ae98457fff9d54d6"
.exelator.com/	1970-01-20 12:06:51	Name: ud Value: "eJxrXxzq6XKLQcE42TLFLNHM2DDF2NTUwNggMdXSwsTUPC0tzTLF1CTFbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAckl%252BUWb6ImfHxUUpaQyLSopPBR%252F6ZQUAlU0qaQ%253D%253D"
.tremorhub.com/	1970-01-20 18:00:00	Name: tvid Value: 8a3e5112504c4f22905852e156ba8bc6
.tremorhub.com/	1970-01-20 09:21:15	Name: tvssa Value: 1674843555228
.freeskreen.com/	1970-01-20 09:24:08	Name: scmtid Value: dGxyaWQ9OGEzZTUxMTI1MDRjNGYyMjkwNTg1MmUxNTZiYThiYzZ8MTY3NDg0MzU1NTI1NSZzY21pZD1hYWllZmZkZWllaGdiYnpZakp6Mlg4WXwxNjc0ODQzNTU0ODAwJm1naWQ9TERFVUxYRUctMVotRkVMN3wxNjc0ODQzNTU1NTI1Jm5pZD0zYzlkNmE2MzFkMzU1MDMwYWU5ODQ1N2ZmZjlkNTRkNnwxNjc0ODQzNTU1MjIz
.rubiconproject.com/	1970-01-20 17:59:39	Name: audit Value: 1\|ZSybN7mRk/TkCbD7b5tqvmTDxxFL2LMaKlLh40B6M+YeECEUBMheiiJwLuzOzskZPxZjw8niTrrqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.smartadserver.com/	1970-01-20 17:59:39	Name: csync Value: 104:LDEULXEG-1Z-FEL7

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html(Line 166) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&random=0.6703922320046525, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html(Line 166) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&random=0.6703922320046525, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&random=0.6703922320046525(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-f24de6bee43efa9e101c31fd5cdbab70.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&random=0.6703922320046525(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-f24de6bee43efa9e101c31fd5cdbab70.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.wellandtribune.ca%2Fcontests%2F2023%2F01%2Fwt-lots-o-prizes-contest.html&random=0.6703922320046525(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-c661412bfd70b46b895604931a6b2eb7.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html(Line 184) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.wellandtribune.ca/contests/2023/01/wt-lots-o-prizes-contest.html(Line 184) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-f24de6bee43efa9e101c31fd5cdbab70.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-f24de6bee43efa9e101c31fd5cdbab70.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10230056.fls.doubleclick.net
79587f69b5f37fdc5ef5ffc55bbfd9d3.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
adserver.pressboard.ca
adservice.google.ca
adservice.google.com
ajax.googleapis.com
api.parsely.com
api.permutive.com
bc.wellandtribune.ca
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
btloader.com
c.amazon-adsystem.com
cdn.parsely.com
cdn.petametrics.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
cs.admanmedia.com
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5phz18u4wuww.cloudfront.net
dev.visualwebsiteoptimizer.com
dpm.demdex.net
elb.the-ozone-project.com
engagefront.theweathernetwork.com
eus.rubiconproject.com
googleads.g.doubleclick.net
ib.adnxs.com
images.thestar.com
loadeu.exelator.com
match.adsrvr.org
match.sharethrough.com
offertabs.s3.amazonaws.com
p1.parsely.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
pixel.thestar.com
pr-bh.ybp.yahoo.com
prebid.the-ozone-project.com
px.ads.linkedin.com
px.moatads.com
query.petametrics.com
resources.thestar.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.wellandtribune.ca
sb.freeskreen.com
sb.scorecardresearch.com
scm.publishers.tremorhub.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
send.metroland.com
sr.studiostack.com
ssc-cms.33across.com
static.freeskreen.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.smartadserver.com
token.rubiconproject.com
torontostarnewspaperslimited.demdex.net
torstar.blueconic.net
torstar.gscontxt.net
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
woobox.com
ww1772.smartadserver.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.thestar.com
www.wellandtribune.ca
z.moatads.com
elb.the-ozone-project.com
query.petametrics.com
104.105.42.146
108.138.115.22
108.138.124.226
108.139.38.143
129.158.208.173
13.225.223.81
13.226.36.70
13.32.207.222
13.33.60.111
142.250.80.70
142.251.40.130
15.197.193.217
151.101.66.49
151.139.128.10
18.164.101.60
18.164.116.67
18.164.116.90
18.238.4.119
199.187.193.185
199.187.193.193
20.49.104.19
213.19.162.90
23.105.12.130
23.206.218.21
2600:1f18:1430:9000:71fb:550e:293a:404e
2600:1f18:4e9:5a07:d5b4:f192:17b5:1772
2600:1f18:612b:4280:9bef:d70a:e5d1:1a8d
2600:9000:2209:d800:18:681a:6f40:93a1
2600:9000:23cb:e800:16:970:b940:93a1
2606:4700:20::681a:78b
2606:4700::6812:1af
2607:f8b0:4004:c1b::9b
2607:f8b0:4006:808::2001
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81d::2002
2607:f8b0:4006:820::200a
2607:f8b0:4006:822::2003
2620:1ec:21::14
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.218.90.66
3.229.16.82
34.107.254.252
34.120.23.223
34.197.86.172
34.216.93.162
34.96.102.137
34.98.64.218
35.169.28.192
35.173.104.42
35.190.14.224
35.241.9.51
44.212.203.26
52.0.156.250
52.205.167.202
52.44.199.107
52.46.155.104
52.85.61.19
52.88.128.19
54.231.230.241
54.239.33.159
63.140.38.139
67.202.105.22
68.67.160.76
69.173.151.100
70.33.236.110
8.39.36.141
8.43.72.97
80.77.87.161
0010a3bf46745b576d8799faf73cf260b9232a6f2614a10a7ea350256935eabc
006273b397853b9db3a31f7329a15f93f49de3a43bf827b601118778c1184705
0432ec46805ad8fe6a8071a5c50f4a3d51212f36300e56ed2df0c45d5c00da8f
057fe4dd7645567909220c75608857b0b28f7703fd808a202dc5e5efb6a5cf84
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0700bd1440f534716f8bc71d8cedbeb8eb39fb771651818b0091131960783e8a
084a02c1e44e77a00d52a22de4b659a58f488162ced9165c865baf77b231b303
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
0a12d033771bd7e767660ea01f24a21fa4d9c8fe1d1e5a455513dfdc2b7ddc1c
0adbf12bcaa48a21c46e7258b03e749ce2cb3b2bb229ad92b9c75b07640fa401
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cb5a42cc68d0195db3907eca56d474f13eb308fddbf31bc8493c504e7772111
0da717836db275560f8005dd2e9b1c3f3a54e8599a79a84fe30fdc9dc1a2a5f3
0e01737eada003a4bea056f9774866e858bb1e334807d7644ea5cfa5b90e98ee
102a5436fe6b2fe8e6fc14299bd2b58f65e8bd5037191e1ee2eec1ae44657a7d
1131756bbc6a908393c40fce0ba48888b62475c16b26de4072a1a1467ee8a1b8
142b54dd20bf8f64819c8159dad11c8d3526f4612f6d45c9add64cf036add70a
156ec2f9806700af6469e099df1274d00e53c8d8f5d5302f7cef217d9fc03d0f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1afa95668cd4a4486911581ad6e2e5fca5c291a4617ca402ebfba817e7e02b2c
1c12fbcb5deba7f265920a35b60cd201ade4930366dfc33dd6fd9f0943212980
234b62981bb720b4351fb77f137ce0aeda66b35ba738056e87f33449cb882d80
24758dee06483ee86fb9d0a393ba368faa19154bdd8659c9de20794afa488f8a
25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066
2609725a606791c7a6a552936684ab1aaf9c1f1a1425107771ba7a56f22708bb
27eb87df8f4eb3164ad81ff266aed79d50a33f6869c249ee27ac80ad0c1e3dc2
2838be0b0a0c43f56e928ea13ac850de05e28a8c9ceda176f909674667a02764
2ae66856cf0900759f51b164e42196336e62ef8addb4390a077a80c57fe11b4c
2bbdbddf897ead2d7343230faef4923919d1e467d6c772c325d7193371842c2b
2bcfef8a2a9fa224535304fb693a3c009c23478165f8b0c1cae581e301e36ecc
2d62f94b9d935ef6706803a75b3c71b512ead3a7efbc3e03f69d203661762df6
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
2d7b76ec15b0f7f9aac83017cc54fe3a704128a66364313366661cbd95849295
2dbf2f018be859838890bcc1fc0696c7ec7962b10169bdaf5ef9d91ea408f99d
2e3db724b393f39920a94a2ab7767929530374d8b52c18830bba21fbd9c91483
2eba071154ddc365dcb29a67f28c494cc630a361b7a1e7741aee8f49303f98a2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
35da5c6b61db6ad2f028dc52eddbe524529ee5f74cf6b1eda074131d2b64bb61
37235f382c01fe85cc514781ff34920d56d1953216cfd534cd84a7bcfef54079
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
382deffa886ab0402adef5293de9607e87ebb375733e001bc730a1ca300d808a
3a0f9dd242db7661773294988424e49d1fd34934f461cdd9c2a9beeba4688f83
3c46f680e735ccae23f9109b955da2e1f7dc3d369a531d9526bdf70b5c529df3
3e48fd9ae38d0a8744d6da1841c7d40da89c55a121d27e05796502771fb1683a
3e54047a5de69628d87570753a0bfbcae01a1375bc54d1b3819751e211b602b9
3f6aa8c3f26b9c05eccbc5cb9ab359c98c6654f70bba02818713ced398269627
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40942ad28aee88edfa476b3e818b2d9467a476a5a858d06b3393100b3e23aab1
4192de6c04e898bd9ac677f90692efc8eb97a17ac364b76d8e52b2b166722da6
42dd18e2bc8f3b49a82ce626d2208108737a8100c6639b6f4c86748d83c56856
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
4519bea38d2de57dc352c525f1d56913e49987cf1d266c8dc5e6e94b29200aa4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
478e6af52fb68e56ea81b5b785d63530428644c5f656abef360da891644c3243
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49a05b9d1841351cdb27b23f4e277f16627e32e0a68dc3b45697232be14ff74a
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
4c7ee67a4a7168b8dea0055b9fa4b364a6967b7c694b733519e3b4756d272a46
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e070e45b6c1ce870087c46a091ee24f14b4658e472e5e8d5551df370ef2446a
4eb694025228719a6abc8d1f513652c494737f09fde34ba3bbf75fcc54a50974
4f9d9905ff86ac06315b0c0cb46fd1d6465b82c8629c076b7ebc5d488b9480ad
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
51d31b3924379e68b9f345a9b9b67b2a0a38a66fcf19fe1fb575cdcc2f14b3bb
5262542bd8bcb8b1fd2f1ca9858ec8ead6d37762b0f5bd42a910a3e5fee84073
53f4fc10e6fa7efccc7da9186a8a47ec597d45148b7a437387c986d2c0cde22a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c
583a8735e8714c413ee3ef9baa78afe76f3df8b9c0f8c787f29e78f8f388eb06
58df7a35860df4afadd0caa7d7df92a287d5a2ce2f8b6785c65a0659d1a608dd
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59c0367321c919d9a416b5aecd4c9ca790fd1cd0f3811855f98f1d65ae5c17c6
5b23d8ec3a50a2c5b10adaf75d3accff39dc42c6dda20ae38303d05e8dbfa219
5e4254a8d6b170c80c85ea1b72f78feb735b9a598bc8204bc90b224bc14580f1
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
609bf78678197937d024c8c1cda3d194f611f9b8a86f4950b88574436218eec4
6118aab3972757bc62c6e4c730c32154718c63b74cffc6c66733af493c730139
619b3c92561d35009c581330df4891b2a1f924726226b06bcf4455cd1de1f132
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
64ff84ee18031a15c2fdc0deb9d28cb2d2dd09b5f8d63abde1a8c092549e61d4
66cf2e301a65fc93affc7c283e1edf3d3c8eec658798105a894e577e1c0569ec
6707bbab4dbba0ac7fce42d70d1a036d37a9e2fbeb320156e9d960e193c1d6c9
682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
6c7ebcd7cee0f6b7621217f982c07373a3b5fc916d430ddbac06490e46ae4913
6d96ff715872001a82d995f03b85910c1ec897405a9dc45f73a2a449602fd362
6dddc55df57229855f47c60136472783ee679641d4f5ddefdf5708f88ee078da
6e2d933581137289d632cfd0525c8ff37232a4012e313903e31dd11dec911725
7126503d0b1308543125891e317ccdb35d86f414c5d9602cacf7b9c84d896ff4
754023a7784a05314c8cdb02b50e16026fe973f426b7b29ad5efc0956282b1ba
7778b037832318135d28c4b9d0ae89b5771f42d65153dce47de11a5ef5ca42f0
785cc4e92ca0e7fe5226fe1b4138ee1c102f484b4731a9d8998d16a170fd3537
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7b05ee7daaed99de5a81ba0c9ed1e49e36d42600e1385a886518a35a479709a6
7bb05bc0a6f02c90de52b1a2600ee3524a379b0a1bc01b14079b2c19371c1af1
7bdff3b34a64235a65b95ffece660ed83c3e6f2ec83ae47ec783bc3a125b7312
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c63888d02b9bade3b9f57dfa3f0d159fcab60c8ca12817bda4b707c937aae35
7ce178af824bed9686b5ed94787b681bc6eba378967a7189420fd0f38e161b01
7e909e483f6dce0ad2a220362b5a389622f5fa115230bb89e6407ad8272efa94
7f2601707c2ed4255a325707f1f3aefe7ca21fc01da11f4485ad56a48d2fcbda
7fb7b844173d86b8a4cc54bb68f9e676d426f59b9b011649b492856bdcb4dc0d
816ddcea429a59d80eacb9d0396c05c1158ab6b4148c71512059309a9afd1cf5
81be5fdf7574778e05b5063c0e70fcf7f5d05e4027f599210524ec1614f72407
82d9527ad6efbc1540811e523c1d52d437e3ddeb5dc577fa9417b1dc07ff0426
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85ce5a2dda877b43ebab78a04b2de60f5982b641f2b42ea1c95267858d19c988
860572b2c9befd8d62c9f3219caec377b5e4eb0c1110676a1e9b3ca3522b16a0
866cabc02a7d7af3ebd3fc316482d74412b7c5082213db5222c1ce34af013d7e
86bf345379db4ccfe9b91b80832dd9c9830351b23d1afbe7122660f28e67a1a1
8837db0462a83206559a9d97063973242a263f311f13caf5aa7f4a24f217b606
89bfdfa1a555fc4048aabd08e06d5851e7cbc02dd9d48b73e491434e7fa23963
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ace01e5d24f154714cc487d6a2def8bef2feb5ab1cc59913854fb67220e6bf6
8bba9449f664ef587b3f14043552b6e79a2a86547ffd0bf0047499b712f819b5
8d58078f3b8ab019aa085a932f9c8cce9e6d7ac2051943525897daf2f7d587e1
8d95863c406c7c9dd8d08a0ef19a5110f5bee4ff90ed321f5833f366c9db2c63
8df00eec032790021597a4e83a08c313dfa9f323b33cdbf459905386a3aad9a0
9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623
9275313f8b5f0db6885ff9a8ae4ab7feeef3ff9aa4ecf76347a45db88a293b14
93c5745f6fff3ae1e1ebfcc5bc98540bb02ac6c1a121a8456cd3020a58c2a337
944b64be259500aed1c70ae813d267675b613d619b48b715cbe27fccf8c59a37
9474557b14923e78c9b0b7b44bccd0d7018187fb0150095946932a071f155933
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
94b24e2d65b0155b654cf6e21b55259f171982406f9da1f0d4c03840e9e10777
95ad3ceef234eec1bb7fe0cbe418ad503c1a3264198cf05cc195575705ea71af
960169e1ef6dac92caa3bdabe8369489f61449ec651f443034378d833c8be161
96bce0dc390de0439f3bb050107878d05765f4ad3632340aa63e610955462ce3
97a8cb323b800e312421b5f10b9292a19c964f2de15e15703bbed583e1d78639
99c2257ab0c877ef811c0dde48d17bfb2cf1f1a5bd5bc6a9e9a7f4a114f4df3c
9cc3fc5d0df8f9e0d0504a99ed3e14f01d5aa7d2538415828689183b3920dcae
9cd87dc511a1f132a0690fce2149a427e8075eaee076ca59a6efff3a9dd94329
9dd353d3cb4c4bc3fcc11e7f27efc692854c9393d6221271b3aef3385ad6293c
9f6cda1f3ead995f6780699cb20e58f1a193f2bb902da4ad443d7d7e1d55cc84
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1eac1d01c2bc33725911f934e1a2d5f92008964a454bd856fd662094a219dcf
a1f0190b8812a984be44f4442a8e5af7b939a5a5e4dd94948b4de6e96ce1eea4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a689a4d533e78b5721df67496598cb8b8d320ca36e2e0643e0a682258ab14e
a68c1620e53d516ed29745e0598e16207f81d19f9dfb2882f86c85a9182b8650
ac621298347cf95ce6597e601b29b42566ecace1bc9fcf1fd85a735d7b7c3725
ad5fc1a1f2e9f61750da7c5f657b4555458014b20726b06d78d3d2c1e60ee392
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe75304e7d39674f31f5653b15e816df4ce9b53bbe858e7b39264f385e07eed
b0f29a9d1ba26877494c6ba9777a978bc7d9656e210a2400ca7e4f6b8ac6b0ba
b10cdd31348fbbb07f67339cccddcc355cd59b7caf8390ab367ebcabbe54ffd2
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
b6682b02dc1e7ac827824b85e61a6d6c6a103ee39874472a2f5f13c80534c789
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
bf7c14fcc89fb5e0fe4e0bf43ce769680e2a4fe0e5eaa6a958ee4cc09a9460d2
c0219bc8bc507034e70fa27dff3b68a20bc6cc2ae07f095f7fcc5c23947293e0
c1f042ade0dedb93e9393b65c1bc4a1a6759188f134086a8795273a6de2f6998
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2c9587bdf270097cbfb71eace33ace364f9ecf68d8807cfc6f1bf8be31f0f7f
c31bf90d39f9a89100e1077a257c532174aebcf879cf0aeab873f37e0d7fdf02
c4134d07c61ec344bc275b859684e418dc6a63cfb1d6e03e0b089e1c0364eee8
c9569cfb9ab214cfda02ebc64408d733e52d73cfaf00a8303480ac9e6cae85e3
c9802b443bd944757bb83a73e50a72eed7bc79343af3b94b7bcc13c49df66346
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d6d627c1400f6246a64cfaff3165e87c18455e790b85df2bf319de0a06af4cd5
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a
d98942b504ffe9f347ae6da5775f3e4432d1f63f51cecf34a3bef251bb846673
da14a6daf057bccbe9c244b7c20a4c1347114fb87432cf44f7a7724f197e2887
dc9d3694ac8584500e32ea00478092c3139260f5179a51c1b942f6c24b0416ea
dd698ff3deb9627a393b22d343189461da4be8639610dfbb5b831e678575a3f4
df146eff73a4a1f30553e20ee178c345d8c6bf1926cce23e64072b62ba30e742
dfe15d83d6f54bbde676e733f61e8c58abe5487d3ae2f7021bd01a19f7c2d97e
e13dafc848e0598e8f2f95e0fb032539a0f3041fc0cff98ef90edd8326a41e96
e2d33892eb70ff10ca610ab83dfd2baea81056207b427315ca1f189d8ae553f9
e352a6dd12b2b0fa5cd8621a63397c53e56c3efa80b2cec302a79cb08ecedb74
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4058b846286433d019ff33bb22b2eca434c9d36249df436d5a3c623825674d0
e411365c4ab2c8d2f47d1701525bb1b2214b16f0ab8cff0d6c741e1a71765bba
e4be7f956a5bee1a33475e18df8ae5fa4783fb7b7533233a608ee627792cb754
e641c65f0ccda870021634b66599d861117c4f93f03ef209736d8d5fa78462ee
e6cc5840bbf220d62800acb9101532c9e2f15b22f0f3521d6b81ac4e54650dca
e6fb48e8d0261e0f0c1785c020ced408256e8e323e4b97d55b7b2ec5aa0d5f5c
e8011af09fbae4569db9251473b98748cd7dbe33a2622460751bd1c4fe318d6a
e8bb5d53faaeb66ee294fbba02b5a6d60cee4db032795951085226c1b1e1f4f6
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861
eaa85531e5a7ed29ffe844c5d639e6581187d9ba058c08e66036183409ec54f8
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eea25e34dfec061bf84b953300a9543e0215267e79a7553638b49efcab06d2f1
eec64cc1e5caf8f9453cbdd5fa591ead419508677e20afbe0101886f8e77e4fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd
f0b46e7ede63589ea096f1b0e4f41c6928a31c86e84abfc49ed9a9d5e4171851
f0cce552e462bc55bb3003cb9b508718d4b3df574f5e5fa3c2a8bb4e473c4f28
f1fb45c321edd8c7591e95d967d106af5ae52ab6ab94a3eaba1ca910111ff836
f450e54148af782dee3be8a6134cfc4342cac1b60da61bd0dab0106fff044ee5
f4c1a2f23de27683a23e27d9aa8b5f9c64be4eb5481102dddfc2a1581bb47056
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f5ee1f486d72b4c1b2ba4a16320729616508e9d67b4440aa5fc3a78fd18cd0e0
f8c3c0c9fe948e5b9b023d0555f2c5c49d9490188c642aca3939c5c6c0393bf8
fc22a24805616861afbe5b0a0d063c6220a539742eb4639927b4a50a8a34ab1f
fd38c766df215dedeec2f0ce0d37f9b1557bf41f4022a9ade3426205901e39b0

www.wellandtribune.ca Open in urlscan Pro 2600:9000:2209:d800:18:681a:6f40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

296 Requests

91 %HTTPS

29 %IPv6

47 Domains

83 Subdomains

64 IPs

4 Countries

5727 kBTransfer

14613 kBSize

80 Cookies

20 Outgoing links

Page URL History

Redirected requests

296 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wellandtribune.ca Open in urlscan Pro
2600:9000:2209:d800:18:681a:6f40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

296
Requests

91 %
HTTPS

29 %
IPv6

47
Domains

83
Subdomains

64
IPs

4
Countries

5727 kB
Transfer

14613 kB
Size

80
Cookies

296 HTTP transactions
5 data transactions