urlscan.io logo urlscan.io
SecurityTrails logo

www.timescolonist.com Open in urlscan Pro
20.49.104.7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://timescolonist.com/
Effective URL: https://www.timescolonist.com/
Submission Tags: tranco_l324
Submission: On October 29 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 5 countries across 12 domains to perform 64 HTTP transactions. The main IP is 20.49.104.7, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.timescolonist.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on October 22nd 2021. Valid for: a year.
This is the only time www.timescolonist.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.170.7.25 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
timescolonist.com
9    20.49.104.7 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.timescolonist.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
securepubads.g.doubleclick.net
21    18.66.112.50 (United States)

ASN16509 (AMAZON-02, US)
www.vmcdn.ca
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
cdn.parsely.com
6    51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sr.studiostack.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
2    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4016:809::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
7a39fa62247ba2079fe8b4ed7788b99a.safeframe.googlesyndication.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:827::2002 (None, )

ASN- ()
pagead2.googlesyndication.com
Domain Requested by
21 www.vmcdn.ca www.timescolonist.com
9 www.timescolonist.com www.timescolonist.com
6 sr.studiostack.com www.timescolonist.com
sr.studiostack.com
5 securepubads.g.doubleclick.net www.timescolonist.com
securepubads.g.doubleclick.net
www.googletagservices.com
3 www.google-analytics.com www.timescolonist.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
2 www.google.com www.timescolonist.com
securepubads.g.doubleclick.net
2 stats.g.doubleclick.net www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
1 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 7a39fa62247ba2079fe8b4ed7788b99a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.google.de www.timescolonist.com
1 p1.parsely.com www.timescolonist.com
1 cdn.parsely.com www.timescolonist.com
1 fonts.googleapis.com www.timescolonist.com
1 timescolonist.com 1 redirects
64 19

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
Subject Issuer Validity Valid
www.timescolonist.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-10-22 -
2022-10-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.vmcdn.ca
Amazon		 2021-09-16 -
2022-10-15		 a year crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.studiostack.com
Go Daddy Secure Certificate Authority - G2		 2020-11-06 -
2021-12-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.timescolonist.com/
Frame ID: FA6B0AFE1C90847407F9601372BC7647
Requests: 61 HTTP requests in this frame

Frame: https://7a39fa62247ba2079fe8b4ed7788b99a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 712C9E658B519300197B426C91E23D5B
Requests: 1 HTTP requests in this frame

Frame: https://7a39fa62247ba2079fe8b4ed7788b99a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BE8DEF7AE64ED02C662F8885825A2F43
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://timescolonist.com/ HTTP 301
    https://www.timescolonist.com/ Page URL

Page Statistics

64
Requests

95 %
HTTPS

63 %
IPv6

12
Domains

19
Subdomains

19
IPs

5
Countries

815 kB
Transfer

1858 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://timescolonist.com/ HTTP 301
    https://www.timescolonist.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.timescolonist.com/
Redirect Chain
  • http://timescolonist.com/
  • https://www.timescolonist.com/
83 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0db3c8bd3590ea9ff1ccc7b1e7a95d8e60c2781864fb8a7cf98a885eb8fe6687
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=7
content-length
20941
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
Fri, 29 Oct 2021 08:43:00 GMT
last-modified
Fri, 29 Oct 2021 08:41:55 GMT
x-frame-options
SAMEORIGIN
date
Fri, 29 Oct 2021 08:42:53 GMT

Redirect headers

Location
https://www.timescolonist.com/
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Date
Fri, 29 Oct 2021 08:42:52 GMT
Content-Length
0
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato|Poppins:400,600&display=swap
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff4aa71bc00759b5248489cc7e12dc0fbe3e15730ae999d189e31e85bd158867
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 08:42:53 GMT
server
ESF
date
Fri, 29 Oct 2021 08:42:53 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Fri, 29 Oct 2021 08:42:53 GMT
template_via
www.timescolonist.com/cssb/ 		93 KB
93 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.timescolonist.com/cssb/template_via?v=Xunm7tsbJveI9deCdwKzwN4vEJcGkNqkRaCV3MXIlqY1
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
37e4ecc2ffc7c496dbe801a5950c50430fb0512cb90d454eb24dcd51d07605e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 08:42:53 GMT
cache-control
public
expires
Fri, 28 Oct 2022 16:35:54 GMT
last-modified
Thu, 28 Oct 2021 16:35:54 GMT
content-length
95481
vary
User-Agent
content-type
text/css; charset=utf-8
head
www.timescolonist.com/jsb/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.timescolonist.com/jsb/head?v=FxLEHbA1zWldtzXpgNNMn1K8nPzHd3DG6pEldrwRyhI1
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c8b0bb81aa4d93740b114b22cf88d3c5952349e01fb55aa27f98fbbea32c11f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 08:42:53 GMT
cache-control
public
expires
Fri, 28 Oct 2022 16:35:54 GMT
last-modified
Thu, 28 Oct 2021 16:35:54 GMT
content-length
3249
vary
User-Agent
content-type
text/javascript; charset=utf-8
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
2539
date
Fri, 29 Oct 2021 08:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 29 Oct 2021 10:00:34 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
916722a3b0cf50fbc5b687a5921c9e0bdb0da5be3388e8f59b73c11ef6c9883e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 08:42:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1027 / 98 of 1000 / last-modified: 1635462361"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27309
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Oct 2021 08:42:53 GMT
heartlogo.svg
www.vmcdn.ca/files/victoriatimescolonist/images/static-images/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/victoriatimescolonist/images/static-images/heartlogo.svg
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
6e6a47e3d5b2b02c3fdb60dd87a3e75557ac63c9020d789fdeca4e13bccfeeb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:01:15 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
FRA56-P5
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=heartlogo.svg
x-amz-cf-id
U4dgAHoJjxTBseC2OoFtA0J5IvVA1KzwAdsP0K4WufKz8OiJHqnliA==
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
expires
Fri, 26 Nov 2021 16:01:15 GMT
blank.gif
www.timescolonist.com/images/ 		42 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.timescolonist.com/images/blank.gif
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dd2ef26debf40e0edd9a62277cddf59a939b4026c8805af018fbea29496a62b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 08:42:53 GMT
cache-control
max-age=2592000
last-modified
Fri, 22 Oct 2021 15:02:26 GMT
accept-ranges
bytes
etag
"815178d355c7d71:0"
content-length
42
content-type
image/gif
template
www.timescolonist.com/jsb/ 		159 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.timescolonist.com/jsb/template?v=bjP-8E8s7oTQwOxG5OJrbLvxljEJWJ81R7TttqcTmq41
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e5b65a55a8998eff7dfe8dcc66f0556932442c53695f3c67b2e2acbb7b4cf0a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 08:42:53 GMT
cache-control
public
expires
Fri, 28 Oct 2022 16:35:56 GMT
last-modified
Thu, 28 Oct 2021 16:35:56 GMT
content-length
162476
vary
User-Agent
content-type
text/javascript; charset=utf-8
p.js
cdn.parsely.com/keys/timescolonist.com/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/timescolonist.com/p.js
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9660249a9ab2cf97a1f333110733faae8d46ce7ced54a550c55269361479f564

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
public
date
Fri, 29 Oct 2021 05:33:02 GMT
content-encoding
gzip
last-modified
Mon, 05 Apr 2021 14:34:47 GMT
server
nginx
age
11391
etag
W/"606b2007-1070c"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e44e0b24e706487eaec6b9e01f2166dd.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
-8a1QIF9UESlPcQx64A4zIY-mvKNcNxljkD1Jx2nV2weN98DlIEcKA==
expires
Sat, 30 Oct 2021 05:33:02 GMT
services
sr.studiostack.com/v3/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/v3/services
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cd2cb0b0a51f2bb6517c866e1dc9b610d924a85701bf4d0449bae501762eed0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Oct 2021 08:42:53 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
24454
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
user-o.svg
www.vmcdn.ca/files/ui/icons/ 		715 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/user-o.svg
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/cssb/template_via?v=Xunm7tsbJveI9deCdwKzwN4vEJcGkNqkRaCV3MXIlqY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
20c91e8fbcd29044b6c5f439edc4e293ee0821944202bdbc801d02303a6f72a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 22:01:06 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=user-o.svg
content-length
715
x-amz-cf-id
WiyMJYM1iE4gTrREHM8-KI0qnc3TCc12ZquuXUZZCJiWMFbuAMiEDQ==
expires
Sun, 31 Oct 2021 20:58:45 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Poppins:400,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.timescolonist.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 16:15:59 GMT
x-content-type-options
nosniff
age
59214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 28 Oct 2022 16:15:59 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Poppins:400,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.timescolonist.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 22:04:31 GMT
x-content-type-options
nosniff
age
124702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 27 Oct 2022 22:04:31 GMT
search.svg
www.vmcdn.ca/files/ui/icons/ 		442 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/search.svg
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/cssb/template_via?v=Xunm7tsbJveI9deCdwKzwN4vEJcGkNqkRaCV3MXIlqY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ab33bb269f5d469aaa053c29777d536ee3579be104a6e16d922c95af5f40ba1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 06:57:25 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=search.svg
content-length
442
x-amz-cf-id
IILl5D6nuSU8hr0SLRgBQedb7corYJaQ8oqg__Q9FhkVRrday25NtA==
expires
Sat, 30 Oct 2021 06:57:26 GMT
picture-o.svg
www.vmcdn.ca/files/ui/icons/ 		475 B
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/picture-o.svg
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/cssb/template_via?v=Xunm7tsbJveI9deCdwKzwN4vEJcGkNqkRaCV3MXIlqY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
361a44881097f7833bbf4346278ea77c9c56033682fdab64feffe9bb57b5eaf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 00:08:01 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=picture-o.svg
content-length
475
x-amz-cf-id
_WloQttaucS2HjpiWRNIzhPKPXVbhpBOM4ELWZToYkd4ZBiXJ5l3zw==
expires
Tue, 09 Nov 2021 00:08:01 GMT
opensans-bold.woff2
www.timescolonist.com/css/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.timescolonist.com/css/fonts/opensans-bold.woff2
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/cssb/template_via?v=Xunm7tsbJveI9deCdwKzwN4vEJcGkNqkRaCV3MXIlqY1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7188423c548d0761358ba2b6570354989e3f98f7318ed998adfb04e063c05915

Request headers

Referer
https://www.timescolonist.com/cssb/template_via?v=Xunm7tsbJveI9deCdwKzwN4vEJcGkNqkRaCV3MXIlqY1
Origin
https://www.timescolonist.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 08:42:53 GMT
cache-control
max-age=2592000
last-modified
Fri, 22 Oct 2021 15:02:26 GMT
accept-ranges
bytes
etag
"1b3b6bd355c7d71:0"
content-length
19724
content-type
application/font-woff2
facebook-w.svg
www.vmcdn.ca/files/ui/icons/ 		253 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/facebook-w.svg
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/cssb/template_via?v=Xunm7tsbJveI9deCdwKzwN4vEJcGkNqkRaCV3MXIlqY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
254fd27c36e073f89ef5961a63316c877148fa78dbf20e612fb3fc1dbc3af906

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 05:00:12 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=facebook-w.svg
content-length
253
x-amz-cf-id
Th1WkGX1Q82ttp7LWfv0UjJQ4qIw8HPHla_AxLykfB0CYSPE1qZPuw==
expires
Fri, 26 Nov 2021 05:00:12 GMT
twitter-w.svg
www.vmcdn.ca/files/ui/icons/ 		506 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/twitter-w.svg
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/cssb/template_via?v=Xunm7tsbJveI9deCdwKzwN4vEJcGkNqkRaCV3MXIlqY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
dba6ea9ecb296ddd7d0c150a586fe6949b8f79fc8026db799723690ac9aa36bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 22:02:04 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=twitter-w.svg
content-length
506
x-amz-cf-id
87Gad6rVB9N_lo6T4ZtK9kjObaktNyLuCSCizbefHs9Z780i8pJR0A==
expires
Tue, 02 Nov 2021 05:58:21 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-37383801-16&cid=1984601975.1635496974&jid=1833588315&gjid=739410605&_gid=1434469156.1635496974&_u=IGDAgEABAAAAAE~&z=2128420222
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.timescolonist.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 29 Oct 2021 08:42:54 GMT
content-type
text/plain
access-control-allow-origin
https://www.timescolonist.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-5137365-64&cid=1984601975.1635496974&jid=1207402153&gjid=861953842&_gid=1434469156.1635496974&_u=IGDAgEABAAAAAE~&z=89962980
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.timescolonist.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 29 Oct 2021 08:42:54 GMT
content-type
text/plain
access-control-allow-origin
https://www.timescolonist.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=388214122&t=pageview&_s=1&dl=https%3A%2F%2Fwww.timescolonist.com%2F&ul=en-us&de=UTF-8&dt=Victoria%20Times%20Colonist%20-%20Victoria%20Times%20Colonist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAgEAB~&jid=1833588315&gjid=739410605&cid=1984601975.1635496974&tid=UA-37383801-16&_gid=1434469156.1635496974&cd1=82&z=2042417483
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 04:52:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
13825
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=388214122&t=pageview&_s=1&dl=https%3A%2F%2Fwww.timescolonist.com%2F&ul=en-us&de=UTF-8&dt=Victoria%20Times%20Colonist%20-%20Victoria%20Times%20Colonist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAgEABAAAAAE~&jid=1207402153&gjid=861953842&cid=1984601975.1635496974&tid=UA-5137365-64&_gid=1434469156.1635496974&cd1=82&z=260505044
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 04:52:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
13825
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021102501.js
securepubads.g.doubleclick.net/gpt/ 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 08:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
122594
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 08:35:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Oct 2021 08:42:54 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		140 B
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.timescolonist.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
f81fab464b235029fc903b037858270660f3aaeef6d5d39053fa74f1905ce894
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Oct 2021 08:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
107
x-xss-protection
0
expires
Fri, 29 Oct 2021 08:42:54 GMT
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1635496974054&plid=6611065&idsite=timescolonist.com&url=https%3A%2F%2Fwww.timescolonist.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.timescolonist.com%2F&sref=&sts=1635496974050&slts=0&title=Victoria+Times+Colonist+-+Victoria+Times+Colonist&date=Fri+Oct+29+2021+08%3A42%3A54+GMT%2B0000+(GMT)&action=pageview&pvid=11846287&u=pid%3Df4adf18fcc16fcbd30ff787851c0d519
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 29 Oct 2021 08:42:54 GMT
Cache-Control
no-cache
Last-Modified
Friday, 29-Oct-2021 08:42:54 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
weatherwidget
www.timescolonist.com/external/ 		126 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timescolonist.com/external/weatherwidget?weatherCode=BC%2Fs0000775_e
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/jsb/template?v=bjP-8E8s7oTQwOxG5OJrbLvxljEJWJ81R7TttqcTmq41
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8df3bed94e21dd756833148eed6e63258f9ab6de74198ed26c921af6323e0f87

Request headers

Accept
*/*
Referer
https://www.timescolonist.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 08:42:53 GMT
content-encoding
gzip
last-modified
Fri, 29 Oct 2021 08:29:10 GMT
cache-control
public, max-age=76
content-type
application/json; charset=utf-8
content-length
227
expires
Fri, 29 Oct 2021 08:44:10 GMT
422577
www.timescolonist.com/widgets/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timescolonist.com/widgets/422577
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/jsb/template?v=bjP-8E8s7oTQwOxG5OJrbLvxljEJWJ81R7TttqcTmq41
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6ecfd2485b889075f29b5692c4b040f960184c12ceae05449997296961f2b054

Request headers

Accept
*/*
Referer
https://www.timescolonist.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 08:42:53 GMT
content-encoding
gzip
cache-control
private
content-length
1203
vary
Accept-Encoding
content-type
text/html; charset=utf-8
web1_zim-kingston-debris-1.jpg;w=300;h=200;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/web1_zim-kingston-debris-1.jpg;w=300;h=200;mode=crop
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2a72b6e98b2265ea7e2be6a43eb07aff8ef98183ac08db7a36d3f9acf7b0c794

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 05:49:25 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
content-length
28646
x-amz-cf-id
TDDNGe-7ewXBEEO9tTVSzPTohH5X7mTyyLgj1qGmC4W9j7yhmHdvHA==
expires
Sat, 29 Oct 2022 05:48:45 GMT
web1_crd-capital-regional-district-office-generic-photo.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/web1_crd-capital-regional-district-office-generic-photo.jpg;w=100;h=67;mode=crop
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
43d6e10aa65f7306d4412ed97c7af028e45d957ad924f8d47456cdcdb1746586

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 17:06:10 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
content-length
2880
x-amz-cf-id
KneezU87kXSuTWpBRG48MBDlAXJqPI2gpu_qoIYDzRuyx8qZgnXPVw==
expires
Fri, 28 Oct 2022 16:50:57 GMT
web1_vka-sidney-11724.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/web1_vka-sidney-11724.jpg;w=100;h=67;mode=crop
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0697c210bb77551c40e4e7148669ddd191a46b58f0c8998ee30b5c5bb3538848

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 07:44:44 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
content-length
3729
x-amz-cf-id
V6iwSqGVoimMfRVj2f8_NQz5W8Smp0JJqbPGLdsjDLJGb413bWXJjA==
expires
Sat, 29 Oct 2022 07:44:45 GMT
web1_vka-legsteps-11745.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/web1_vka-legsteps-11745.jpg;w=100;h=67;mode=crop
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e2841ed4a7311df5365bbc59623041ca207eb07f7f377f6c9299eb736cb43a29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 07:55:37 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
content-length
3515
x-amz-cf-id
uMxNWhjCJ55INCRlEdhs2FQFxu531igj1kzh_q4Lzf9UAbnb6aWoAQ==
expires
Sat, 29 Oct 2022 07:51:10 GMT
web1_1.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/web1_1.jpg;w=100;h=67;mode=crop
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
59c1a5bdeb256964f1efe1bc36c0e88f9f01c0079c3cb1c69da10ffc7526f4f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 02:44:46 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
content-length
2916
x-amz-cf-id
z1bdWBh7WNmBOyCcF4eeXJPaJ3-qakFxpCPlDw_xzn5evLXhYgnRqQ==
expires
Sat, 29 Oct 2022 01:23:52 GMT
web1_preliminary-mayfair-mall-concept-1.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/web1_preliminary-mayfair-mall-concept-1.jpg;w=100;h=67;mode=crop
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2aefdd0d5ba12533b7af323a3fbff3cb27ed54ec0426b66a1154f220ac509760

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 08:22:07 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
content-length
3421
x-amz-cf-id
pK4s-4mp2DhprMvA9QnZpNrCYXzh23pCq0F5eblp1fG32IHYyDZXEQ==
expires
Fri, 28 Oct 2022 08:15:49 GMT
web1_bbrt-frankie-and-johnny-and-the-clair-de-lune---jacob-richmond-and-kelly-hobson---photo-credit-jam-hamidi-2(1).png;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/web1_bbrt-frankie-and-johnny-and-the-clair-de-lune---jacob-richmond-and-kelly-hobson---photo-credit-jam-hamidi-2(1).png;w=100;h=67;mode=crop
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
9d1334da41e17727af040ab9a452eb4cc7c6b1d4aa909840d750fc1476462530

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 14:43:53 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public
content-length
17203
x-amz-cf-id
QeHNEgveMn0DtSdKMtso8Zq3tQla9jRxUZ4KTu9k-6br33lah2QXOA==
expires
Fri, 28 Oct 2022 14:39:58 GMT
web1_vka-grizzlies-11524.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/web1_vka-grizzlies-11524.jpg;w=100;h=67;mode=crop
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
bbe13dfa4639d1908f80413e18522838d03570c47d172cc4c259a6fee0f60981

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 06:12:39 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
content-length
3594
x-amz-cf-id
l0gBprUdpsH_LuyHOpdyPc5PyJDEeuYeB-CuZGzLGAIlxX1xngboEQ==
expires
Fri, 28 Oct 2022 05:55:12 GMT
web1_vka-weather-tourists-10905.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/web1_vka-weather-tourists-10905.jpg;w=100;h=67;mode=crop
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
d83453c03ee5aa3daa1ce745653965e7f75752806e03eb3e066686b9cc7c7cc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 14:32:37 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
content-length
4111
x-amz-cf-id
7v6D286TxGAk5WHpb0_xdBmrErQAB9SXBjPOnkHUGFsoMb9MUSPduA==
expires
Fri, 28 Oct 2022 14:32:11 GMT
web1_central-saanich-police-collide.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/web1_central-saanich-police-collide.jpg;w=100;h=67;mode=crop
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
72eed26c4e076b52ff8822474858023ecce1f15482a859b3bb600ad36e5a8e65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 02:05:56 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
content-length
3455
x-amz-cf-id
uDUqKrbomvaA6qHRnj-AfhCBgH7R_GVwfvnHdo3Rwo08qNxFTsl4cQ==
expires
Fri, 28 Oct 2022 00:55:57 GMT
web1_20210921200932-614a7a654bf813c119471d83jpeg.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/web1_20210921200932-614a7a654bf813c119471d83jpeg.jpg;w=100;h=67;mode=crop
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
631f46001309ee0d2fcc4f0c90e346f3182adbde414233390fafd38f5a77425b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 23:37:12 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
content-length
2987
x-amz-cf-id
RuT1Q6ss-N-rUugefP77M3-yKTyK5-PTFZpJTno23xp5Qo5rBPnRrA==
expires
Thu, 27 Oct 2022 23:29:11 GMT
web1_revised_fossilfuels2_web.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/web1_revised_fossilfuels2_web.jpg;w=100;h=67;mode=crop
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2e30ef34482744a8e547f055312bbac82a677ab4b7557cebdbb18543074fdfdf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 12:32:29 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
content-length
3248
x-amz-cf-id
wtzIxYFiyPa1tsN5oo924runLce2QtHCpR0M_AXcoq3W1mR1KjXKbA==
expires
Fri, 28 Oct 2022 12:16:22 GMT
web1_2021090819094-613941737a40c30c0ac6c753jpeg.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/web1_2021090819094-613941737a40c30c0ac6c753jpeg.jpg;w=100;h=67;mode=crop
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0ae5575290877e1b196af283709a4c131994dca9e5b9a1f019b702b6ef75dcfd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 12:12:45 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
content-length
3716
x-amz-cf-id
EemJFsa2nSvMm1SwqnY7vZjRyBVW9Hzo6Mx0q7o9N5kgaR81jAzqNw==
expires
Fri, 28 Oct 2022 12:02:14 GMT
web1_vka-legclouds-9452.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2021/10/web1_vka-legclouds-9452.jpg;w=100;h=67;mode=crop
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
fe76b2ecdeaf5163ab1e77e46dc4a2f6547fe016228befa7c7e3c4c740635cc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 08:22:19 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
content-length
3767
x-amz-cf-id
IFCogYJAuOoOlOjqdcHet34q1ofe_4-wG0qSkiN351U4JFYxkYv86g==
expires
Fri, 28 Oct 2022 08:16:48 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-37383801-16&cid=1984601975.1635496974&jid=1833588315&_u=IGDAgEABAAAAAE~&z=1842713213
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 08:42:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-37383801-16&cid=1984601975.1635496974&jid=1833588315&_u=IGDAgEABAAAAAE~&z=1842713213
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4016:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 08:42:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.timescolonist.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Oct 2021 08:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.timescolonist.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Oct 2021 08:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		613 KB
74 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2499799598360015&correlator=1446833535755167&output=ldjh&impl=fifs&eid=31063213%2C31063275%2C21068767&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211029&iu_parts=4326737%2Catex_TC_site_section_subsection_3to1_S1_RON_GNG-network%2Catex_TC_site_section_subsection_wallpaper_S1_RON_GNG-network%2CLocal_Raffle_Glacier%2Cvtc_sponsored_content_article_S2%2Cvtc_sponsored_content_article_S1%2Catex_TC_site_section_subsection_1to2_S1_RON_GNG-network%2Catex_TC_site_section_subsection_1to1_S1_RON_GNG-network%2Catex_TC_site_section_subsection_6to1_S1_RON_GNG-network%2Catex_TC_site_section_subsection_1to1_S2_RON_GNG-network&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=1x1%7C728x90%7C900x150%7C900x300%7C970x250%2C1x2%7C1x1%2C320x50%2C320x50%2C320x50%2C300x600%2C300x250%2C728x90%7C600x100%7C400x67%7C300x50%2C300x250&fluid=0%2C0%2Cheight%2Cheight%2Cheight%2C0%2C0%2C0%2C0&eri=1&cust_params=site%3Dwww.timescolonist.com%252Ctimescolonist.com%26ContentCategory%3DLanding&cookie_enabled=1&bc=31&abxe=1&lmt=1635496915&dt=1635496974116&dlt=1635496973650&idt=441&frm=20&biw=1600&bih=1200&oid=2&adxs=305%2C-12245933%2C650%2C320%2C320%2C980%2C980%2C320%2C980&adys=169%2C-12245933%2C858%2C592%2C592%2C294%2C914%2C1975%2C2095&adks=3500535196%2C924014232%2C4293258365%2C3258066819%2C1490560124%2C3465503169%2C2069792069%2C413046694%2C3653463578&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.timescolonist.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=990x90%7C0x0%7C300x0%7C300x0%7C300x0%7C300x0%7C300x0%7C960x0%7C300x0&msz=0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&ga_vid=1984601975.1635496974&ga_sid=1635496974&ga_hid=388214122&ga_fc=true&fws=4%2C132%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&btvi=0%7C-1%7C0%7C0%7C0%7C0%7C0%7C1%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
615de70a1e1fa7a0f9ffd6793ee54e8b2fdfb3f8f33b0eeb215d65e2781a2c1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 08:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
75686
x-xss-protection
0
google-lineitem-id
5817523909,-2,-2,5822442890,-2,-1,-1,5039308480,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138368419791,-2,-2,138369028196,-2,-1,-1,138268056412,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.timescolonist.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7a39fa62247ba2079fe8b4ed7788b99a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 712C 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7a39fa62247ba2079fe8b4ed7788b99a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 29 Oct 2021 08:42:54 GMT
expires
Sat, 29 Oct 2022 08:42:54 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
attention-event
sr.studiostack.com/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.timescolonist.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Allow
POST
Content-Length
4
Content-Type
text/html; charset=utf-8
Expires
0
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Date
Fri, 29 Oct 2021 08:42:54 GMT
attention-event
sr.studiostack.com/track/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.timescolonist.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 29 Oct 2021 08:42:54 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
attention-data
sr.studiostack.com/track/ 		114 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-data?media=100229&ref=https%3A%2F%2Fwww.timescolonist.com%2F
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
74c2a4c4c83765beb0b1df860560ff389620c6e8f65f6bd124942dac6bbf822f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Oct 2021 08:42:54 GMT
ETag
W/"72-LZnG/YlzA3hOQScC0RNN3po/qqM"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
114
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
10.gif
www.vmcdn.ca/files/ui/icons/weather/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/weather/10.gif
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
d60a3d0983ccc88c2e019d76438304470091f32c67dbf6c75889279c1a736ff2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 06:10:08 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=10.gif
content-length
2081
x-amz-cf-id
6JHJibEOBvJoG3yqim7Ke-AYgx6cyZkiTbOqlgs4LEdO5IPDFUGK6g==
expires
Thu, 04 Nov 2021 06:10:09 GMT
me
www.timescolonist.com/account/ 		124 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timescolonist.com/account/me
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/jsb/head?v=FxLEHbA1zWldtzXpgNNMn1K8nPzHd3DG6pEldrwRyhI1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8ef9f60ec415250ad2bdb23ec185c2459d6940071f527b11c4c455bafb81c050
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 08:42:54 GMT
content-encoding
gzip
vary
Accept-Encoding
cache-control
private
content-length
258
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
container.html
7a39fa62247ba2079fe8b4ed7788b99a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BE8D 		0
0
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuneZQj518Ta7DoRlTrrxbRZ58_W9flgzhN91a-PB3Vhy7I8yPQibYuVNV9XGAV_qx5AZBvLB15ai2ok5lcD_lNR4FztbrP1k0QVND5u5wr-PVJgwvUPaKeBAyMaK2ZcmT0NAQl-PchS4FIqHKy0isuhuu16ifEgf9hSngbPQxi3Tjclzxaof4_T6OSYWOfQOUF5AqEEMxBGob0IsQWarTKySua_mxuAdWfDfz5GSxcE5nVrlciP7gnx7jGqSKQy90w2pivXO76Q42GsqgTO6VbmpQUYAn_sKvRnJVt6IRwbK7MRHhlxt-A73cPYZqQoSLw56Q2TItVnubIBwaB2MV91_twcNTxmsaGvP5XAsxn-IjA8NxcQedxyz7z&sai=AMfl-YRkxP10bO3W8u4EEm2ETUawEDb5bOy_XZrUPLW6TztaOprropF0ssuIn4v1fPO0POjk0L1jxBl57Y2iBM4oCInJAL9WZuhvlXuLro534382Ah6mmKMUxN-al9fAVDg&sig=Cg0ArKJSzKWFleE0DmJ0EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 29 Oct 2021 08:42:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 29 Oct 2021 08:42:54 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 08:42:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Nov 2021 08:42:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.timescolonist.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 29 Oct 2021 08:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635161763799786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Oct 2021 08:42:54 GMT
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTppQ5nwGa0SGlrX9HHqI7D1gIp5plLW0kPBpJEiu9KZcdDi01Yo01R0YG8HL40eOLxvzzt18b-Dn-OsXpuv9PJ0IgAFA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
16821461187285210387
tpc.googlesyndication.com/simgad/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16821461187285210387
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96958f95c9fe0901f989191e289ae04e17cff31d7453b291c1ee3e2cd7145c0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:30:34 GMT
x-content-type-options
nosniff
age
432740
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
65257
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 20:10:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 24 Oct 2022 08:30:34 GMT
view
securepubads.g.doubleclick.net/pcs/ 		0
0
truncated
/ 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13ef177a8408d645c6426783b49b310b76cbfa287c4302adbcaaffe1fe2bef97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshF9By7MoVT3GASaeEPstexHBCfo-o14ClnA_W5iLI_tYqLwmY0hVV6hfFMZh7uQk5-tJQd6zCTpGiLNuDmF2-mVW33O1iu4CwKONwnAljXixFok58&sig=Cg0ArKJSzH23Asej36m1EAE&id=lidar2&mcvt=1000&p=0,0,300,900&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211025&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3500535196&rs=4&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635496972850&rpt=2144&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.timescolonist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 08:42:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attention-event
sr.studiostack.com/track/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Requested by
Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.timescolonist.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 29 Oct 2021 08:42:59 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
attention-event
sr.studiostack.com/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sr.studiostack.com/track/attention-event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.timescolonist.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Allow
POST
Content-Length
4
Content-Type
text/html; charset=utf-8
Expires
0
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
request-context
appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD, PUT
Date
Fri, 29 Oct 2021 08:42:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
7a39fa62247ba2079fe8b4ed7788b99a.safeframe.googlesyndication.com
URL
https://7a39fa62247ba2079fe8b4ed7788b99a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkqaSrRjQqbhupz6q71_DB7q5JzlvEwzUbu8svC__ZkMlel53DJsfE9AVWf-8PqSpbjH3zDpUOL7SxnkWvGVxSIXw_0UVGMgRZhPCNrs7Uv5l0pQDHzMifcsK38C2M8mg5G78-Ybfx6VunwXj4883Zt85xF-6PdItWjanxXVhg2HTJhzseGNh72PzoB-xvrBgchvOHuEOcY_jPSTbDVvpBl9gzL1f7AW3Ow4FrcNJbHD6-UDwAbTrJXu95R0YwmhpI7gt-kKMskRjFu7XMelx_EEyLuzA0uJtr48xQkHp52RzAn9zqTRNOpiZGIa3OMA3FnoLDd9WVMHcZBrC7NY7Qy2aK0V2XV1BMXnt_6JatRXdu3KaYrRiAD52_zNM&sai=AMfl-YTaoGhLT9DUwcXrLF8OJZUMpdWa3MWp4yNjblmhsJuKvFixnB8gBBhwaFC9e4z-i_a3UcwaHjj9KUqznQcHqD24lKnSv9xBoYJ3ZnMOZyy1OhDBnU3z8WZ-b7SWdKg&sig=Cg0ArKJSzGjiL_dVQOAYEAE&uach_m=[UACH]&adurl=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102501&st=env

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| VMslots object| VMinjects object| VMlazyslots object| toMap object| bmMap object| fMap object| bbdMapping object| bbd2Mapping object| bbd3Mapping object| bbd4Mapping object| bbtMapping object| bbt2Mapping object| bbt3Mapping object| bbmMapping object| bbm2Mapping object| bbm3Mapping object| sixOneMapping object| VM object| googletag function| pbq function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue function| Swipe function| $ function| jQuery function| _typeof object| PARSELY object| jQuery111205971391791159761 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| pbProcessor object| ampInaboxIframes object| ampInaboxPendingMessages string| jscVersion object| google_casm function| su object| dicnf number| google_srt object| viewReq function| vu function| mb function| init_ssb function| accbk function| xy function| ss function| st function| ha function| ia function| ja object| window_focus_for_click number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_

12 Cookies

Domain/Path Name / Value
.www.timescolonist.com/ Name: ARRAffinity
Value: 4aa7dfe51326a871f6b4a6a125a0f17719bbc09429decfe8dc201b9d0bc30325
.www.timescolonist.com/ Name: ARRAffinitySameSite
Value: 4aa7dfe51326a871f6b4a6a125a0f17719bbc09429decfe8dc201b9d0bc30325
.timescolonist.com/ Name: _ga
Value: GA1.2.1984601975.1635496974
.timescolonist.com/ Name: _gid
Value: GA1.2.1434469156.1635496974
.timescolonist.com/ Name: _gat_base
Value: 1
.timescolonist.com/ Name: _gat_site
Value: 1
.timescolonist.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.timescolonist.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1635496974050%2C%22slts%22:0}
.timescolonist.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=f4adf18fcc16fcbd30ff787851c0d519%22%2C%22session_count%22:1%2C%22last_session_ts%22:1635496974050}
.timescolonist.com/ Name: __psid
Value: 1635496974152
www.timescolonist.com/ Name: __RequestVerificationToken
Value: QpT3gUBJ3NIwaA_CYt-SKg34bLoA9QEdo-rhPKWi9M7FT3rHE9EuVSIMX_YxAClbmQxuzU5tDCAc9yUyzNdQftMxGzVbsNSBwv3O7lNyGs01
.timescolonist.com/ Name: __gads
Value: ID=6f5154bded2313de-223b6b4305cb0007:T=1635496974:S=ALNI_MZbgxjV6MSsePP9TbM_mGBjSbFJpA
.doubleclick.net/ Name: IDE
Value: AHWqTUlOQWi4iMnfzD1fuNF9kzealcalsvdudW5na3gLJUq-gsYp7dm0iCyqAaaEXWo

2 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7a39fa62247ba2079fe8b4ed7788b99a.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.parsely.com
fonts.googleapis.com
fonts.gstatic.com
p1.parsely.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
sr.studiostack.com
stats.g.doubleclick.net
timescolonist.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.timescolonist.com
www.vmcdn.ca
7a39fa62247ba2079fe8b4ed7788b99a.safeframe.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
172.217.18.98
18.66.100.58
18.66.112.50
20.49.104.7
2a00:1450:4001:800::2001
2a00:1450:4001:800::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2004
2a00:1450:400c:c09::9c
2a00:1450:4016:809::2003
51.104.28.77
52.170.7.25
54.144.144.142
0697c210bb77551c40e4e7148669ddd191a46b58f0c8998ee30b5c5bb3538848
0ae5575290877e1b196af283709a4c131994dca9e5b9a1f019b702b6ef75dcfd
0db3c8bd3590ea9ff1ccc7b1e7a95d8e60c2781864fb8a7cf98a885eb8fe6687
13ef177a8408d645c6426783b49b310b76cbfa287c4302adbcaaffe1fe2bef97
20c91e8fbcd29044b6c5f439edc4e293ee0821944202bdbc801d02303a6f72a1
254fd27c36e073f89ef5961a63316c877148fa78dbf20e612fb3fc1dbc3af906
2a72b6e98b2265ea7e2be6a43eb07aff8ef98183ac08db7a36d3f9acf7b0c794
2aefdd0d5ba12533b7af323a3fbff3cb27ed54ec0426b66a1154f220ac509760
2dd2ef26debf40e0edd9a62277cddf59a939b4026c8805af018fbea29496a62b
2e30ef34482744a8e547f055312bbac82a677ab4b7557cebdbb18543074fdfdf
361a44881097f7833bbf4346278ea77c9c56033682fdab64feffe9bb57b5eaf5
37e4ecc2ffc7c496dbe801a5950c50430fb0512cb90d454eb24dcd51d07605e5
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
43d6e10aa65f7306d4412ed97c7af028e45d957ad924f8d47456cdcdb1746586
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
59c1a5bdeb256964f1efe1bc36c0e88f9f01c0079c3cb1c69da10ffc7526f4f6
615de70a1e1fa7a0f9ffd6793ee54e8b2fdfb3f8f33b0eeb215d65e2781a2c1e
631f46001309ee0d2fcc4f0c90e346f3182adbde414233390fafd38f5a77425b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e6a47e3d5b2b02c3fdb60dd87a3e75557ac63c9020d789fdeca4e13bccfeeb2
6ecfd2485b889075f29b5692c4b040f960184c12ceae05449997296961f2b054
7188423c548d0761358ba2b6570354989e3f98f7318ed998adfb04e063c05915
72eed26c4e076b52ff8822474858023ecce1f15482a859b3bb600ad36e5a8e65
74c2a4c4c83765beb0b1df860560ff389620c6e8f65f6bd124942dac6bbf822f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8df3bed94e21dd756833148eed6e63258f9ab6de74198ed26c921af6323e0f87
8ef9f60ec415250ad2bdb23ec185c2459d6940071f527b11c4c455bafb81c050
916722a3b0cf50fbc5b687a5921c9e0bdb0da5be3388e8f59b73c11ef6c9883e
9660249a9ab2cf97a1f333110733faae8d46ce7ced54a550c55269361479f564
96958f95c9fe0901f989191e289ae04e17cff31d7453b291c1ee3e2cd7145c0f
9d1334da41e17727af040ab9a452eb4cc7c6b1d4aa909840d750fc1476462530
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab33bb269f5d469aaa053c29777d536ee3579be104a6e16d922c95af5f40ba1d
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bbe13dfa4639d1908f80413e18522838d03570c47d172cc4c259a6fee0f60981
c8b0bb81aa4d93740b114b22cf88d3c5952349e01fb55aa27f98fbbea32c11f3
cd2cb0b0a51f2bb6517c866e1dc9b610d924a85701bf4d0449bae501762eed0e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d60a3d0983ccc88c2e019d76438304470091f32c67dbf6c75889279c1a736ff2
d83453c03ee5aa3daa1ce745653965e7f75752806e03eb3e066686b9cc7c7cc3
dba6ea9ecb296ddd7d0c150a586fe6949b8f79fc8026db799723690ac9aa36bf
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
e2841ed4a7311df5365bbc59623041ca207eb07f7f377f6c9299eb736cb43a29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b65a55a8998eff7dfe8dcc66f0556932442c53695f3c67b2e2acbb7b4cf0a8
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f81fab464b235029fc903b037858270660f3aaeef6d5d39053fa74f1905ce894
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe76b2ecdeaf5163ab1e77e46dc4a2f6547fe016228befa7c7e3c4c740635cc1
ff4aa71bc00759b5248489cc7e12dc0fbe3e15730ae999d189e31e85bd158867