gcp-bc-785-ontariofarmer.gdev.postmedia.digital Open in urlscan Pro
34.95.11.30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Effective URL:
https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Submission: On February 02 via api (February 2nd 2022, 7:49:30 pm UTC) from CA — Scanned from CA

Summary HTTP 267 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 69 IPs in 5 countries across 61 domains to perform 267 HTTP transactions. The main IP is 34.95.11.30, located in Montreal, Canada and belongs to GOOGLE-PRIVATE-CLOUD, US. The main domain is gcp-bc-785-ontariofarmer.gdev.postmedia.digital.
TLS certificate: Issued by Kubernetes Ingress Controller Fake Ce... on February 2nd 2022. Valid for: a year.

This is the only time gcp-bc-785-ontariofarmer.gdev.postmedia.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	34.95.11.30 34.95.11.30	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
8	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
4	13.225.71.80 13.225.71.80	16509 (AMAZON-02) (AMAZON-02)
2 16	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.85.61.78 52.85.61.78	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:c0b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:835	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.63.82 13.225.63.82	16509 (AMAZON-02) (AMAZON-02)
1	13.225.214.33 13.225.214.33	16509 (AMAZON-02) (AMAZON-02)
4	34.149.157.221 34.149.157.221	15169 (GOOGLE) (GOOGLE)
3	13.225.63.43 13.225.63.43	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21e... 2600:9000:21ec:9000:8:f216:eb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2008	15169 (GOOGLE) (GOOGLE)
2 6	13.33.46.48 13.33.46.48	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::645	54113 (FASTLY) (FASTLY)
9	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
5	35.170.223.143 35.170.223.143	14618 (AMAZON-AES) (AMAZON-AES)
5	2a04:4e42::645 2a04:4e42::645	54113 (FASTLY) (FASTLY)
2	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
1	2600:141b:13:... 2600:141b:13::17d7:82d1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	199.232.36.157 199.232.36.157	54113 (FASTLY) (FASTLY)
2	75.2.40.13 75.2.40.13	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1 3	104.18.98.194 104.18.98.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 3	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
1 12	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
1 1	199.38.167.128 199.38.167.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.144.85.208 54.144.85.208	14618 (AMAZON-AES) (AMAZON-AES)
2 2	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
6 6	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	34.73.194.24 34.73.194.24	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:817::2016	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 5	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
5 5	3.216.55.148 3.216.55.148	14618 (AMAZON-AES) (AMAZON-AES)
7 9	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
12	34.206.47.24 34.206.47.24	14618 (AMAZON-AES) (AMAZON-AES)
2 4	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	104.76.100.229 104.76.100.229	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	54.166.81.178 54.166.81.178	14618 (AMAZON-AES) (AMAZON-AES)
3 3	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 3	54.85.224.115 54.85.224.115	14618 (AMAZON-AES) (AMAZON-AES)
1	156.154.200.36 156.154.200.36	19907 (NEUSTAR-AS6) (NEUSTAR-AS6)
4 4	23.208.217.6 23.208.217.6	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
4 9	23.21.108.64 23.21.108.64	14618 (AMAZON-AES) (AMAZON-AES)
2	23.221.203.12 23.221.203.12	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.192.31.127 23.192.31.127	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4 4	68.67.161.207 68.67.161.207	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	23.92.190.68 23.92.190.68	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
7 7	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
25	2607:f8b0:400... 2607:f8b0:4006:81c::2006	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
1 1	2620:116:800b... 2620:116:800b:21:61c0:eb61:c438:2f4e	14618 (AMAZON-AES) (AMAZON-AES)
4	23.92.190.74 23.92.190.74	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 3	23.223.1.189 23.223.1.189	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	34.226.144.114 34.226.144.114	14618 (AMAZON-AES) (AMAZON-AES)
1 1	213.19.162.90 213.19.162.90	3356 (LEVEL3) (LEVEL3)
1 2	2600:1f18:4e9... 2600:1f18:4e9:5a07:6be:e2b0:f1c0:b548	14618 (AMAZON-AES) (AMAZON-AES)
4 10	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	104.36.115.113 104.36.115.113	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	2607:f8b0:400... 2607:f8b0:4006:822::2001	15169 (GOOGLE) (GOOGLE)
4	2600:9000:21d... 2600:9000:21dd:5200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	185.167.164.37 185.167.164.37	198622 (ADFORM) (ADFORM)
6	104.36.115.109 104.36.115.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1	104.36.115.114 104.36.115.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	52.116.221.248 52.116.221.248	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
1	2001:4998:14:... 2001:4998:14:800::1000	14777 (YAHOO) (YAHOO)
10	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
1	2607:f8b0:400... 2607:f8b0:4006:820::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:2140:7a00:7:75d4:e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	8.28.7.84 8.28.7.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
267	69

26 34.95.11.30 (Montreal, Canada) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 30.11.95.34.bc.googleusercontent.com

gcp-bc-785-ontariofarmer.gdev.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.71.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-71-80.ewr53.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.16.190.66 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

hb.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-78.ewr53.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:c0b6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:835 (United States)

ASN13335 (CLOUDFLARENET, US)

auth.lrcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-82.ewr53.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-33.ewr50.r.cloudfront.net

fem.prod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.149.157.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.157.149.34.bc.googleusercontent.com

smartcdn.gprod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.63.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-43.ewr53.r.cloudfront.net

smartcdn.prod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21ec:9000:8:f216:eb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d395dw5zk780j2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.33.46.48 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-48.ewr52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.170.223.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-223-143.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)

identity.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jssdks.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82d1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.36.157 (New York, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States) 1 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.98.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 209.54.177.54 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.33.138 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.144.85.208 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-85-208.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.90.254.78 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.49 (United States) 6 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.73.194.24 (North Charleston, United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 24.194.73.34.bc.googleusercontent.com

dmx.us-east-34.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)

f58beb23466913df738d0be754ce563b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:817::2016 (United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:820::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.216.55.148 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-55-148.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.80.98 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.206.47.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-47-24.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.100.229 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-100-229.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.166.81.178 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-81-178.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.200.232.253 (United States) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.85.224.115 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-224-115.compute-1.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.154.200.36 (United States)

ASN19907 (NEUSTAR-AS6, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.208.217.6 (Edison, United States) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-217-6.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.139.29 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.21.108.64 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-108-64.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.221.203.12 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-203-12.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.192.31.127 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.161.207 (New York, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 802.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.92.190.68 (United States) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.71.131.137 (United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2607:f8b0:4006:81c::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:61c0:eb61:c438:2f4e (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.92.190.74 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.223.1.189 (New York, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-223-1-189.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.226.144.114 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-144-114.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.90 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:4e9:5a07:6be:e2b0:f1c0:b548 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.173.151.100 (United States) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:822::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21dd:5200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.37 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.116.221.248 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: f8.dd.7434.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:14:800::1000 (Ashburn, United States)

ASN14777 (YAHOO, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2001 (United States)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2140:7a00:7:75d4:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.ribn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	postmedia.digital 1 redirects gcp-bc-785-ontariofarmer.gdev.postmedia.digital fem.prod.postmedia.digital — Cisco Umbrella Rank: 121799 smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 102338 smartcdn.prod.postmedia.digital — Cisco Umbrella Rank: 86700	570 KB
26	krxd.net 5 redirects cdn.krxd.net — Cisco Umbrella Rank: 1256 consumer.krxd.net — Cisco Umbrella Rank: 1549 usermatch.krxd.net — Cisco Umbrella Rank: 1214 beacon.krxd.net — Cisco Umbrella Rank: 408	186 KB
24	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	251 KB
21	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 static.doubleclick.net — Cisco Umbrella Rank: 356	189 KB
20	adsafeprotected.com cdn.adsafeprotected.com — Cisco Umbrella Rank: 3473 pixel.adsafeprotected.com — Cisco Umbrella Rank: 556 static.adsafeprotected.com — Cisco Umbrella Rank: 533 dt.adsafeprotected.com — Cisco Umbrella Rank: 484	217 KB
17	districtm.io 2 redirects hb.districtm.io — Cisco Umbrella Rank: 91020 cdn.districtm.io — Cisco Umbrella Rank: 2067 dmx.districtm.io — Cisco Umbrella Rank: 1407 dmx.us-east-34.districtm.io — Cisco Umbrella Rank: 18286	20 KB
16	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 281 s.amazon-adsystem.com — Cisco Umbrella Rank: 284	50 KB
13	rubiconproject.com 5 redirects eus.rubiconproject.com — Cisco Umbrella Rank: 541 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2741 token.rubiconproject.com — Cisco Umbrella Rank: 689 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1135 pixel.rubiconproject.com — Cisco Umbrella Rank: 312	18 KB
12	youtube.com www.youtube.com — Cisco Umbrella Rank: 92	797 KB
11	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 473 image6.pubmatic.com — Cisco Umbrella Rank: 595 simage2.pubmatic.com — Cisco Umbrella Rank: 552 image4.pubmatic.com — Cisco Umbrella Rank: 848 image2.pubmatic.com — Cisco Umbrella Rank: 1032 simage4.pubmatic.com — Cisco Umbrella Rank: 1179	26 KB
11	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 109	127 KB
11	googlesyndication.com f58beb23466913df738d0be754ce563b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124 pagead2.googlesyndication.com — Cisco Umbrella Rank: 100	97 KB
9	sharethrough.com 4 redirects match.sharethrough.com — Cisco Umbrella Rank: 637	2 KB
7	adsrvr.org 7 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	4 KB
6	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 690 ce.lijit.com — Cisco Umbrella Rank: 816	6 KB
6	everesttech.net 6 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 560	1 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	15 KB
6	mparticle.com jssdkcdns.mparticle.com — Cisco Umbrella Rank: 5618 identity.mparticle.com — Cisco Umbrella Rank: 2364 jssdks.mparticle.com — Cisco Umbrella Rank: 5364	48 KB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 138	3 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	80 KB
5	openx.net 1 redirects u.openx.net — Cisco Umbrella Rank: 710 us-u.openx.net — Cisco Umbrella Rank: 359	1 KB
5	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 283 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470 ads.yahoo.com — Cisco Umbrella Rank: 913	3 KB
5	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 546 www.linkedin.com — Cisco Umbrella Rank: 647 px4.ads.linkedin.com — Cisco Umbrella Rank: 5501	4 KB
4	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	4 KB
4	3lift.com 4 redirects eb2.3lift.com — Cisco Umbrella Rank: 389	1 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520 ssum.casalemedia.com — Cisco Umbrella Rank: 1337	3 KB
4	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 316 id.rlcdn.com — Cisco Umbrella Rank: 738	658 B
3	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 990	1 KB
3	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1557	13 KB
3	mathtag.com 3 redirects sync.mathtag.com — Cisco Umbrella Rank: 421	2 KB
3	google.ca adservice.google.ca — Cisco Umbrella Rank: 12419 www.google.ca — Cisco Umbrella Rank: 7861	1 KB
3	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 642	663 B
2	adform.net 1 redirects c1.adform.net — Cisco Umbrella Rank: 608	950 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	75 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 524	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	425 B
2	acuityplatform.com 2 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1208	1 KB
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 973	827 B
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 2804	475 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	114 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 106	16 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	148 KB
2	cloudfront.net d395dw5zk780j2.cloudfront.net	13 KB
1	ribn.com assets.ribn.com — Cisco Umbrella Rank: 70085	4 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 206	2 KB
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 770	518 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 745	656 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 797	554 B
1	postrelease.com 1 redirects jadserve.postrelease.com — Cisco Umbrella Rank: 1117	544 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 424	510 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 442	686 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 510	712 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 702	744 B
1	t.co t.co — Cisco Umbrella Rank: 487	335 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 537	457 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 630	6 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1098	2 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 2906	43 KB
1	lrcontent.com auth.lrcontent.com — Cisco Umbrella Rank: 47177	47 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 3811	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
267	61

	Domain	Requested by
26	gcp-bc-785-ontariofarmer.gdev.postmedia.digital	1 redirects gcp-bc-785-ontariofarmer.gdev.postmedia.digital
24	s0.2mdn.net	gcp-bc-785-ontariofarmer.gdev.postmedia.digital s0.2mdn.net
12	beacon.krxd.net	gcp-bc-785-ontariofarmer.gdev.postmedia.digital cdn.krxd.net
12	www.youtube.com	gcp-bc-785-ontariofarmer.gdev.postmedia.digital www.youtube.com
12	s.amazon-adsystem.com	1 redirects c.amazon-adsystem.com s.amazon-adsystem.com match.sharethrough.com ap.lijit.com u.openx.net cdn.districtm.io eus.rubiconproject.com ads.pubmatic.com
11	i.ytimg.com	gcp-bc-785-ontariofarmer.gdev.postmedia.digital www.youtube.com
10	dt.adsafeprotected.com	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
10	dmx.districtm.io	1 redirects hb.districtm.io cdn.districtm.io gcp-bc-785-ontariofarmer.gdev.postmedia.digital
9	match.sharethrough.com	4 redirects s.amazon-adsystem.com match.sharethrough.com
9	cm.g.doubleclick.net	7 redirects u.openx.net eus.rubiconproject.com
8	securepubads.g.doubleclick.net	gcp-bc-785-ontariofarmer.gdev.postmedia.digital securepubads.g.doubleclick.net www.googletagservices.com
7	match.adsrvr.org	7 redirects
6	sync-tm.everesttech.net	6 redirects
6	cdn.krxd.net	fem.prod.postmedia.digital cdn.krxd.net
6	sb.scorecardresearch.com	2 redirects fem.prod.postmedia.digital gcp-bc-785-ontariofarmer.gdev.postmedia.digital
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	pixel.rubiconproject.com	eus.rubiconproject.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	usermatch.krxd.net	5 redirects
5	www.google.com	1 redirects gcp-bc-785-ontariofarmer.gdev.postmedia.digital securepubads.g.doubleclick.net www.youtube.com tpc.googlesyndication.com
5	cdn.districtm.io	1 redirects hb.districtm.io cdn.districtm.io s.amazon-adsystem.com
5	pixel.adsafeprotected.com	cdn.adsafeprotected.com gcp-bc-785-ontariofarmer.gdev.postmedia.digital
4	static.adsafeprotected.com	pixel.adsafeprotected.com gcp-bc-785-ontariofarmer.gdev.postmedia.digital
4	token.rubiconproject.com	3 redirects eus.rubiconproject.com
4	ce.lijit.com	ap.lijit.com
4	ib.adnxs.com	4 redirects
4	eb2.3lift.com	4 redirects
4	identity.mparticle.com	jssdkcdns.mparticle.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	smartcdn.gprod.postmedia.digital	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
4	c.amazon-adsystem.com	gcp-bc-785-ontariofarmer.gdev.postmedia.digital c.amazon-adsystem.com
3	image2.pubmatic.com	ads.pubmatic.com
3	simage2.pubmatic.com	ads.pubmatic.com
3	us-u.openx.net	u.openx.net
3	px.owneriq.net	2 redirects ap.lijit.com
3	ml314.com	1 redirects gcp-bc-785-ontariofarmer.gdev.postmedia.digital ml314.com
3	sync.mathtag.com	3 redirects
3	idsync.rlcdn.com	2 redirects gcp-bc-785-ontariofarmer.gdev.postmedia.digital
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.youtube.com
3	p.adsymptotic.com	1 redirects gcp-bc-785-ontariofarmer.gdev.postmedia.digital ads.pubmatic.com
3	px.ads.linkedin.com	3 redirects
3	consumer.krxd.net	cdn.krxd.net
3	smartcdn.prod.postmedia.digital	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	c1.adform.net	1 redirects ads.pubmatic.com
2	pr-bh.ybp.yahoo.com	1 redirects u.openx.net
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	ssum.casalemedia.com	2 redirects
2	ap.lijit.com	1 redirects s.amazon-adsystem.com
2	u.openx.net	1 redirects s.amazon-adsystem.com
2	eus.rubiconproject.com	s.amazon-adsystem.com eus.rubiconproject.com
2	ads.pubmatic.com	s.amazon-adsystem.com ads.pubmatic.com
2	ssum-sec.casalemedia.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	www.google.ca	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
2	www.facebook.com	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
2	ums.acuityplatform.com	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	api.sail-personalize.com	ak.sail-horizon.com
2	connect.facebook.net	gcp-bc-785-ontariofarmer.gdev.postmedia.digital connect.facebook.net
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	www.googletagmanager.com	fem.prod.postmedia.digital
2	d395dw5zk780j2.cloudfront.net	fem.prod.postmedia.digital d395dw5zk780j2.cloudfront.net
1	jssdks.mparticle.com	jssdkcdns.mparticle.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	assets.ribn.com	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	id.rlcdn.com	eus.rubiconproject.com
1	ads.yahoo.com	eus.rubiconproject.com
1	ad.turn.com	1 redirects
1	um.simpli.fi	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	pippio.com	1 redirects
1	pixel-us-east.rubiconproject.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	pixel-eu.rubiconproject.com	1 redirects
1	jadserve.postrelease.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	aa.agkn.com	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
1	stags.bluekai.com	1 redirects
1	f58beb23466913df738d0be754ce563b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	dmx.us-east-34.districtm.io	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
1	p.rfihub.com	1 redirects
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ca	securepubads.g.doubleclick.net
1	t.co	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
1	analytics.twitter.com	static.ads-twitter.com
1	px4.ads.linkedin.com	1 redirects
1	www.linkedin.com	1 redirects
1	static.ads-twitter.com	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
1	snap.licdn.com	www.googletagmanager.com
1	jssdkcdns.mparticle.com	fem.prod.postmedia.digital
1	fem.prod.postmedia.digital	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
1	ak.sail-horizon.com	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
1	auth.lrcontent.com	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
1	www.npttech.com	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
1	fonts.googleapis.com	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
1	cdn.adsafeprotected.com	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
1	hb.districtm.io	gcp-bc-785-ontariofarmer.gdev.postmedia.digital
267	101

This site contains links to these domains. Also see Links.

Domain
ofoffers.ca
www.remembering.ca
shopping.ontariofarmer.com
www.businesswire.com
www.newsfilecorp.com
www.globenewswire.com
7c1e077b.flowpaper.com
www.facebook.com
twitter.com
www.postmediasolutions.com
adregistry.postmedia.com
www.postmedia.com

Subject Issuer	Validity	Valid
Kubernetes Ingress Controller Fake Certificate Kubernetes Ingress Controller Fake Certificate	`2022-02-02` - `2023-02-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.adsafeprotected.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
ak.sail-horizon.com Amazon	`2022-01-06` - `2023-02-02`	a year	crt.sh
fem.prod.postmedia.digital Amazon	`2021-11-08` - `2022-12-06`	a year	crt.sh
smartcdn.gprod.postmedia.digital GTS CA 1D4	`2021-12-16` - `2022-03-16`	3 months	crt.sh
*.prod.postmedia.digital Amazon	`2022-01-15` - `2023-02-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
jssdkcdns.mparticle.com R3	`2021-12-27` - `2022-03-27`	3 months	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
identity.mparticle.com Go Daddy Secure Certificate Authority - G2	`2021-07-07` - `2022-08-08`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-12` - `2022-02-10`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
api.sail-personalize.com Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-24` - `2022-03-23`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-03-24` - `2022-03-23`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.google.ca GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.ml314.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.ribn.com Amazon	`2021-09-20` - `2022-10-19`	a year	crt.sh
jssdks.mparticle.com R3	`2021-12-27` - `2022-03-27`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Frame ID: A0BFD1C4F51526604C5F0BF5667D44DF
Requests: 116 HTTP requests in this frame

Frame: https://d395dw5zk780j2.cloudfront.net/v49.3/xd.html
Frame ID: 0D0C3B8DB9121ACD22ABCE9A0081BD46
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: D601B4FDD4365BFB5D80A594F76D1E30
Requests: 9 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 0EA1EC90E14A4DE1642204AF84F7E402
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Frame ID: C0FC9D2D064B7F6954233E28A1E980F6
Requests: 1 HTTP requests in this frame

Frame: https://f58beb23466913df738d0be754ce563b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B6B7E60F230D23426123094C7A94686E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3A5D1574E536825E32C9D2A11453CEBE
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 46492AC7A748CAD3AD141BA82CD9FA33
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/6kfv6OjkAPo?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y%2CQkT6LepK8mg&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253DIAS_UNSCORED_PG%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp2932617955798506941%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
Frame ID: CC254605BEC4FB3D40B45E8CF38D0AF7
Requests: 19 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: E412A46C31CA08FAFED5605BC1941679
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: E1C7FB8D55E0618AD0599098B96EE95B
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 26AA1D20C5C78ED069295A0FE0F8B1A6
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: DBAFC3FFBEA6E85206D5ED176C04C49C
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=2184349593536315459&ex=districtm
Frame ID: 21E64C579CF7C11A8888E82AC97E4B05
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=2184349593536315459&ex=appnexus.com
Frame ID: 276B71EDD625B5F51CDF8878136BEF75
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 92F60FB1089F922D495B3A59D473013D
Requests: 7 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Frame ID: ADF974CBB9CF144FA14040AFB69745CE
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3037751682814284874272
Frame ID: F24887CF0D6610B48CDC7F89E0A45DD8
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4811995650&chanId=21809871911&placementId=5887549810&pubCreative=138378392442&pubOrder=2967171286&cb=93229263&custom=index&custom2=1&adsafe_par&impId=363a09f6-8461-11ec-8946-028169c47751
Frame ID: B25F2DB4C8DEFA27810867334BD58528
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUrsTV9RnZyIc6A9nhPizf1oNXRH8PmAAZsAef7PstA9_-W1Rbb25V_kQSwi8xjLmQNc-M-U92m1gL9yCk7WgJaUsVXcbikCRIZUfTyX0e_W9IQa2u0cU7FvIySytQ3eP5Jo5ZVN2uAr2JEYbTuU1vaDh3qheDTMJnL9MUnT4DV69vmuUzbusT6DI3wa6Of5c41kZA6cglI3G5vtWN_pHQ32Egu7L2ThJvXm1l0DVrtYMh_2cpPA57RYfszn6lktmbfyMJt32NaAfmSlQQ4SpzJFkqM1TH4hqnhfIddmsmNakePyOEEfXTOm0xWvzhcG8o4fxdxUCs_dFbaZB9EUMAq-4OMiM4Mdkbh7uE1QYAVpK0IZ34Ff-h&sai=AMfl-YRTMKdrsX_FDP0nNiI_rFA-vFqsUpZjElhHzvldWMTbNPMC6Zy435V5a13XCxCK56caB55Gduo6DM0KrWiTUM1kkR_RLq2LTeA4a_uwoUI-7xM5igWunCyKLP4bgAMooXL4MmnKBINfRXFcS_l-WRo&sig=Cg0ArKJSzKTy08wXQnyOEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B3B0E8A758B29D05A45BBC36087B7F93
Requests: 7 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=5100623217&chanId=21809871911&placementId=5897428233&pubCreative=138378998954&pubOrder=2973321011&cb=1388661384&custom=index&custom2=2&adsafe_par&impId=363a09f7-8461-11ec-8946-028169c47751
Frame ID: 5C213922F25B313ECC329DC1BF9B476E
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXUYeF5Ag8KkvpSqOeDQNcQB8TYVBt40uRNT5BCc75l6vsbNRCm3TmB3DQSRlLN6iWYKjfcKaeUvgxIomcovz8zst0hgahrJO4pn6zCk4q6jszjpRkNQTKSeetaznWxgLQpWENxAikjQ7gPMuNpoUzgInb6FN5K6wrNYpDCGOKHxhewn9koAj4rYZlrifX94RPRN1QCYtdc9VPCGrKA5D59hMAexV_dxTh7oFqbVKKVjlBJz9qumoND-jSnEXdlu4u5vKXVrzlUyLst3GOjziXFH3Q63Dv7nZF9UyeXTHYUuTTbPbRtOMJ1cNqENclqTa5zCA801T3bOrY26EfqkGvSq4M9OfOqtEQ6cRGrEzEguBaTHXFLQrS&sai=AMfl-YQsOpn5STg_pnu8JBi9JK36he9Ko50wHyn7k8g8in5D_Rf00-ip_iG43aG0vLoAcG2Wr4XDo29mjmiag85qQV_7dsn61MDeXKP3vlFYqZ2qcTn-884RxHWs1twcpkjqWfIJg4gOLpxCR7VwNoBVQkA&sig=Cg0ArKJSzDluq_YXYeUiEAE&uach_m=[UACH]&adurl=
Frame ID: 1F4B53A60BA4CBF488988756E3251786
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
Frame ID: 8318990D0A4C45794AE491C9574894EB
Requests: 22 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D6B2E08D-B04D-44E3-BC9F-E33DD80F5DDF
Frame ID: 7AF0B851ACF8B844900088CAAA0BDFD4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfrgQQADOAERNQAy&gdpr=0&gdpr_consent=
Frame ID: E3583E2E5DBD42067F3860F9AC70BF2C
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=D6B2E08D-B04D-44E3-BC9F-E33DD80F5DDF&ex=pubmatic.com
Frame ID: 8B95E130CCEE6A14F2E991F96E747A98
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 8203D368396E181C3D42C3983AC7CA33
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 0B07F7AF4C8D69B9957EFC091098B237
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 468DC3832803323E696FD80A715E5EB8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C4EAE0767762A561F8D725911E5CE52E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Ontario FarmerOntario Farmer

Page URL History Show full URLs

http://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/ HTTP 308
https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

267
Requests

72 %
HTTPS

36 %
IPv6

61
Domains

101
Subdomains

69
IPs

5
Countries

3190 kB
Transfer

9832 kB
Size

98
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://ofoffers.ca/
Title: Subscribe

Search URL Search Domain Scan URL

URL: http://www.remembering.ca/about/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://shopping.ontariofarmer.com/
Title: London

Search URL Search Domain Scan URL

URL: https://www.businesswire.com/
Title: Promoted By Business Wire

Search URL Search Domain Scan URL

URL: https://www.newsfilecorp.com/
Title: Promoted By Newsfile

Search URL Search Domain Scan URL

URL: https://www.globenewswire.com/
Title: Promoted By GlobeNewswire

Search URL Search Domain Scan URL

URL: https://7c1e077b.flowpaper.com/Shopper/
Title: Ontario Farmer Shopper November 9, 2021

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OntFarmerNews/

Search URL Search Domain Scan URL

URL: https://twitter.com/OntFarmerNews

Search URL Search Domain Scan URL

URL: https://www.postmediasolutions.com/contact-us/
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://adregistry.postmedia.com/
Title: Digital Ad Registry

Search URL Search Domain Scan URL

URL: https://www.postmedia.com/brands

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/ HTTP 308
https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1643831360083&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1643831360083&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&c9=

Request Chain 77

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1643831360462&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1643831360462&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1747836%26time%3D1643831360462%26url%3Dhttps%253A%252F%252Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1643831360462&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1643831360462&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true&e_ipv6=AQIlTysZAAu4WwAAAX67-_zzNZ6IRPSRlEQ1txeIjhdHZtSP8b68lZKAkjKumJP1249Q21a8 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=00f8206e-2672-4139-9d42-68605189e23d HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=00f8206e-2672-4139-9d42-68605189e23d&_expected_cookie=f81a0735ffada8c35d4f5476379c7624

Request Chain 82

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t

Request Chain 86

https://p.rfihub.com/cm?pub=36496&in=1 HTTP 302
https://dmx.districtm.io/s/10056/1813050709796821211

Request Chain 87

https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=&verify=true HTTP 302
https://dmx.districtm.io/s/10057/y-vTkEmZdE2uHvyR7eT8FY_N0524iauqCzE2dmtj4-~A

Request Chain 88

https://sync.srv.stackadapt.com/sync?nid=132 HTTP 302
https://dmx.districtm.io/s/10026/YxxEPfW8SRZpt6nkqKZAsZU4mbw

Request Chain 89

https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___ HTTP 302
https://dmx.districtm.io/s/10022/644504955137

Request Chain 90

https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-34.districtm.io/s/10016/$%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/1477?redir=https%3A//dmx.us-east-34.districtm.io/s/10016/$%7BTM_USER_ID%7D&_test=YfrgQQADOAERNQAy HTTP 302
https://dmx.us-east-34.districtm.io/s/10016/YfrgQQADOAERNQAy&_test=YfrgQQADOAERNQAy

Request Chain 105

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580448699/?random=1019932914&cv=9&fst=1643831360470&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=882856729.1643831360&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QOD6YZOSIIf6Mb7RkpAM&sscte=1&crd=&eitems=ChAIgPTojwYQ_9uC68z7kqkoEh0Ax5ixP-cWRxpGeZuHB5foXx3auE9TDpjWmEF9Aw HTTP 302
https://www.google.com/pagead/1p-conversion/580448699/?random=1019932914&cv=9&fst=1643831360470&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=882856729.1643831360&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QOD6YZOSIIf6Mb7RkpAM&eitems=ChAIgPTojwYQ_9uC68z7kqkoEh0Ax5ixP96xUvzmEm4Z0XqY7JplRwJijaB5liPNtg&random=2654916561&resp=GooglemKTybQhCsO HTTP 302
https://www.google.ca/pagead/1p-conversion/580448699/?random=1019932914&cv=9&fst=1643831360470&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=882856729.1643831360&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QOD6YZOSIIf6Mb7RkpAM&eitems=ChAIgPTojwYQ_9uC68z7kqkoEh0Ax5ixP96xUvzmEm4Z0XqY7JplRwJijaB5liPNtg&random=2654916561&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 112

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T281ZDlQMHI HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPZVCA0QdijzPFCnyQUowIk&google_cver=1

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T281ZDlQMHI HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPZVCA0QdijzPFCnyQUowIk&google_cver=1

Request Chain 115

https://stags.bluekai.com/site/26357?id=Oo5d9P0r&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOo5d9P0r%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
https://beacon.krxd.net/usermatch.gif?_kuid=Oo5d9P0r&partner=bluekai&bk_uuid=$_BK_UUID

Request Chain 117

https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D HTTP 302
https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YfrgQQADOAERNQAy

Request Chain 118

https://usermatch.krxd.net/um/v2?partner=beeswax HTTP 302
https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=Oo5d9P0r HTTP 303
https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=Oo5d9P0r&_bee_ppp=1 HTTP 303
https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACur07D9cEAAGxNrR7PhA

Request Chain 119

https://usermatch.krxd.net/um/v2?partner=mediamath HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=Oo5d9P0r&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=9ae061fa-e041-4b00-925c-d6bd5330343a

Request Chain 121

https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Oo5d9P0r

Request Chain 122

https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YfrgQYYQiCCi6db-edHtygAA%26987

Request Chain 123

https://sync.srv.stackadapt.com/sync?nid=salesforce HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=YxxEPfW8SRZpt6nkqKZAsZU4mbw

Request Chain 124

https://usermatch.krxd.net/um/v2?partner=triplelift&gdpr=0&cmp_cs=&us_privacy=undefined HTTP 302
https://eb2.3lift.com/xuid?mid=3587&xuid=Oo5d9P0r&dongle=13b2&rdir=https://beacon.krxd.net/usermatch.gif?partner%3Dtriplelift%26partner_uid%3D$UID&gdpr=0&cmp_cs=&us_privacy=undefined HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=3587&xuid=Oo5d9P0r&dongle=13b2&gdpr=0&cmp_cs=&us_privacy=undefined&rdir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dtriplelift%26partner_uid%3D%24UID HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=3037751682814284874272

Request Chain 133

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Request Chain 134

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm HTTP 302
https://s.amazon-adsystem.com/ecm3?id=2184349593536315459&ex=districtm

Request Chain 135

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=2184349593536315459&ex=appnexus.com

Request Chain 136

https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1

Request Chain 137

https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D HTTP 301
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D

Request Chain 138

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3037751682814284874272

Request Chain 140

https://ml314.com/csync.ashx?fp=Oo5d9P0r&person_id=3624862461483548697&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3624862461483548697 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3624862461483548697

Request Chain 143

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=33110dd9-1b59-410c-abc5-f076108cd5fa&gdpr=0&gdpr_consent=

Request Chain 144

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=33110dd9-1b59-410c-abc5-f076108cd5fa&gdpr=0&gdpr_consent=

Request Chain 145

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__ HTTP 302
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YfrgQYYQiCCi6db-edHtygAA%26987

Request Chain 146

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__ HTTP 302
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YfrgQYYQiCCi6db-edHtygAA%26987

Request Chain 153

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=l1eRi8RWw9uMXpWLxQTa38dTlImMA8XZl1Z_Q92p

Request Chain 154

https://ums.acuityplatform.com/tum?umid=27&uid=dfcd23d4f91ca4530438c695&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=66&3pid=644504955137

Request Chain 155

https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6971177611306531574&ref=%2Feucm%2Fp%2Fsv HTTP 302
https://px.owneriq.net/fr/epx.gif

Request Chain 156

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=90&3pid=0f49997a-51ca-4847-a37f-8b7704221280&gdpr=0&gdpr_consent=

Request Chain 157

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=83&3pid=KZ5YR0LU-T-6RFE&gdpr=0

Request Chain 159

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YfrgQQADOAERNQAy

Request Chain 161

https://match.adsrvr.org/track/cmf/openx?oxid=2836b9a5-f06e-3306-5b9a-8a85d1a6a3d6&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=33110dd9-1b59-410c-abc5-f076108cd5fa&ttd_puid=2836b9a5-f06e-3306-5b9a-8a85d1a6a3d6

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPPIpwZPEDQ6smPUDiIeOFs&google_cver=1

Request Chain 181

https://dmx.districtm.io/s/v1/users/10002 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUmFTRzlDY2s5dFJVc3hjRkEyY2tnMlJFa3hkbkI1WkhNMCJ9.U55JhjeU8jycVNWWAk4OW7yNe4MicWGaSEI-Ew-fxF0_b5tqDLLEOqUd2B0SCQWHi8I_rshbUdok6-6DA97GRA

Request Chain 183

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KZ5YR0AV-1K-JTNX HTTP 302
https://s.amazon-adsystem.com/ecm3?id=KZ5YR0AV-1K-JTNX&ex=d-rubiconproject.com&status=ok

Request Chain 185

https://c1.adform.net/serving/cookie/match?party=14&cid=D6B2E08D-B04D-44E3-BC9F-E33DD80F5DDF HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D6B2E08D-B04D-44E3-BC9F-E33DD80F5DDF

Request Chain 186

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfrgQQADOAERNQAy&gdpr=0&gdpr_consent=

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1rLgjbBNROO8n-M92A9d3w%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 189

https://idsync.rlcdn.com/420486.gif?partner_uid=D6B2E08D-B04D-44E3-BC9F-E33DD80F5DDF HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEQ2QjJFMDhELUIwNEQtNDRFMy1CQzlGLUUzM0REODBGNURERhAAGg0IwcDrjwYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=090cd6c536fd2dddda1e93763c31e6747ad11ad3c0d7361a0a29e88e8aedb3ac791426b5417dce21&_=2 HTTP 307
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d

Request Chain 190

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9ae061fa-e041-4b00-925c-d6bd5330343a

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDZCMkUwOEQtQjA0RC00NEUzLUJDOUYtRTMzREQ4MEY1RERG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAqDp_MQxb5_QkUMIFIR6L0&google_cver=1

Request Chain 193

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3D51347408CC40D7BB6EE1AF4172DDBC

Request Chain 194

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3908086959649085956&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 195

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=33110dd9-1b59-410c-abc5-f076108cd5fa

Request Chain 197

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9ae061fa-e041-4b00-925c-d6bd5330343a&expires=28

Request Chain 198

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/AjQ7JtMFLOtczdl9I0sB1sn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1398967750230874303

Request Chain 199

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzhiOGJjYWZjYzNhMzJhZDcwMTQ0Y2YwZjk0YzM0MDBkYWYzZDhhYg

Request Chain 200

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ5YR0AV-1K-JTNX&sigv=1&esig=2~53d03411a9b02294a242bc18d72728cba01e4051

Request Chain 202

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=33110dd9-1b59-410c-abc5-f076108cd5fa&gdpr=0&gdpr_consent=&expires=30

Request Chain 203

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfrgQQADOAERNQAy

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHBG5X6iJB3-UVF6bb9GNkQ&google_cver=1

Request Chain 242

https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

267 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Redirect Chain

http://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

630 KB
188 KB

3835ms
3806ms

Document
text/html

34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

24a45d59abbd870a878333929905816419eeea7bf302f44c39f487aabb706752

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Wed, 02 Feb 2022 19:49:18 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding user-agent
expires: Wed, 02 Feb 2022 19:54:18 GMT
cache-control: max-age=300
x-frame-options: SAMEORIGIN
x-pmd-backend: cheetah-nginx
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains

Redirect headers

Date: Wed, 02 Feb 2022 19:49:14 GMT
Content-Type: text/html
Content-Length: 164
Connection: keep-alive
Location: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 95ms
46ms Script
text/javascript 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

sffe /

Resource Hash

f95eb1f3cb1dbf2e5687a3f8422611bb45e64aa82a6e7dae0b1b3b6c5a68908d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27309
x-xss-protection: 0
server: sffe
etag: "1120 / 637 of 1000 / last-modified: 1643803743"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 02 Feb 2022 19:49:19 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 60ms
20ms Script
application/javascript 13.225.71.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.71.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-71-80.ewr53.r.cloudfront.net
Software: Server /
Resource Hash: c7360a9b46fde11845b3090ca0034fb409d92398a71f3ae15fac3a2fa29ae6cc

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: GzCVpXkwVbKPnWWiNgpDCABi9Jbs4BMI
content-encoding: gzip
etag: a89a0f9aa62d9c46ee287cd1f0b6423d
age: 76156
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0T3ZJH20X9YMK9WGS44J
date: Wed, 02 Feb 2022 00:03:59 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: EWR53-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: YuydH4ndTNBvqnjJuNl7J88rt2YmWPWQVNVcgwuMi2b1gtlUKpG-NA==

GET
H2 200 all.postmedia.js Show response
hb.districtm.io/prod/100549/ 36 KB
13 KB 125ms
77ms Script
application/javascript 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:19 GMT
via: 1.1 3500217a9615be8281152e7c88016d27.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 169
x-cache: Miss from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Thu, 10 Dec 2020 10:37:54 GMT
server: cloudflare
etag: W/"5f2e83162e71fb84bb30df8f49e91eee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=43200
x-amz-cf-pop: YTO50-C3
cf-ray: 6d75f12b3e1c548b-YYZ
x-amz-cf-id: oMLzit6jFwj77cuISbncmYKu6Otu__klaSHlOdizxtKrKjCVudcWUg==
expires: Thu, 03 Feb 2022 07:49:19 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
22 KB 62ms
20ms Script
application/javascript 52.85.61.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-78.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 16:18:29 GMT
Via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
Age: 444651
ETag: "51636de3ce868a2172f9e6996c2934e0"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=604800
X-Amz-Cf-Pop: EWR53-P1
Accept-Ranges: bytes
Content-Length: 22521
X-Amz-Cf-Id: hWxtCAIjDrRGsyIjO2zm4DSl39zH7Xe3BvAcMP5UUJEW09w2geruiQ==

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 85ms
35ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa8c4f5924fd06cbaf5c65fac729f0c3207d1f70534b07fc0915948c41b29d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 19:39:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Feb 2022 19:49:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Feb 2022 19:49:19 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 114ms
47ms Script
application/javascript 2606:4700:3032::ac43:c0b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c0b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4563
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: JNMEQGQ9NJ9E6X1S
x-amz-id-2: fxImh/8M8kos4PfArLZQ66EMsMP9XUBIudAFPFkNaHH9tQrUf3+tzsmbOphXS4daZ7ig6eUbrKc=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rS8%2BP8YxIbBI31nwhOOblQ5Myy%2F8CJ4WmjKBhRuYzJ%2FQO9GJFo2CVCyUGAnDsQ%2Bn0UiQDB2%2FpT2wsU%2F9EEvD7Rd3UgyIx1n0XSca9iE7mat5UQfAdHZ%2Fc7LNJK8GR2gneBkbG0Wl%2FCcf67pX2Pg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 6d75f12c0a6b4bbf-YUL

GET
H2 200 LoginRadiusV2.js Show response
auth.lrcontent.com/v2/js/ 199 KB
47 KB 69ms
29ms Script
application/javascript 2606:4700:10::ac43:835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.lrcontent.com/v2/js/LoginRadiusV2.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:835 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:19 GMT
via: 1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 177
cf-polished: origSize=1238069
x-cache: Miss from cloudfront
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 05:19:58 GMT
server: cloudflare
etag: W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age= 63072000; includeSubdomains; preload
content-type: application/javascript
cache-control: max-age=14400
x-amz-cf-pop: EWR52-C3
cf-ray: 6d75f12b3f537136-YUL
x-amz-cf-id: UKx_SLTr25mJR9OxZ3Jl1iZpjZMyCaPjbVBPFMpyn7yVrNt_E6CAIg==
cf-bgj: minify

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 121 KB
43 KB 62ms
20ms Script
application/javascript 13.225.63.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-82.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:11 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 04:22:34 GMT
server: AmazonS3
age: 9
etag: W/"b22b4f4738e8722be1636447be239da2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 92f8ba2eac28a12283a77bc938ff1728.cloudfront.net (CloudFront)
cache-control: max-age=600; must-revalidate
x-amz-cf-pop: EWR53-C1
x-amz-cf-id: xskdoELpuWq4DaJ35yHAKyS9Mg3tNEVm4or8ZTc6igEU4RxWPYjT4w==

GET
H2 200 fem.js Show response
fem.prod.postmedia.digital/v49.3/ 278 KB
83 KB 159ms
117ms Script
application/javascript 13.225.214.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fem.prod.postmedia.digital/v49.3/fem.js
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-33.ewr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dfdc1f05ccfc2cb2352ee1b2a6a0988d1525f7c67cb966dce430ae8c4231245d

Request headers

Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:20 GMT
content-encoding: gzip
last-modified: Fri, 07 Jan 2022 18:28:01 GMT
server: AmazonS3
x-amz-cf-pop: EWR50-C1
etag: W/"708d585ae8d9402a0a8a0f2ba56ac386"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31536000
x-cache: Miss from cloudfront
x-amz-cf-id: zHjcgJejj-Bw2PzmgE7wYFemUPcyt1UrwldgW4RpkbqFN6RePjnYpw==
via: 1.1 04d5f6961d9b76b97c908d8ed9816378.cloudfront.net (CloudFront)

GET
H2 200 CD_Winter-Scene.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2022/01/ 32 KB
32 KB 50ms
20ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2022/01/CD_Winter-Scene.jpg?quality=90&strip=all&w=466&type=webp
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: 4910659dc839049030cd900a2fba16b8b73872cbdc04bf71c494b0c0512edef4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester: nexus
date: Tue, 01 Feb 2022 15:14:54 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
age: 102865
etag: "381af7f1ed861f0d0c47f3e75268eb56ba0741dd"
vary: Accept
content-type: image/webp
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-9rpnw
alt-svc: clear
content-length: 32578

GET
H2 200 business-wire-logo.svg
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common/ 11 KB
4 KB 15ms
13ms Image
image/svg+xml 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common/business-wire-logo.svg

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

7fb15552a88b764ca42963e71136255cecf99c6bccc6fdc68fbe0f930a516cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:58:55 GMT
etag: W/"61fac65f-2b6a"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 Newsfile-High-Res.png
smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/04/ 13 KB
13 KB 95ms
29ms Image
image/webp 13.225.63.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/04/Newsfile-High-Res.png
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-43.ewr53.r.cloudfront.net
Software: nginx/1.19.10 /
Resource Hash: 7720a0f40d088f144d749c07f075b8dfdc84afd25900a59045fe6c29d0fc5090

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester: nexus
date: Tue, 04 May 2021 23:36:37 GMT
via: 1.1 978e367a2ce2a1259e8f24bc2370ca50.cloudfront.net (CloudFront)
server: nginx/1.19.10
age: 23659962
etag: "58a1b532378c9a60bc8df47534dea7218beaf9a0"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
x-amz-cf-pop: EWR53-C1
x-pmd-smart-cdn-proxy: da21880a3f69
content-length: 13064
x-amz-cf-id: -HwZbc3leU3ewqJcYpyQnpETTS2tqJ25xooDikGrHKHaOLV4slMC8w==
expires: Wed, 04 May 2022 23:36:37 GMT

GET
H2 200 globe-newswire.svg
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common/ 14 KB
4 KB 24ms
23ms Image
image/svg+xml 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common/globe-newswire.svg

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

ca157b8a9c98a19c0446a974ea642d13e3b3398f328d312fd474df9f63c45fe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:58:55 GMT
etag: W/"61fac65f-3750"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 icon-soc-fb.svg
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/share-icons/ 775 B
692 B 13ms
11ms Image
image/svg+xml 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/share-icons/icon-soc-fb.svg

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:58:55 GMT
etag: W/"61fac65f-307"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 icon-soc-tw.svg
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/share-icons/ 2 KB
1 KB 13ms
12ms Image
image/svg+xml 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/share-icons/icon-soc-tw.svg

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:58:55 GMT
etag: W/"61fac65f-6a2"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 shared.8beb132a751b.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/ 24 KB
10 KB 24ms
23ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.8beb132a751b.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

8beb132a751bf7fdfd70084935bcd73065ba507d0210fe7b2365d19941a81bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:58:59 GMT
etag: W/"61fac663-5e1d"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 main.0b93db8d9084.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/ 95 KB
31 KB 33ms
32ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/main.0b93db8d9084.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

0b93db8d9084f4d447ad44bc0517ae517c735507636add991dcfa41aac220127

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:58:59 GMT
etag: W/"61fac663-17d3b"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
DATA 200
OK truncated
/ 128 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23d00276404c2322c5d3bb27f5e930b67f81bc964189b36b028ab1521a5929db

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 256 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 86ms
24ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 07:38:42 GMT
x-content-type-options: nosniff
age: 389437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 29 Jan 2023 07:38:42 GMT

GET
H2 200 icon-generic-play.svg
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common-icon/ 1 KB
855 B 16ms
14ms Image
image/svg+xml 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common-icon/icon-generic-play.svg?1b1eefbdf26b

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:58:55 GMT
etag: W/"61fac65f-443"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v24/ 15 KB
15 KB 99ms
45ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v24/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:30:01 GMT
x-content-type-options: nosniff
age: 1158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:19:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:30:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 57ms
29ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 08:30:30 GMT
x-content-type-options: nosniff
age: 559129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 27 Jan 2023 08:30:30 GMT

GET
H2 200 xd.html Show response
d395dw5zk780j2.cloudfront.net/v49.3/ Frame 0D0C 167 B
516 B 72ms
19ms Document
text/html 2600:9000:21ec:9000:8:f216:eb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d395dw5zk780j2.cloudfront.net/v49.3/xd.html
Requested by: Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v49.3/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ec:9000:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0fbc907061b6169dcb1fb510d8e037414886f7c2d0782747392db7c423b89116

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Response headers

content-type: text/html
content-length: 167
date: Mon, 10 Jan 2022 07:00:26 GMT
last-modified: Fri, 07 Jan 2022 18:28:01 GMT
etag: "2b729af275b2d9cef65cdefa704be2dd"
cache-control: max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ab00cdb05d9e58b648b9b6b09875b196.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
x-amz-cf-id: 57Y1x7it-xxovDAd_2AThrLPleFXkbPpnOKgNAi00dZAQiIfBKi8TQ==
age: 2033334

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 472 KB
106 KB 93ms
39ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer

Requested by

Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v49.3/fem.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3807264035aecd2c6a31b146e19e85e68fb62eb21d04ab6849824c7f9335448b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107999
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Feb 2022 19:49:19 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 60ms
18ms Script
application/javascript 13.33.46.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v49.3/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.46.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-46-48.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 05:11:59 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 52653
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c7f2e710eb5e4c599a030513a5a7ed22.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: Io1q1gnMRftcYD3xYZ0QHIvsrrczcF1uuiIOX6gL2qu1asm-s3-88g==

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/ 184 KB
48 KB 44ms
14ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Requested by: Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v49.3/fem.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 34c4351e0ce42542bb0657355bfd91b4cb376ffce3bfc7de9ab1be8652124e3e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:19 GMT
via: 1.1 varnish, 1.1 varnish
age: 2525
x-origin-name: fastlyshield--shield_ssl_cache_iad_kjyo7100144_IAD
x-cache: HIT, HIT
x-cache-hits: 1, 2
content-encoding: gzip
content-length: 48359
x-served-by: cache-iad-kjyo7100144-IAD, cache-yul12830-YUL
server: Kestrel
x-timer: S1643831360.698600,VS0,VE0
vary: Accept, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 02 Feb 2022 20:07:14 GMT

GET
H2 200 uthtxmddg.js Show response
cdn.krxd.net/controltag/ 29 KB
7 KB 38ms
11ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/uthtxmddg.js
Requested by: Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v49.3/fem.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 76a237b880fbfc8ac655e91dcf5c9af3b44ccc506c69328409b4047d72519eea

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 02 Feb 2022 19:49:19 GMT
via: 1.1 varnish, 1.1 varnish
age: 292
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 6471
x-served-by: config-service-a005-ash-prod.krxd.net, cache-iad-kiad7000078-IAD, cache-yul12824-YUL
x-response-time: 0
x-do-esi: esi
x-timer: S1643831360.695311,VS0,VE0
etag: "8d8408c6b02eb41f93710c678ece74490c4f6485"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 19

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
42 KB 46ms
35ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer

Requested by

Host: fem.prod.postmedia.digital
URL: https://fem.prod.postmedia.digital/v49.3/fem.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

166b06e63d1525b36173f7a22ae9e37705e29932b009543e03a97946fd1017dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42998
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Feb 2022 19:49:19 GMT

GET
H2 200 pubads_impl_2022012701.js Show response
securepubads.g.doubleclick.net/gpt/ 355 KB
120 KB 21ms
19ms Script
text/javascript 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

sffe /

Resource Hash

97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 03:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58497
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122333
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 09:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Feb 2023 03:34:22 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 126 B
138 B 71ms
39ms XHR
application/json 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gcp-bc-785-ontariofarmer.gdev.postmedia.digital

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

3fe81c235530b0377e51de97148adceae2f8693488dd4cc240cbbaab7e9db4b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
expires: Wed, 02 Feb 2022 19:49:19 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
325 B 33ms
27ms XHR
text/plain 13.225.71.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.71.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-71-80.ewr53.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:19 GMT
via: 1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: K4DfHpyxzxeZDcgA4FUF2pllGxxomgsa4RH0sI-jXMyhE3MBxKbWng==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 109ms
65ms XHR
application/javascript 13.225.71.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.71.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-71-80.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:20 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
via: 1.1 5ec6b37107376867228d2ed46a794602.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
content-type: application/javascript
x-amz-cf-id: FMaVh14WUCAhh_nzP78uNjSwRno31xdNJSHGKjgPoxH8hLbFMGpGww==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 2 KB
2 KB 95ms
31ms XHR
application/json 35.170.223.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-1,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-8,ss:%5B5.5%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&slot=%7Bid:ad-10,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=c15c41b4-7615-6db7-b590-96d33d75bfe8&url=https%253A%252F%252Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.223.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-223-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c26c7c1a018d2bbfd594f87c5bf5777229dce6949ccf0144a45bcb035a9abf02

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:19 GMT
x-server-name: app03.va.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 884f8a63d4124a85c5dd0.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 7 KB
3 KB 13ms
12ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/884f8a63d4124a85c5dd0.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.8beb132a751b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

8efc268132d526206d433febe50d279a657513bcf23a6b6a527f84811c6ba6c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:57:36 GMT
etag: W/"61fac610-1cff"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 5bb5d2f828b2dbccd0af1.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 18 KB
6 KB 13ms
11ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/5bb5d2f828b2dbccd0af1.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.8beb132a751b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

1497c2deda8954f8b1eb298e6d80fd5a025c55bf3c679ea7c99dfbac50b4103a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:57:36 GMT
etag: W/"61fac610-47a1"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 639f60171e06f45a25258.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 12 KB
4 KB 22ms
18ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/639f60171e06f45a25258.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.8beb132a751b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

081417696c4bc8c61ab42ec11a63db18893fa9372a66935c5492d931f4aebfc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:57:36 GMT
etag: W/"61fac610-2ea9"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 319134f8edfeb15b070c18.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 12 KB
4 KB 22ms
19ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/319134f8edfeb15b070c18.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.8beb132a751b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

a1f4086973dc8059c20b2a680c1e4cfae4069ff3a4a063a297bbcd9281115dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:57:36 GMT
etag: W/"61fac610-2e3e"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 2b8b86e084d1ab65e2064.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 8 KB
3 KB 22ms
19ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/2b8b86e084d1ab65e2064.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.8beb132a751b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

9034335635758d7a2b0d8f6f94a42f45ca55f3a87ed38929c7ab89800036e708

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:57:36 GMT
etag: W/"61fac610-1eaa"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 0b4e1db468856be7c4117.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 19 KB
6 KB 22ms
19ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/0b4e1db468856be7c4117.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.8beb132a751b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

b6450083a5b47788232fbe8dbf4ef3f900984519e23585b78d082e9f41109a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:57:36 GMT
etag: W/"61fac610-4c4a"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 64663c570873eaf2010613.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 51 KB
14 KB 30ms
27ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/64663c570873eaf2010613.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.8beb132a751b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

e8989050bbb0d2b2573fdd8dfd7313ad8b377438339e13b400b1daf6adf600e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:57:36 GMT
etag: W/"61fac610-ca31"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 db17bce7ef9476ceda412.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 6 KB
3 KB 28ms
25ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/db17bce7ef9476ceda412.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.8beb132a751b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

39a95bd7f8ff911c8a36dc1ae3b37f85d4684fd3897ab3df6dca5f8c3cd9b422

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:57:36 GMT
etag: W/"61fac610-19d5"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 99570a8661cf974c335a3.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 16 KB
6 KB 39ms
36ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/99570a8661cf974c335a3.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.8beb132a751b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

e2cf23246faa8dc51d53f8194af77082ccfa8dff6a73596ea98c0ded52fb3a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:57:36 GMT
etag: W/"61fac610-3fb0"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 38f433b6a6367d1711665.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 14 KB
5 KB 41ms
39ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/38f433b6a6367d1711665.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.8beb132a751b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

b40fffdca8df7dcf6a825dc35de6f3ee8bca5119730c8938e77e805d8016cb78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:57:36 GMT
etag: W/"61fac610-38bc"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 0c3df80a51de2ab6e84c9.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 13 KB
4 KB 42ms
39ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/0c3df80a51de2ab6e84c9.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.8beb132a751b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

f79e1f14cff6f380ebbbea645bb159978ead5447a33a0ced34534b2271eb4019

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:57:36 GMT
etag: W/"61fac610-32f4"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 0c201cfbaeab033b467f14.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 9 KB
3 KB 42ms
40ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/0c201cfbaeab033b467f14.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.8beb132a751b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

c5bfe7e837984f45a4b301978ceb06a03fea2e60a15b937d99fd5b30d6ae9946

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:57:36 GMT
etag: W/"61fac610-24f2"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 e330ec2ee9969165019715.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 7 KB
3 KB 48ms
47ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/e330ec2ee9969165019715.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.8beb132a751b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

7a8eeaf2b963d18188f07f3e78982938224c9e58b5fab050989e51cbf44a3d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:57:36 GMT
etag: W/"61fac610-1a84"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 3b3f819d1ffe0e05145e10.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 11 KB
4 KB 49ms
48ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/3b3f819d1ffe0e05145e10.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.8beb132a751b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

9008ac843d4735e349bdde45c352caeb6d5c1517622730fa602d6b56cf5e4b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:57:36 GMT
etag: W/"61fac610-2ab4"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 7cf4d25d2e47a8e0a18e28.js Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/ 9 KB
3 KB 41ms
40ms Script
application/javascript 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/7cf4d25d2e47a8e0a18e28.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/CACHE/js/shared.8beb132a751b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

42d28b968b79182a5ce39cb1bfb0a1f62441f1fb1a5d233162712097967aa6cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:57:36 GMT
etag: W/"61fac610-25d9"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:19 GMT

GET
H2 200 CD_Bake-it-Foward-Truck-e1639757520670.jpg
smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/12/ 31 KB
32 KB 27ms
20ms Image
image/webp 13.225.63.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/12/CD_Bake-it-Foward-Truck-e1639757520670.jpg?quality=90&strip=all&w=344&type=webp
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-43.ewr53.r.cloudfront.net
Software: nginx/1.19.10 /
Resource Hash: 5853621d02d975fba45c91907a09fec43c635c608a30f31ecd9b85342693b41d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester: nexus
date: Mon, 31 Jan 2022 20:21:51 GMT
via: 1.1 978e367a2ce2a1259e8f24bc2370ca50.cloudfront.net (CloudFront)
server: nginx/1.19.10
age: 170848
etag: "ad4eb5e4458105b8a5460e49803224b75633b8a0"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
x-amz-cf-pop: EWR53-C1
x-pmd-smart-cdn-proxy: 1c57cb1b3748
content-length: 32210
x-amz-cf-id: dBecSj_RhVaUKFPax393TgHiBjb3TMI0fKHwiCA5jl2H7ZV6JQ9LWg==
expires: Tue, 31 Jan 2023 20:21:51 GMT

GET
H2 200 wild-boars-e1637260632118.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/11/ 16 KB
16 KB 32ms
25ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/11/wild-boars-e1637260632118.jpg?quality=90&strip=all&w=344&type=webp
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: c6d4675d324e5b40ed5fe0f15dfc55855a7d6389232ce7c981062d99b80d366c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester: nexus
date: Tue, 01 Feb 2022 15:14:54 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
age: 102865
etag: "7a09af2688eda187779b301412175145979f59a9"
vary: Accept
content-type: image/webp
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-6v79r
alt-svc: clear
content-length: 16430

GET
H2 200 Peggy-Brekveld-President-e1637684271190.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/11/ 35 KB
35 KB 24ms
18ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/11/Peggy-Brekveld-President-e1637684271190.jpg?quality=90&strip=all&w=344&type=webp
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: 42cb48fcecb9f09d629e736d1ca8a7eb9c37c8e493b140d071fa92396897b333

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester: nexus
date: Tue, 01 Feb 2022 15:14:54 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
age: 102865
etag: "9427ccddca2fc4413cf31e61819ef57d3a7733a0"
vary: Accept
content-type: image/webp
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-9smrp
alt-svc: clear
content-length: 35688

GET
H2 200 ca.0402-dn-migrants.dn_.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/10/ 28 KB
29 KB 14ms
11ms Image
image/webp 34.149.157.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2021/10/ca.0402-dn-migrants.dn_.jpg?quality=90&strip=all&w=344&type=webp
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: 39874e19af66fa05a8e943e773c81187cb7437bb3cb0076df6defb9381d32911

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester: nexus
date: Tue, 01 Feb 2022 15:14:55 GMT
via: 1.1 google
server: nginx/1.19.10
cache-control: max-age=2592000,public
age: 102864
etag: "0f76a31c5e5eab3492b396502a69587e7ce4fc0b"
vary: Accept
content-type: image/webp
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-64c799cd7-6v79r
alt-svc: clear
content-length: 29074

GET
H2 200 wild-boars-e1637260632118.jpg
smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/11/ 16 KB
16 KB 38ms
36ms Image
image/webp 13.225.63.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.prod.postmedia.digital/nexus/wp-content/uploads/2021/11/wild-boars-e1637260632118.jpg?quality=90&strip=all&w=344&type=webp
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-43.ewr53.r.cloudfront.net
Software: nginx/1.19.10 /
Resource Hash: c6d4675d324e5b40ed5fe0f15dfc55855a7d6389232ce7c981062d99b80d366c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pmd-smartcdn-requester: nexus
date: Mon, 31 Jan 2022 20:21:51 GMT
via: 1.1 978e367a2ce2a1259e8f24bc2370ca50.cloudfront.net (CloudFront)
server: nginx/1.19.10
age: 170848
etag: "7a09af2688eda187779b301412175145979f59a9"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
x-amz-cf-pop: EWR53-C1
x-pmd-smart-cdn-proxy: a1a8ce3d761d
content-length: 16430
x-amz-cf-id: EI23bi-dEW-emsfBJgrsPLw2LJb4dEy6BDFxnN5TYHajFTU0NJlEBQ==
expires: Tue, 31 Jan 2023 20:21:51 GMT

GET
H2 200 index.html Show response
cdn.districtm.io/ids/ Frame D601 116 B
295 B 47ms
41ms Document
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Response headers

date: Wed, 02 Feb 2022 19:49:19 GMT
content-type: text/html
cf-ray: 6d75f12f0ca1548b-YYZ
age: 31987
last-modified: Thu, 20 May 2021 02:18:27 GMT
via: 1.1 d2f1890663687b5701416428f5cbb654.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id: rzkAWmHeK5Z0UENqny3ppW2FM4A_cbcasBCDiphKgMRh_p6dBA9PTg==
x-amz-cf-pop: YTO50-C3
x-cache: Hit from cloudfront
vary: Accept-Encoding
server: cloudflare
content-encoding: br

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
38 B 100ms
97ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 02 Feb 2022 19:49:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6d75f12f0ca6548b-YYZ
access-control-allow-headers: origin, content-type

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
227 B 80ms
78ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100549/all.postmedia.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 02 Feb 2022 19:49:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6d75f12f0cb8548b-YYZ
access-control-allow-headers: origin, content-type

GET
H2 200 xd.js Show response
d395dw5zk780j2.cloudfront.net/v49.3/ Frame 0D0C 37 KB
12 KB 21ms
21ms Script
application/javascript 2600:9000:21ec:9000:8:f216:eb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d395dw5zk780j2.cloudfront.net/v49.3/xd.js
Requested by: Host: d395dw5zk780j2.cloudfront.net
URL: https://d395dw5zk780j2.cloudfront.net/v49.3/xd.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ec:9000:8:f216:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea24837103070968a4b29ff947900cc3595204a8164ab822e53e0731074989ed

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://d395dw5zk780j2.cloudfront.net/v49.3/xd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 07:00:26 GMT
content-encoding: gzip
last-modified: Fri, 07 Jan 2022 18:28:01 GMT
server: AmazonS3
age: 2033334
etag: W/"d63a090c49f5bb7aa243819754d5445c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ab00cdb05d9e58b648b9b6b09875b196.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: JFK51-C1
x-amz-cf-id: _FFfo7ZTdFF6lNcJAvCX5B4p7XqHEQ_JVJey282_PZHzjUwCMdCR6A==

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 11ms
11ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/uthtxmddg.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 02 Feb 2022 19:49:19 GMT
content-encoding: gzip
age: 15924670
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 21650820
content-length: 84509
x-served-by: cache-yul12824-YUL
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1643831360.902160,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 38ms
10ms Preflight 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-mp-key
Origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Kestrel
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges: bytes
date: Wed, 02 Feb 2022 19:49:19 GMT
via: 1.1 varnish
age: 1772
x-served-by: cache-yul12829-YUL
x-cache: HIT
x-cache-hits: 1366
x-timer: S1643831360.960074,VS0,VE0
strict-transport-security: max-age=900

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 175 B
301 B 46ms
45ms XHR
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b0d6febbc20c47e27e4c7a0722e86da6190be9fdc8618a6f97adc0a965aa0cc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-a9588c0ddc27594cabd152e47ffe27ee
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Feb 2022 19:49:20 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1643831360.971767,VS0,VE30
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-yul12829-YUL
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=900
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 194 B
687 B 392ms
391ms XHR
text/javascript 13.225.71.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&pid=2YxIB64wGEXqk&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-1%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-2%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-3%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-4%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-5%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-6%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-7%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-8%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-10%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.71.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-71-80.ewr53.r.cloudfront.net

Software

Server /

Resource Hash

61a9435112cb68acc5f8da27798416ac4082a71a8ee5d392fb39c30185e4bc73

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:20 GMT
via: 1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: EWR53-C1
x-amz-rid: 7T2XSSY4YH61PBN2B50J
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 194
x-amz-cf-id: kwAks6X1VPehHtJM7fuXtuURUwskNywbrSHqf3c7TZLQkhVU_Dcr4Q==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 127ms
76ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

73b783357e1ed270e36ebc7846a8477f3d0d44e457405f46926ee2dc2a7db692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14860
x-xss-protection: 0
server: cafe
etag: 9607039154328110559
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Feb 2022 19:49:20 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 76ms
20ms Script
application/x-javascript 2600:141b:13::17d7:82d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82d1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 303
Date: Wed, 02 Feb 2022 19:49:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
X-EdgeConnect-MidMile-RTT: 1
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=74580
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 59ms
18ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: Z/2WL8RxZQxMwLu9Rm04z+ivU8oF8CbK0lY7b6m5x5tZbuS86Rvv38+Ab6qAIt9iu/bik7neq0EqmxgsPx8n2g==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Wed, 02 Feb 2022 19:49:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 59ms
18ms Script
application/javascript 199.232.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:20 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 23:12:14 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100156-IAD, cache-lga21926-LGA

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1643831360083&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1643831360083&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&c9=

0
223 B

25ms
24ms

Image
text/plain

13.33.46.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1643831360083&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&c9=
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Server: 13.33.46.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-46-48.ewr52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:20 GMT
via: 1.1 c7f2e710eb5e4c599a030513a5a7ed22.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: q7XVIt-vy_A3_AujySXGOgo6zh-rPauqZ4Oa9RXTt-ht_H6WvNNsKA==
x-cache: Miss from cloudfront

Redirect headers

date: Wed, 02 Feb 2022 19:49:20 GMT
via: 1.1 c7f2e710eb5e4c599a030513a5a7ed22.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&ns__t=1643831360083&ns_c=UTF-8&c8=Home%20%7C%20Ontario%20Farmer&c7=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&c9=
content-length: 210
x-amz-cf-id: l5N7NO4FP3ezdbxmJErHun9ONODEiUM1Wtnz3ri-ptOcjCXM7FuitQ==

GET
H2 200 idsync.d5cb6b96.js Show response
cdn.districtm.io/ids/ Frame D601 3 KB
2 KB 32ms
31ms Script
application/javascript 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by: Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/ids/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:20 GMT
via: 1.1 a20436c6d109fe9002d093f519ad4399.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 62012
cf-polished: origSize=3302
x-cache: Hit from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: cloudflare
etag: W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=172800
x-amz-cf-pop: IAD89-C2
cf-ray: 6d75f130ff98548b-YYZ
x-amz-cf-id: 1eRSpWhdVAkBadFJp4F5rFN7MnzWD6LrYuBkp7TuCOeRux1TRVDlcg==
expires: Fri, 04 Feb 2022 19:49:20 GMT

GET
H2 200 / Show response
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/api-root/media/videos/playlists/PLUgqTrlOvAcqbOWvfhmLwV1Yt80fKjtww/player/json/ 8 KB
2 KB 328ms
327ms Fetch
application/json 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/api-root/media/videos/playlists/PLUgqTrlOvAcqbOWvfhmLwV1Yt80fKjtww/player/json/

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/5bb5d2f828b2dbccd0af1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

af292e1466b0f8d0784fbda9e2be89d26c77262d4eaa7a929ea23390ccd75a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:20 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept, Cookie, Origin
x-frame-options: SAMEORIGIN
x-pmd-backend: cheetah-nginx
allow: GET, HEAD, OPTIONS
content-type: application/json
cache-control: max-age=900
strict-transport-security: max-age=15724800; includeSubDomains
expires: Wed, 02 Feb 2022 20:04:20 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 0EA1 805 B
851 B 14ms
14ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 02 Feb 2022 19:49:20 GMT
via: 1.1 varnish
age: 20681880
x-served-by: cache-yul12824-YUL
x-cache: HIT
x-cache-hits: 6915369
x-timer: S1643831360.205306,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 256 B
475 B 31ms
29ms Fetch
application/json 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: 0ca3199c7b5a1ec5078888cbf10373952e32c56ee292eda7bb82d17b158b1292

Request headers

x-lib-version: v1.0.1
Accept-Language: en-CA,en;q=0.9
authorization: Bearer b9d3df2fccd108b5eff3c44f573b2cd6
content-type: application/json
accept: application/json
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
x-referring-url: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:20 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 174
allowedmethods: GET,OPTIONS
expires: -1

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 83ms
28ms Preflight
text/plain 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 02 Feb 2022 19:49:20 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow: HEAD,GET,OPTIONS

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 11ms
10ms Preflight 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-mp-key
Origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Kestrel
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges: bytes
date: Wed, 02 Feb 2022 19:49:20 GMT
via: 1.1 varnish
age: 1772
x-served-by: cache-yul12829-YUL
x-cache: HIT
x-cache-hits: 1367
x-timer: S1643831360.333222,VS0,VE0
strict-transport-security: max-age=900

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 175 B
220 B 51ms
50ms XHR
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

441203d18edcd1cbecf48bfccc264aa413f41d3607caf63ee51c670b8a5bf55c

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-a9588c0ddc27594cabd152e47ffe27ee
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Feb 2022 19:49:20 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1643831360.345696,VS0,VE39
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-yul12829-YUL
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=900
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 42fb57ac-2013-45a6-8dad-332d53e17c1b Show response
consumer.krxd.net/consent/get/ 239 B
431 B 56ms
14ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8ddf9e8fa96d1bbbeaf292ca94fc082dde61e4a6be90c87f8b2609fd88edbd4d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:20 GMT
via: 1.1 varnish
age: 46
x-served-by: consumer-a006-ash-prod.krxd.net, cache-yul12833-YUL
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1643831360.399543,VS0,VE0
content-length: 193
x-cache-hits: 0, 2

GET
H2 200 buyers Show response
dmx.districtm.io/s/v1/ Frame D601 532 B
757 B 95ms
87ms XHR
application/json 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/buyers

Requested by

Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7e1ebd4b71faafb93b3e412f872696a80b929958343d36bf931b881822a405d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: DELETE, GET, OPTIONS, POST
content-type: application/json
access-control-allow-origin: https://cdn.districtm.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6d75f13299fa548b-YYZ
access-control-allow-headers: Origin, Content-Type

GET
H3 200 1685973801652415 Show response
connect.facebook.net/signals/config/ 308 KB
88 KB 44ms
22ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1685973801652415?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

728963de62d8aa3c97c44cecd4c4cc716a5104e698562b3ee4a596087724c060

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 90000
x-xss-protection: 0
pragma: public
x-fb-debug: yI/90L5Jqq815f8NhcoHaqxyLQXU2i1B+046Jx/+lxr4vLUkoh1hzNyIdBcQbE7SCHsih+U5rZHcKDUqSKK7mQ==
x-frame-options: DENY
date: Wed, 02 Feb 2022 19:49:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1643831360462&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1643831360462&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1747836%26time%3D1643831360462%26url%3Dhttps%253A%252F%252Fgcp-bc-785-ontariofarm...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1643831360462&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1747836&time=1643831360462&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&cookiesTest=true&liSync=true&e_ipv6=AQIlTysZAAu4W...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=00f8206e-2672-4139-9d42-68605189e23d
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=00f8206e-2672-4139-9d42-68605189e23d&_expected_cookie=f81a0735ffada8c35d4f5476...

43 B
143 B

70ms
68ms

Image
image/gif

104.18.98.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=00f8206e-2672-4139-9d42-68605189e23d&_expected_cookie=f81a0735ffada8c35d4f5476379c7624
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Server: 104.18.98.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d75f1378a5f54bb-YYZ
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=00f8206e-2672-4139-9d42-68605189e23d&_expected_cookie=f81a0735ffada8c35d4f5476379c7624
date: Wed, 02 Feb 2022 19:49:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6d75f13729be54bb-YYZ
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
457 B 589ms
49ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o01de&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=cb0fdaee-06c7-469d-9af2-18489ddbb352&tw_document_href=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 6
date: Wed, 02 Feb 2022 19:49:20 GMT
content-encoding: gzip
server: tsa_b
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: b9198f7966ffc1e29e5c6398f7a9bddaa07a852dbfdbd372d7a74b4a3fcc25ca
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
335 B 586ms
44ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o01de&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=cb0fdaee-06c7-469d-9af2-18489ddbb352&tw_document_href=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 9
date: Wed, 02 Feb 2022 19:49:20 GMT
server: tsa_b
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: ed9972e6907c2b24665a8132a05f4e58efe8fb3d800103eac02d7a586720a1c4
content-length: 43

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/580448699/ 2 KB
1 KB 68ms
37ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/580448699/?random=1643831360470&cv=9&fst=1643831360470&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=882856729.1643831360&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

0e24bbff895f179766de8370bbca1ac0f9f98a70d39043fc4880efd8ce9cf90f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1226
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/990309138/ 2 KB
2 KB 560ms
38ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990309138/?random=1643831360481&cv=9&fst=1643831360481&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8d66f3c75632486132c8467957c0fba979e2cbb6b08c80bf5d4c0d91788ee3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1028
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame C0FC
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t

275 B
1 KB

49ms
46ms

Document
text/html

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

5bfee1a430ede5828fcb00547e58f4121e6758b35517b4ee1b5387067a2e65e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Response headers

Server: Server
Date: Wed, 02 Feb 2022 19:49:21 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 275
Connection: keep-alive
x-amz-rid: XX0HMF168HCQ0NFVKQJY
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: Server
Date: Wed, 02 Feb 2022 19:49:21 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: RS027ANN4W3FWGWAV2XH
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 556ms
38ms Script
application/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=gcp-bc-785-ontariofarmer.gdev.postmedia.digital

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Feb 2022 19:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 557ms
40ms Script
application/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gcp-bc-785-ontariofarmer.gdev.postmedia.digital

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Feb 2022 19:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 uthtxmddg.js Show response
cdn.krxd.net/controltag/ Frame 0EA1 29 KB
7 KB 13ms
13ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/uthtxmddg.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 76a237b880fbfc8ac655e91dcf5c9af3b44ccc506c69328409b4047d72519eea

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 02 Feb 2022 19:49:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 293
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 6471
x-served-by: config-service-a005-ash-prod.krxd.net, cache-iad-kiad7000078-IAD, cache-yul12824-YUL
x-response-time: 0
x-do-esi: esi
x-timer: S1643831361.527101,VS0,VE0
etag: "8d8408c6b02eb41f93710c678ece74490c4f6485"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 20

GET
H2

200

1813050709796821211 Show response
dmx.districtm.io/s/10056/ Frame D601
Redirect Chain

https://p.rfihub.com/cm?pub=36496&in=1
https://dmx.districtm.io/s/10056/1813050709796821211

75 B
129 B

64ms
63ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10056/1813050709796821211

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

259970f8ac47bef42801979dc4f2e7b584d567b77d04eb96c2c83369ed132aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Wed, 02 Feb 2022 19:49:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6d75f136b874548b-YYZ

Redirect headers

Location: https://dmx.districtm.io/s/10056/1813050709796821211
Date: Wed, 02 Feb 2022 19:49:21 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

y-vTkEmZdE2uHvyR7eT8FY_N0524iauqCzE2dmtj4-~A Show response
dmx.districtm.io/s/10057/ Frame D601
Redirect Chain

https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=&verify=true
https://dmx.districtm.io/s/10057/y-vTkEmZdE2uHvyR7eT8FY_N0524iauqCzE2dmtj4-~A

100 B
156 B

80ms
77ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10057/y-vTkEmZdE2uHvyR7eT8FY_N0524iauqCzE2dmtj4-~A

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94f7f09c46211d4a6fb5a8ce8e486faf744c21bfa6cf6843d5469a2cc38e4b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Wed, 02 Feb 2022 19:49:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6d75f136d8af548b-YYZ

Redirect headers

location: https://dmx.districtm.io/s/10057/y-vTkEmZdE2uHvyR7eT8FY_N0524iauqCzE2dmtj4-~A
date: Wed, 02 Feb 2022 19:49:21 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

YxxEPfW8SRZpt6nkqKZAsZU4mbw Show response
dmx.districtm.io/s/10026/ Frame D601
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=132
https://dmx.districtm.io/s/10026/YxxEPfW8SRZpt6nkqKZAsZU4mbw

83 B
141 B

68ms
67ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10026/YxxEPfW8SRZpt6nkqKZAsZU4mbw

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61f55cdfbd107792a0dd39f29b7b74de202f8c34bde3ef826b7a161637b8c0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Wed, 02 Feb 2022 19:49:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6d75f136d8b1548b-YYZ

Redirect headers

Location: https://dmx.districtm.io/s/10026/YxxEPfW8SRZpt6nkqKZAsZU4mbw
Date: Wed, 02 Feb 2022 19:49:21 GMT
Connection: keep-alive
Content-Length: 83
Content-Type: text/html; charset=utf-8

GET
H2

200

644504955137 Show response
dmx.districtm.io/s/10022/ Frame D601
Redirect Chain

https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___
https://dmx.districtm.io/s/10022/644504955137

68 B
174 B

72ms
71ms

Script
application/javascript

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/10022/644504955137

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac12663e136143f7c3a3bdadce2d8469e23431cb13d28a54319fec62cf861c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Wed, 02 Feb 2022 19:49:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6d75f136a85a548b-YYZ

Redirect headers

Access-Control-Allow-Origin: *
Content-Length: 0
Location: https://dmx.districtm.io/s/10022/644504955137

GET
H2

200

YfrgQQADOAERNQAy&_test=YfrgQQADOAERNQAy Show response
dmx.us-east-34.districtm.io/s/10016/ Frame D601
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-34.districtm.io/s/10016/$%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/1477?redir=https%3A//dmx.us-east-34.districtm.io/s/10016/$%7BTM_USER_ID%7D&_test=YfrgQQADOAERNQAy
https://dmx.us-east-34.districtm.io/s/10016/YfrgQQADOAERNQAy&_test=YfrgQQADOAERNQAy

95 B
232 B

128ms
33ms

Script
application/javascript

34.73.194.24
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.us-east-34.districtm.io/s/10016/YfrgQQADOAERNQAy&_test=YfrgQQADOAERNQAy

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Server

34.73.194.24 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

24.194.73.34.bc.googleusercontent.com

Software

Resource Hash

43c9c73ac2044d63ece453923cbbf9bbf45e15e239e45dce7d295e460f42224f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
content-length: 95
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1643831361.060804,VS0,VE0
x-served-by: cache-yul12829-YUL
x-cache: HIT
location: https://dmx.us-east-34.districtm.io/s/10016/YfrgQQADOAERNQAy&_test=YfrgQQADOAERNQAy
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 513 KB
38 KB 776ms
775ms XHR
text/plain 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=393317054189003&correlator=3428239572125418&output=ldjh&impl=fifs&eid=31064622%2C31064671%2C44752586%2C31062930&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220202&iu_parts=3081%2CSMCO_ENCO_MAGOnFarmer_EN_WEB%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&didk=390648829~390648828~3147356942~390648827~3147356943~390648826~3147356940~390648825~3147356941~390648824~3147356938~390648775~3147356939~390648774~3147356936~390648773~3147356937~4188301106&ppid=00000000ppidp2932617955798506941&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D363a09f6-8461-11ec-8946-028169c47751%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D363a09f7-8461-11ec-8946-028169c47751%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D1%26amznbid%3D2%26amznp%3D2%26id%3D363a09f8-8461-11ec-8946-028169c47751%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D363a09f9-8461-11ec-8946-028169c47751%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26amznbid%3D2%26amznp%3D2%26id%3D363a09fa-8461-11ec-8946-028169c47751%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D363a09fb-8461-11ec-8946-028169c47751%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D3%26amznbid%3D2%26amznp%3D2%26id%3D363a09fc-8461-11ec-8946-028169c47751%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D363a09fd-8461-11ec-8946-028169c47751%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D4%26amznbid%3D2%26amznp%3D2%26id%3D363a09fe-8461-11ec-8946-028169c47751%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D363a09ff-8461-11ec-8946-028169c47751%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D5%26amznbid%3D2%26amznp%3D2%26id%3D363a0a00-8461-11ec-8946-028169c47751%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D363a0a01-8461-11ec-8946-028169c47751%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D6%26amznbid%3D2%26amznp%3D2%26id%3D363a0a02-8461-11ec-8946-028169c47751%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D363a0a03-8461-11ec-8946-028169c47751%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D7%26amznbid%3D2%26amznp%3D2%26id%3D363a0a04-8461-11ec-8946-028169c47751%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D363a0a05-8461-11ec-8946-028169c47751%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%7Cloc%3D8%26amznbid%3D2%26amznp%3D2%26id%3D363a0a06-8461-11ec-8946-028169c47751%7Cloc%3D10%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D363a0a07-8461-11ec-8946-028169c47751%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40&eri=1&cust_params=no_pol%3Dtrue%26page%3Dindex%26pr%3Donf%26sensitive%3Dn%26negative%3Dn%26ck%3Dindex%26imp%3Dindex%26kuid%3D%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_UNSCORED_PG&cookie_enabled=1&bc=31&abxe=1&dt=1643831360543&lmt=1643831360&dlt=1643831359151&idt=792&frm=20&biw=1600&bih=1200&oid=2&adxs=200%2C797%2C765%2C797%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200&adys=233%2C1318%2C1859%2C2599%2C3425%2C3225%2C3766%2C3566%2C4107%2C3907%2C4448%2C4248%2C4789%2C4589%2C5130%2C4930%2C5471%2C5271&adks=625928897%2C1960150758%2C1840685615%2C346298458%2C1840685612%2C625928910%2C1840685613%2C625928909%2C1840685586%2C625928908%2C1840685587%2C625928907%2C1840685584%2C625928906%2C1840685585%2C625928905%2C1840685590%2C2524969409&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&vis=1&scr_x=0&scr_y=0&psz=1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&ga_vid=1340902135.1643831361&ga_sid=1643831361&ga_hid=1888651535&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

763a7cf64681177cb56a336b6f86c39db0e4d940d0459e739f4040d70f57f443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39342
x-xss-protection: 0
google-lineitem-id: 5887549810,5897428233,5900230719,5903785181,5900230719,5680797321,5900230719,5680797321,5900230719,5690567695,-2,5887549810,-2,5690567695,-2,5681750323,-2,5887549810
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138378392442,138378998954,138379756357,138379847895,138379291044,138347717528,138379268081,138347717501,138379761163,138349689685,-2,138378861853,-2,138349693219,-2,138347726640,-2,138378363854
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f58beb23466913df738d0be754ce563b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B6B7 6 KB
4 KB 93ms
33ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f58beb23466913df738d0be754ce563b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 02 Feb 2022 19:49:21 GMT
expires: Thu, 02 Feb 2023 19:49:21 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mqdefault.webp
i.ytimg.com/vi_webp/GSTTZ7mtwKc/ 12 KB
12 KB 438ms
18ms Image
image/webp 2607:f8b0:4006:817::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/GSTTZ7mtwKc/mqdefault.webp

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f4ff612aae54db25ceb56885665ad9c8bfac2cad5f30c1b582febc1fe10789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:19:29 GMT
x-content-type-options: nosniff
age: 1792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12166
x-xss-protection: 0
server: sffe
etag: "1643136245"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 02 Feb 2022 21:19:29 GMT

GET
H2 200 mqdefault.webp
i.ytimg.com/vi_webp/lkhYkiqApyI/ 9 KB
9 KB 442ms
23ms Image
image/webp 2607:f8b0:4006:817::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/lkhYkiqApyI/mqdefault.webp

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f40c33990c532ef379fe609b48dfca08d5fbcb6139e312a8e829466d7d09f34e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:31:40 GMT
x-content-type-options: nosniff
age: 1061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9018
x-xss-protection: 0
server: sffe
etag: "1642437482"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 02 Feb 2022 21:31:40 GMT

GET
H2 200 mqdefault.webp
i.ytimg.com/vi_webp/LefQlPR5tiU/ 8 KB
8 KB 458ms
39ms Image
image/webp 2607:f8b0:4006:817::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/LefQlPR5tiU/mqdefault.webp

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97ebbb14c84d4682c8097790b33367c3a0614d1775bc8eb76b194e8c94262b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:36:16 GMT
x-content-type-options: nosniff
age: 785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8064
x-xss-protection: 0
server: sffe
etag: "1641504165"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 02 Feb 2022 21:36:16 GMT

GET
H2 200 mqdefault.webp
i.ytimg.com/vi_webp/iYlGGPcBNLM/ 11 KB
11 KB 451ms
33ms Image
image/webp 2607:f8b0:4006:817::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/iYlGGPcBNLM/mqdefault.webp

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ca367a40b39037858a2dbfc221129b3f620a7a35731880c725369a9671863d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:40:13 GMT
x-content-type-options: nosniff
age: 548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10790
x-xss-protection: 0
server: sffe
etag: "1641831118"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 02 Feb 2022 21:40:13 GMT

GET
H2 200 mqdefault.webp
i.ytimg.com/vi_webp/e3Q4fByDnWY/ 8 KB
8 KB 455ms
43ms Image
image/webp 2607:f8b0:4006:817::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/e3Q4fByDnWY/mqdefault.webp

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82b89ed3521ceae654e81e6b5d453c0c73abf4fce788f7f55dc92cc1b0b39551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:36:16 GMT
x-content-type-options: nosniff
age: 785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7728
x-xss-protection: 0
server: sffe
etag: "1641403360"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 02 Feb 2022 21:36:16 GMT

GET
H2 200 mqdefault.webp
i.ytimg.com/vi_webp/FELEXBxSqOc/ 10 KB
10 KB 458ms
47ms Image
image/webp 2607:f8b0:4006:817::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/FELEXBxSqOc/mqdefault.webp

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a43daa7f7b51b472b7b657134f86414bfbde762ce8828a9a66f57a0c22db4152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:31:40 GMT
x-content-type-options: nosniff
age: 1061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10186
x-xss-protection: 0
server: sffe
etag: "1640094503"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 02 Feb 2022 21:31:40 GMT

GET
H2 200 mqdefault.webp
i.ytimg.com/vi_webp/HiIgtQALCkI/ 11 KB
11 KB 50ms
49ms Image
image/webp 2607:f8b0:4006:817::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/HiIgtQALCkI/mqdefault.webp

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

740a9e7b3db299d6c5d2013418c00c437d768f4097e5d74f6c58db38cc431e28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:36:16 GMT
x-content-type-options: nosniff
age: 785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11584
x-xss-protection: 0
server: sffe
etag: "1640297242"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 02 Feb 2022 21:36:16 GMT

GET
H2 200 mqdefault.webp
i.ytimg.com/vi_webp/U04Sbe64a2Y/ 9 KB
10 KB 53ms
52ms Image
image/webp 2607:f8b0:4006:817::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/U04Sbe64a2Y/mqdefault.webp

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc3cc0865aad29753640bd3cfee8f49521946b2c5867aea60616ea09b15f599e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:47:45 GMT
x-content-type-options: nosniff
age: 96
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9690
x-xss-protection: 0
server: sffe
etag: "1640091167"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 02 Feb 2022 21:47:45 GMT

GET
H2 200 mqdefault.webp
i.ytimg.com/vi_webp/QkT6LepK8mg/ 11 KB
11 KB 57ms
56ms Image
image/webp 2607:f8b0:4006:817::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/QkT6LepK8mg/mqdefault.webp

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c7065338651c8d13e687d70c3ef6554dffb26d6e534eaad58e090481d30e5d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:48:55 GMT
x-content-type-options: nosniff
age: 26
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11586
x-xss-protection: 0
server: sffe
etag: "1639694362"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 02 Feb 2022 21:48:55 GMT

GET
H2 200 mqdefault.webp
i.ytimg.com/vi_webp/6kfv6OjkAPo/ 10 KB
11 KB 59ms
58ms Image
image/webp 2607:f8b0:4006:817::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/6kfv6OjkAPo/mqdefault.webp

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

348180de8ed0528db1aee2b84174dcbe296baf2df1048a6f8d405181f4c3861d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:26:05 GMT
x-content-type-options: nosniff
age: 1396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10702
x-xss-protection: 0
server: sffe
etag: "1643415215"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 02 Feb 2022 21:26:05 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 370ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&rl=&if=false&ts=1643831360640&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22514537319740368%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22503487844400487%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221042784969583558%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22858678751523779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221127243281129742%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22497819211464386%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1643831360638.1441199513&it=1643831360419&coo=false&rqm=GET

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 02 Feb 2022 19:49:21 GMT

GET
H2 200 icon-yt-play.svg
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common-icon/ 441 B
597 B 11ms
11ms Image
image/svg+xml 34.95.11.30
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/images/common-icon/icon-yt-play.svg?1b1eefbdf26b

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.11.30 Montreal, Canada, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

30.11.95.34.bc.googleusercontent.com

Software

Resource Hash

fd583bd394cf970e462e11c2855609a468859ce761c8c3b6bc93dc90e93923cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Feb 2022 19:49:20 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 17:58:55 GMT
etag: W/"61fac65f-1b9"
x-pmd-backend: cheetah-nginx
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31104000, public
strict-transport-security: max-age=15724800; includeSubDomains
expires: Sat, 28 Jan 2023 19:49:20 GMT

GET
H3

200

/
www.google.ca/pagead/1p-conversion/580448699/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/580448699/?random=1019932914&cv=9&fst=1643831360470&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
https://www.google.com/pagead/1p-conversion/580448699/?random=1019932914&cv=9&fst=1643831360470&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
https://www.google.ca/pagead/1p-conversion/580448699/?random=1019932914&cv=9&fst=1643831360470&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...

42 B
64 B

78ms
44ms

Image
image/gif

2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/580448699/?random=1019932914&cv=9&fst=1643831360470&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=882856729.1643831360&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QOD6YZOSIIf6Mb7RkpAM&eitems=ChAIgPTojwYQ_9uC68z7kqkoEh0Ax5ixP96xUvzmEm4Z0XqY7JplRwJijaB5liPNtg&random=2654916561&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.ca/pagead/1p-conversion/580448699/?random=1019932914&cv=9&fst=1643831360470&num=1&value=0&label=FmJTCMOu_N8BELvj45QC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&auid=882856729.1643831360&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QOD6YZOSIIf6Mb7RkpAM&eitems=ChAIgPTojwYQ_9uC68z7kqkoEh0Ax5ixP96xUvzmEm4Z0XqY7JplRwJijaB5liPNtg&random=2654916561&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 0EA1 259 KB
83 KB 12ms
11ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/uthtxmddg.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 02 Feb 2022 19:49:20 GMT
content-encoding: gzip
age: 15924671
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 21650826
content-length: 84509
x-served-by: cache-yul12824-YUL
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1643831361.667981,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 399ms
44ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/9.5.0/websites/js/64663c570873eaf2010613.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e04221fd9801b9b02aeef8202d787681fd89a42d68f5bd1be5e0616c0d71d67d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Wed, 02 Feb 2022 19:49:21 GMT

GET
H2 200 42fb57ac-2013-45a6-8dad-332d53e17c1b Show response
consumer.krxd.net/consent/get/ Frame 0EA1 224 B
326 B 30ms
30ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f395d3ced059157c8870f5d24213c473e2425b9be016d82066917b216a429843

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a001-ash-prod.krxd.net, cache-yul12833-YUL
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1643831361.056593,VS0,VE20
content-length: 185
x-cache-hits: 0, 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/990309138/ 42 B
548 B 82ms
38ms Image
image/gif 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/990309138/?random=1643831360481&cv=9&fst=1643828400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1v0&sendb=1&frm=0&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&async=1&fmt=3&is_vtc=1&random=1532352039&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/990309138/ 42 B
548 B 93ms
39ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/990309138/?random=1643831360481&cv=9&fst=1643828400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1v0&sendb=1&frm=0&url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&tiba=Home%20%7C%20Ontario%20Farmer&async=1&fmt=3&is_vtc=1&random=1532352039&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/e06dea74/www-widgetapi.vflset/ 146 KB
47 KB 49ms
21ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e06dea74/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df71ea2400d4b8c6b87adb7ccf2812a2d4c6b1175f25d57adaabf624577fcc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 02:00:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48285
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 01:11:26 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Feb 2023 02:00:04 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0EA1
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T281ZDlQMHI
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPZVCA0QdijzPFCnyQUowIk&google_cver=1

0
336 B

27ms
23ms

Image
text/plain

34.206.47.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPZVCA0QdijzPFCnyQUowIk&google_cver=1
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Server: 34.206.47.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-47-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1643831361
x-served-by: beacon-n007-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPZVCA0QdijzPFCnyQUowIk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0EA1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T281ZDlQMHI
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPZVCA0QdijzPFCnyQUowIk&google_cver=1

0
336 B

31ms
25ms

Image
text/plain

34.206.47.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPZVCA0QdijzPFCnyQUowIk&google_cver=1
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Server: 34.206.47.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-47-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=25 t=1643831361
x-served-by: beacon-n026-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPZVCA0QdijzPFCnyQUowIk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame 0EA1 42 B
340 B 82ms
40ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=Oo5d9P0r
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Feb 2022 19:49:21 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0EA1
Redirect Chain

https://stags.bluekai.com/site/26357?id=Oo5d9P0r&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOo5d9P0r%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
https://beacon.krxd.net/usermatch.gif?_kuid=Oo5d9P0r&partner=bluekai&bk_uuid=$_BK_UUID

0
336 B

27ms
26ms

Image
text/plain

34.206.47.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?_kuid=Oo5d9P0r&partner=bluekai&bk_uuid=$_BK_UUID
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Server: 34.206.47.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-47-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1643831361
x-served-by: beacon-n023-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?_kuid=Oo5d9P0r&partner=bluekai&bk_uuid=$_BK_UUID
Date: Wed, 02 Feb 2022 19:49:21 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 p
sb.scorecardresearch.com/ Frame 0EA1 64 B
441 B 29ms
24ms Image
image/gif 13.33.46.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=Oo5d9P0r&rn=1643831361
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.46.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-46-48.ewr52.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
via: 1.1 c7f2e710eb5e4c599a030513a5a7ed22.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 2SHQ797IpUfzawJlt4PTVUBNInqyjdTXj0mkFmg8riZF_f8YNTt8Kw==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0EA1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/NC4WTmcy?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner_id%3Dcb276571-e0d9-4438-9fd4-80a1ff034b01%26puid%3D%24%7BTM_USER_ID%7D
https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YfrgQQADOAERNQAy

0
337 B

83ms
24ms

Image
text/plain

34.206.47.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YfrgQQADOAERNQAy
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Server: 34.206.47.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-47-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=20 t=1643831361
x-served-by: beacon-n005-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1643831361.145243,VS0,VE0
x-served-by: cache-yul12829-YUL
x-cache: HIT
location: https://beacon.krxd.net/usermatch.gif?partner_id=cb276571-e0d9-4438-9fd4-80a1ff034b01&puid=YfrgQQADOAERNQAy
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0EA1
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=beeswax
https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=Oo5d9P0r
https://match.prod.bidr.io/cookie-sync/krux?partner_user_id=Oo5d9P0r&_bee_ppp=1
https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACur07D9cEAAGxNrR7PhA

0
336 B

24ms
23ms

Image
text/plain

34.206.47.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACur07D9cEAAGxNrR7PhA
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Server: 34.206.47.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-47-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1643831361
x-served-by: beacon-n037-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AACur07D9cEAAGxNrR7PhA
Date: Wed, 02 Feb 2022 19:49:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0EA1
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=mediamath
https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=Oo5d9P0r&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D
https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=9ae061fa-e041-4b00-925c-d6bd5330343a

0
336 B

23ms
23ms

Image
text/plain

34.206.47.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=9ae061fa-e041-4b00-925c-d6bd5330343a
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Server: 34.206.47.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-47-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1643831361
x-served-by: beacon-n038-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Wed, 02 Feb 2022 19:49:21 GMT
Server: MT3 4133 baa842e master ord-pixel-x15 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=9ae061fa-e041-4b00-925c-d6bd5330343a
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 02 Feb 2022 19:49:20 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ Frame 0EA1 27 KB
12 KB 125ms
26ms Script
application/javascript 54.85.224.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?212022
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.224.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-224-115.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 300b9ba11e041384aafe746b81adbac891f04890e6d71728d572df9073610076

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 19:49:21 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=86400
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1

200
OK

g.js
aa.agkn.com/adscores/ Frame 0EA1
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=neustar
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Oo5d9P0r

43 B
686 B

169ms
33ms

Image
image/gif

156.154.200.36
NEUSTAR-AS6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Oo5d9P0r
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: HTTP/1.1
Server: 156.154.200.36 , United States, ASN19907 (NEUSTAR-AS6, US),
Reverse DNS
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:21 GMT
Server: AAWebServer
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Type: image/gif
Access-Control-Allow-Headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
Content-Length: 43
Expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=Oo5d9P0r
date: Wed, 02 Feb 2022 19:49:21 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a004-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0EA1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YfrgQYYQiCCi6db-edHtygAA%26987

0
336 B

26ms
23ms

Image
text/plain

34.206.47.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YfrgQYYQiCCi6db-edHtygAA%26987
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Server: 34.206.47.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-47-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1643831361
x-served-by: beacon-n035-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=YfrgQYYQiCCi6db-edHtygAA%26987
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 283
Expires: Wed, 02 Feb 2022 19:49:21 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0EA1
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=salesforce
https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=YxxEPfW8SRZpt6nkqKZAsZU4mbw

0
336 B

77ms
25ms

Image
text/plain

34.206.47.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=YxxEPfW8SRZpt6nkqKZAsZU4mbw
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Server: 34.206.47.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-47-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=24 t=1643831361
x-served-by: beacon-n017-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?partner=stackadapt&partner_uid=YxxEPfW8SRZpt6nkqKZAsZU4mbw
Date: Wed, 02 Feb 2022 19:49:21 GMT
Connection: keep-alive
Content-Length: 123
Content-Type: text/html; charset=utf-8

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0EA1
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=triplelift&gdpr=0&cmp_cs=&us_privacy=undefined
https://eb2.3lift.com/xuid?mid=3587&xuid=Oo5d9P0r&dongle=13b2&rdir=https://beacon.krxd.net/usermatch.gif?partner%3Dtriplelift%26partner_uid%3D$UID&gdpr=0&cmp_cs=&us_privacy=undefined
https://eb2.3lift.com/xuid?ld=1&mid=3587&xuid=Oo5d9P0r&dongle=13b2&gdpr=0&cmp_cs=&us_privacy=undefined&rdir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dtriplelift%26partner_uid%3D%24UID
https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=3037751682814284874272

0
336 B

24ms
23ms

Image
text/plain

34.206.47.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=3037751682814284874272
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Server: 34.206.47.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-47-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=38 t=1643831361
x-served-by: beacon-n029-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=triplelift&partner_uid=3037751682814284874272
date: Wed, 02 Feb 2022 19:49:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 3A5D 0
18 B 50ms
22ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Response headers

content-type: text/plain
access-control-allow-origin: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Wed, 02 Feb 2022 19:49:21 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 4649 2 KB
3 KB 29ms
27ms Document
text/html 209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

bed79e22634d48c6e53d084c7dc1ac8e7ed34377df61478f7020d89248124ea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&dcc=t

Response headers

Server: Server
Date: Wed, 02 Feb 2022 19:49:21 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 2044
Connection: keep-alive
x-amz-rid: K0HRT29FF24GX0JPCATZ
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H3 200 6kfv6OjkAPo Show response
www.youtube.com/embed/ Frame CC25 71 KB
27 KB 157ms
143ms Document
text/html 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/6kfv6OjkAPo?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y%2CQkT6LepK8mg&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253DIAS_UNSCORED_PG%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp2932617955798506941%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e06dea74/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54056c3d00a9d4604098d48477c24bca2cf71ea95b9d95bc099a0e20b895a320

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 02 Feb 2022 19:49:21 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 users Show response
dmx.districtm.io/s/v1/ Frame D601 0
663 B 70ms
65ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/users

Requested by

Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdn.districtm.io/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-allow-origin: https://cdn.districtm.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6d75f1389b43548b-YYZ
access-control-allow-headers: Origin, Content-Type

OPTIONS
H2 204 users
dmx.districtm.io/s/v1/ Frame 0
0 112ms
67ms Preflight 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/s/v1/users

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://cdn.districtm.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cf-ray: 6d75f1381a163ff8-YYZ
access-control-allow-origin: https://cdn.districtm.io
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-max-age: 14400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare

GET
H2 200 / Show response
match.sharethrough.com/jwumXNuB/v1/ Frame E412 427 B
613 B 75ms
24ms Document
text/html 23.21.108.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.108.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-108-64.compute-1.amazonaws.com
Software: /
Resource Hash: 0a1bc874bc9b95a5583a5ec5cc1fc101590d6af74f716899b6f76d374da42e38

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
content-length: 427

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E1C7 15 KB
6 KB 103ms
33ms Document
text/html 23.221.203.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-203-12.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

server: Apache/2.2.15 (CentOS)
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=39136
expires: Thu, 03 Feb 2022 06:41:37 GMT
date: Wed, 02 Feb 2022 19:49:21 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 26AA 281 B
554 B 60ms
18ms Document
text/html 23.192.31.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-31-127.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2022 19:49:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3

200

cm Show response
u.openx.net/w/1.0/ Frame DBAF
Redirect Chain

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...

722 B
479 B

42ms
28ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 04ac22c00ed974893ab074a4d186725a18d8a6c22f91aff7f4fcc7db13d35361

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 02 Feb 2022 19:49:21 GMT
content-type: text/html
content-length: 460
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

server: OXGW/17.1.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
date: Wed, 02 Feb 2022 19:49:21 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 21E6
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm
https://s.amazon-adsystem.com/ecm3?id=2184349593536315459&ex=districtm

43 B
556 B

45ms
35ms

Document
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?id=2184349593536315459&ex=districtm

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Server: Server
Date: Wed, 02 Feb 2022 19:49:21 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: X58PR82R8T841V0PAZJD
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: nginx/1.17.9
Date: Wed, 02 Feb 2022 19:49:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=2184349593536315459&ex=districtm
AN-X-Request-Uuid: 9722f332-29f4-4c62-af26-77b39e9fdcc4
X-Proxy-Origin: 149.56.153.188; 149.56.153.188; 802.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 276B
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://s.amazon-adsystem.com/ecm3?id=2184349593536315459&ex=appnexus.com

43 B
556 B

67ms
30ms

Document
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?id=2184349593536315459&ex=appnexus.com

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Server: Server
Date: Wed, 02 Feb 2022 19:49:21 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: W6Q36A0TKG8A2PV308DB
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: nginx/1.17.9
Date: Wed, 02 Feb 2022 19:49:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=2184349593536315459&ex=appnexus.com
AN-X-Request-Uuid: c538ba4f-9278-4675-89ac-6e360310feea
X-Proxy-Origin: 149.56.153.188; 149.56.153.188; 802.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com

GET
H/1.1

200
OK

amazon Show response
ap.lijit.com/beacon/ Frame 92F6
Redirect Chain

https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1

1 KB
1 KB

19ms
18ms

Document
text/html

23.92.190.68
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.92.190.68 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 4822f8790ca333d0f92d8f10d8bf11aba79a18a7ce1afe310b17be4d8e669269

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Server: nginx
Date: Wed, 02 Feb 2022 19:49:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap2ewr1

Redirect headers

Server: nginx
Date: Wed, 02 Feb 2022 19:49:21 GMT
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap2ewr1

GET
H2

200

index.html Show response
cdn.districtm.io/ids/ Frame ADF9
Redirect Chain

https://cdn.districtm.io/ids/?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D

116 B
264 B

55ms
50ms

Document
text/html

104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
content-type: text/html
cf-ray: 6d75f1385ae7548b-YYZ
age: 31989
last-modified: Thu, 20 May 2021 02:18:27 GMT
via: 1.1 3fa24b8305c9ccdb5635d74628b66386.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id: hqJb8UaajhshOXs6Iq4XOxhP8mXnRcsMpRCJ7Q-VlyC1i4BaHuECrg==
x-amz-cf-pop: YTO50-C3
x-cache: Hit from cloudfront
vary: Accept-Encoding
server: cloudflare
content-encoding: br

Redirect headers

date: Wed, 02 Feb 2022 19:49:21 GMT
location: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
cf-ray: 6d75f1381a79548b-YYZ
cache-control: max-age=3600
expires: Wed, 02 Feb 2022 20:49:21 GMT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame F248
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3037751682814284874272

43 B
556 B

70ms
30ms

Document
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3037751682814284874272

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-sharethrough_pm-db5_rbd_ox-db5_dm_an-db5_sovrn_dmx_3lift&fv=1.0&a=cm&cm3ppd=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Server: Server
Date: Wed, 02 Feb 2022 19:49:21 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: DNRHFTMXPYKBNRC5HG7M
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

date: Wed, 02 Feb 2022 19:49:21 GMT
content-length: 0
location: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3037751682814284874272
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ Frame 0EA1 270 B
1 KB 30ms
30ms Script
application/javascript 54.85.224.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=748&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fcdn.krxd.net%2Fpartnerjs%2Fxdi%2Fproxy.3d2100fd7107262ecb55ce6847f01fa5.html%23!kxcid%3Duthtxmddg%26kxt%3Dhttps%253A%252F%252Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%26kxcl%3Dcdn%26kxp%3D&pv=1643831361285_tnv5hc7pj&bl=en-us&cb=7605561&return=https%3A%2F%2Fml314.com%2Fcsync.ashx%3Ffp%3DOo5d9P0r%26person_id%3D%5BPersonID%5D%26eid%3D748%26return%3Dhttps%253A%252F%252Fbeacon.krxd.net%252Fusermatch.gif%253Fpartner%253Dmadisonlogic%2526partner_uid%253D%5BPersonID%5D&ht=&d=&dc=&si=1643831361285_tnv5hc7pj&cid=&s=1600x1200&rp=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?212022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.224.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-224-115.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 64e0e14481a2760b8d3ec49a4d01e89875c947635b38672487866d6191edcedc

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:21 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 330
Expires: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0EA1
Redirect Chain

https://ml314.com/csync.ashx?fp=Oo5d9P0r&person_id=3624862461483548697&eid=748&return=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dmadisonlogic%26partner_uid%3D3624862461483548697
https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3624862461483548697

0
336 B

29ms
25ms

Image
text/plain

34.206.47.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3624862461483548697
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Server: 34.206.47.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-47-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=20 t=1643831361
x-served-by: beacon-n031-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Wed, 02 Feb 2022 19:49:21 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://beacon.krxd.net/usermatch.gif?partner=madisonlogic&partner_uid=3624862461483548697
Cache-Control: private
Connection: keep-alive
Content-Length: 211
Expires: Thu, 03 Feb 2022 14:49:21 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 26AA 32 KB
10 KB 55ms
53ms Script
text/html 23.192.31.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-31-127.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7b4157a837c3d4b1b9b6dbec916f1fe1ee0b28c3977ee8385618b50cd4bd4e19

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 19:49:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=51587
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9703
Expires: Thu, 03 Feb 2022 10:09:08 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame E412 43 B
556 B 33ms
31ms Image
image/gif 209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=006b84b3-57e9-4dfc-ba38-e02a3d9e8e87

Requested by

Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:21 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZJ7G9ZTFZ3QZ58BECQZP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame E412
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=33110dd9-1b59-410c-abc5-f076108cd5fa&gdpr=0&gdpr_consent=

68 B
262 B

25ms
24ms

Image
image/png

23.21.108.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=33110dd9-1b59-410c-abc5-f076108cd5fa&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 23.21.108.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-108-64.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=33110dd9-1b59-410c-abc5-f076108cd5fa&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H2

200

v1
match.sharethrough.com/sync/ Frame E412
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=33110dd9-1b59-410c-abc5-f076108cd5fa&gdpr=0&gdpr_consent=

68 B
262 B

24ms
24ms

Image
image/png

23.21.108.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=33110dd9-1b59-410c-abc5-f076108cd5fa&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 23.21.108.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-108-64.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=33110dd9-1b59-410c-abc5-f076108cd5fa&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H2

200

v1
match.sharethrough.com/sync/ Frame E412
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YfrgQYYQiCCi6db-edHtygAA%26987

68 B
262 B

25ms
24ms

Image
image/png

23.21.108.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YfrgQYYQiCCi6db-edHtygAA%26987
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 23.21.108.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-108-64.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YfrgQYYQiCCi6db-edHtygAA%26987
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 307
Expires: Wed, 02 Feb 2022 19:49:21 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame E412
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YfrgQYYQiCCi6db-edHtygAA%26987

68 B
262 B

24ms
23ms

Image
image/png

23.21.108.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YfrgQYYQiCCi6db-edHtygAA%26987
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 23.21.108.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-108-64.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=YfrgQYYQiCCi6db-edHtygAA%26987
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 307
Expires: Wed, 02 Feb 2022 19:49:21 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame B25F 47 KB
13 KB 73ms
26ms Script
application/javascript 35.170.223.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4811995650&chanId=21809871911&placementId=5887549810&pubCreative=138378392442&pubOrder=2967171286&cb=93229263&custom=index&custom2=1&adsafe_par&impId=363a09f6-8461-11ec-8946-028169c47751
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.223.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-223-143.compute-1.amazonaws.com
Software: /
Resource Hash: 8e340e692f338702711a74ea15f2ba7c881ef508d86cdb17d2ca99fba7b26efe

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
content-encoding: gzip
x-f1: 1
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B3B0 0
0 55ms
55ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUrsTV9RnZyIc6A9nhPizf1oNXRH8PmAAZsAef7PstA9_-W1Rbb25V_kQSwi8xjLmQNc-M-U92m1gL9yCk7WgJaUsVXcbikCRIZUfTyX0e_W9IQa2u0cU7FvIySytQ3eP5Jo5ZVN2uAr2JEYbTuU1vaDh3qheDTMJnL9MUnT4DV69vmuUzbusT6DI3wa6Of5c41kZA6cglI3G5vtWN_pHQ32Egu7L2ThJvXm1l0DVrtYMh_2cpPA57RYfszn6lktmbfyMJt32NaAfmSlQQ4SpzJFkqM1TH4hqnhfIddmsmNakePyOEEfXTOm0xWvzhcG8o4fxdxUCs_dFbaZB9EUMAq-4OMiM4Mdkbh7uE1QYAVpK0IZ34Ff-h&sai=AMfl-YRTMKdrsX_FDP0nNiI_rFA-vFqsUpZjElhHzvldWMTbNPMC6Zy435V5a13XCxCK56caB55Gduo6DM0KrWiTUM1kkR_RLq2LTeA4a_uwoUI-7xM5igWunCyKLP4bgAMooXL4MmnKBINfRXFcS_l-WRo&sig=Cg0ArKJSzKTy08wXQnyOEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Feb 2022 19:49:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 62036624_a0f4a77856bd55eebab47d5c878ec31c_creative_def.js Show response
s0.2mdn.net/ads/richmedia/studio/creative/62002358/ Frame B3B0 7 KB
2 KB 74ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/creative/62002358/62036624_a0f4a77856bd55eebab47d5c878ec31c_creative_def.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e90c54533fa9616c44df1623c81863cddb3cc17b097d53d4e5562fbb71d61f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1581
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 20:20:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H2 200 html_inpage_rendering_lib_200_260.js Show response
s0.2mdn.net/879366/ Frame B3B0 183 KB
63 KB 75ms
20ms Script
text/javascript 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61aa815692e9edf603f12550ad0976ccde355df6e118e42f018a691738997d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64774
x-xss-protection: 0
last-modified: Wed, 31 Jul 2019 21:01:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Feb 2022 00:16:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B3B0 123 KB
38 KB 117ms
62ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 19:49:21 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 92F6 43 B
556 B 33ms
30ms Image
image/gif 209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=dfcd23d4f91ca4530438c695&ex=sovrn.com&gdpr=0&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:21 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2N0GVJWE2QHJCHNH2TM7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 92F6
Redirect Chain

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=l1eRi8RWw9uMXpWLxQTa38dTlImMA8XZl1Z_Q92p

43 B
866 B

67ms
25ms

Image
image/gif

23.92.190.74
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=l1eRi8RWw9uMXpWLxQTa38dTlImMA8XZl1Z_Q92p
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Server: 23.92.190.74 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ewr1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=l1eRi8RWw9uMXpWLxQTa38dTlImMA8XZl1Z_Q92p
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 92F6
Redirect Chain

https://ums.acuityplatform.com/tum?umid=27&uid=dfcd23d4f91ca4530438c695&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=66&3pid=644504955137

43 B
838 B

64ms
22ms

Image
image/gif

23.92.190.74
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=66&3pid=644504955137
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Server: 23.92.190.74 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ewr1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Content-Length: 0
Location: https://ce.lijit.com/merge?pid=66&3pid=644504955137

GET
H/1.1

200
OK

epx.gif
px.owneriq.net/fr/ Frame 92F6
Redirect Chain

https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6971177611306531574&ref=%2Feucm%2Fp%2Fsv
https://px.owneriq.net/fr/epx.gif

43 B
402 B

65ms
20ms

Image
image/gif

23.223.1.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/fr/epx.gif
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Server: 23.223.1.189 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-223-1-189.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 19:49:21 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: max-age=428967
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 07 Feb 2022 18:58:48 GMT

Redirect headers

Date: Wed, 02 Feb 2022 19:49:21 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://px.owneriq.net/fr/epx.gif
Cache-Control: max-age=69133
Connection: keep-alive
Content-Type: text/html
Content-Length: 154

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 92F6
Redirect Chain

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=90&3pid=0f49997a-51ca-4847-a37f-8b7704221280&gdpr=0&gdpr_consent=

43 B
1 KB

23ms
23ms

Image
image/gif

23.92.190.74
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=90&3pid=0f49997a-51ca-4847-a37f-8b7704221280&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Server: 23.92.190.74 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ewr1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
server: nginx/1.12.1
location: https://ce.lijit.com/merge?pid=90&3pid=0f49997a-51ca-4847-a37f-8b7704221280&gdpr=0&gdpr_consent=
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 92F6
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=83&3pid=KZ5YR0LU-T-6RFE&gdpr=0

43 B
1 KB

23ms
22ms

Image
image/gif

23.92.190.74
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=83&3pid=KZ5YR0LU-T-6RFE&gdpr=0
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Server: 23.92.190.74 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:22 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ewr1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://ce.lijit.com/merge?pid=83&3pid=KZ5YR0LU-T-6RFE&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 0163a7456b0a5605e8b1fb1d4fba3e4d
Expires: 0

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame DBAF 43 B
556 B 34ms
31ms Image
image/gif 209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=70e0c5d8-ecc4-88fc-9b94-0812b9956836

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:21 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3GX0MJGE5EZHHKX2PEVM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame DBAF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YfrgQQADOAERNQAy

43 B
180 B

32ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YfrgQQADOAERNQAy
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1643831362.506794,VS0,VE0
x-served-by: cache-yul12829-YUL
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YfrgQQADOAERNQAy
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 bcf1dfe1-60c2-a14f-6a4d-9c702ef16e9f
pr-bh.ybp.yahoo.com/sync/openx/ Frame DBAF 43 B
984 B 87ms
30ms Image
image/gif 2600:1f18:4e9:5a07:6be:e2b0:f1c0:b548
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/bcf1dfe1-60c2-a14f-6a4d-9c702ef16e9f?gdpr=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a07:6be:e2b0:f1c0:b548 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame DBAF
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=2836b9a5-f06e-3306-5b9a-8a85d1a6a3d6&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=33110dd9-1b59-410c-abc5-f076108cd5fa&ttd_puid=2836b9a5-f06e-3306-5b9a-8a85d1a6a3d6

43 B
62 B

33ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=33110dd9-1b59-410c-abc5-f076108cd5fa&ttd_puid=2836b9a5-f06e-3306-5b9a-8a85d1a6a3d6
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=33110dd9-1b59-410c-abc5-f076108cd5fa&ttd_puid=2836b9a5-f06e-3306-5b9a-8a85d1a6a3d6
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 293

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame DBAF 170 B
188 B 39ms
36ms Image
image/png 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDQ1OTZhNmYtMzkxOS02ZGEyLTRlN2EtZDAzYzFiNDQ2ZGI2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame DBAF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPPIpwZPEDQ6smPUDiIeOFs&google_cver=1

43 B
61 B

31ms
31ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPPIpwZPEDQ6smPUDiIeOFs&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPPIpwZPEDQ6smPUDiIeOFs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 26AA 284 B
932 B 109ms
25ms Image
image/jpg 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: e1bddfc34a927e97bda010c0d8a62b62
Content-Type: image/jpg

GET
H2 200 idsync.d5cb6b96.js Show response
cdn.districtm.io/ids/ Frame ADF9 3 KB
2 KB 33ms
32ms Script
application/javascript 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by: Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
via: 1.1 a20436c6d109fe9002d093f519ad4399.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 62013
cf-polished: origSize=3302
x-cache: Hit from cloudfront
cf-bgj: minify
content-encoding: br
last-modified: Thu, 20 May 2021 02:18:27 GMT
server: cloudflare
etag: W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=172800
x-amz-cf-pop: IAD89-C2
cf-ray: 6d75f139ad18548b-YYZ
x-amz-cf-id: 1eRSpWhdVAkBadFJp4F5rFN7MnzWD6LrYuBkp7TuCOeRux1TRVDlcg==
expires: Fri, 04 Feb 2022 19:49:21 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame E1C7 2 KB
2 KB 74ms
19ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34198638&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f83eb7d18499c9a6689edb25617a4a24f5d105da04bc73d4c546f7d9918929a7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1569
content-type: text/html; charset=UTF-8

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 5C21 47 KB
14 KB 26ms
25ms Script
application/javascript 35.170.223.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=5100623217&chanId=21809871911&placementId=5897428233&pubCreative=138378998954&pubOrder=2973321011&cb=1388661384&custom=index&custom2=2&adsafe_par&impId=363a09f7-8461-11ec-8946-028169c47751
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.223.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-223-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7366c6fe73593de65c1a888b264acf0c02b80fefc2c25f04bba18b54a7eb770a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
content-encoding: gzip
x-server-name: app17.va.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1F4B 0
0 51ms
50ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXUYeF5Ag8KkvpSqOeDQNcQB8TYVBt40uRNT5BCc75l6vsbNRCm3TmB3DQSRlLN6iWYKjfcKaeUvgxIomcovz8zst0hgahrJO4pn6zCk4q6jszjpRkNQTKSeetaznWxgLQpWENxAikjQ7gPMuNpoUzgInb6FN5K6wrNYpDCGOKHxhewn9koAj4rYZlrifX94RPRN1QCYtdc9VPCGrKA5D59hMAexV_dxTh7oFqbVKKVjlBJz9qumoND-jSnEXdlu4u5vKXVrzlUyLst3GOjziXFH3Q63Dv7nZF9UyeXTHYUuTTbPbRtOMJ1cNqENclqTa5zCA801T3bOrY26EfqkGvSq4M9OfOqtEQ6cRGrEzEguBaTHXFLQrS&sai=AMfl-YQsOpn5STg_pnu8JBi9JK36he9Ko50wHyn7k8g8in5D_Rf00-ip_iG43aG0vLoAcG2Wr4XDo29mjmiag85qQV_7dsn61MDeXKP3vlFYqZ2qcTn-884RxHWs1twcpkjqWfIJg4gOLpxCR7VwNoBVQkA&sig=Cg0ArKJSzDluq_YXYeUiEAE&uach_m=[UACH]&adurl=

Requested by

Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Feb 2022 19:49:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 1F4B 2 KB
2 KB 79ms
20ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Feb 2022 19:32:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F4B 123 KB
37 KB 100ms
68ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 19:49:21 GMT

GET
H2 200 2998801211941301742
tpc.googlesyndication.com/simgad/ Frame 1F4B 57 KB
57 KB 78ms
21ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2998801211941301742

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efa6cb2caa997918df62222b229b7e48be5ec55f53eb25b4effedbfe996da27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 13:11:29 GMT
x-content-type-options: nosniff
age: 23872
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58046
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 20:11:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Feb 2023 13:11:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1F4B 0
0 73ms
37ms Image
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmP4nEtzXHhFdvfK7NHBtYb9C7XIenyj2KvT8N7vH0eURTPRjyi7FEGgr8-iiEo8reOIQ7pD7pp0LPTLvGhI8tK5ybQQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 1F4B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad83df4b65b92ddc371e35cb5adf21fc3f4fea2a90a93fccb543cfc2fbd8855a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/e06dea74/ Frame CC25 340 KB
47 KB 25ms
25ms Stylesheet
text/css 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e06dea74/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6kfv6OjkAPo?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y%2CQkT6LepK8mg&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253DIAS_UNSCORED_PG%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp2932617955798506941%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e623fb78cdfb931ce91f7d2b52fd78f3051ddfcc12ff164dc42e766cd51d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/6kfv6OjkAPo?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y%2CQkT6LepK8mg&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253DIAS_UNSCORED_PG%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp2932617955798506941%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183184
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47680
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 01:11:26 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Jan 2023 16:56:17 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CC25 15 KB
15 KB 53ms
20ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:41:34 GMT
x-content-type-options: nosniff
age: 115667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 11:41:34 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/e06dea74/www-embed-player.vflset/ Frame CC25 274 KB
84 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e06dea74/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36db8aee51bc56c39ecffea72d34245b6b8283dea712dae98e8e067b8758059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/6kfv6OjkAPo?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y%2CQkT6LepK8mg&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253DIAS_UNSCORED_PG%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp2932617955798506941%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85991
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 01:11:26 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Jan 2023 16:56:17 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/e06dea74/player_ias.vflset/en_US/ Frame CC25 2 MB
534 KB 32ms
31ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e06dea74/player_ias.vflset/en_US/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25d2e9d2c676ae8ee0c6fe98862078372495e316a5222e859d7f81385ccf6c7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/6kfv6OjkAPo?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y%2CQkT6LepK8mg&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253DIAS_UNSCORED_PG%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp2932617955798506941%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183184
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 546718
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 01:11:26 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Jan 2023 16:56:17 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/e06dea74/fetch-polyfill.vflset/ Frame CC25 8 KB
3 KB 38ms
37ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e06dea74/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/6kfv6OjkAPo?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y%2CQkT6LepK8mg&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253DIAS_UNSCORED_PG%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp2932617955798506941%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183184
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 01:11:26 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Jan 2023 16:56:17 GMT

GET
H2 200 main.gr.19.8.284.js Show response
static.adsafeprotected.com/ Frame B25F 189 KB
60 KB 65ms
20ms Script
application/javascript 2600:9000:21dd:5200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.284.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4811995650&chanId=21809871911&placementId=5887549810&pubCreative=138378392442&pubOrder=2967171286&cb=93229263&custom=index&custom2=1&adsafe_par&impId=363a09f6-8461-11ec-8946-028169c47751
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:5200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eff9611cedbd4005f4e14141b36370a67bffe1e50b1082cb32a84ee835c27a21

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:07:10 GMT
content-encoding: gzip
age: 614531
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Jan 2022 16:52:12 GMT
server: AmazonS3
etag: W/"fb9b2792c3db887dfff0ad3cd668ef5a"
vary: Accept-Encoding
x-amz-version-id: dmAY6a2.PaweZS3llbmldpNvP5GdhzI6
via: 1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR53-C2
content-type: application/javascript
x-amz-cf-id: QPkYDS5tJDMtqR_h79u0GFirVk84YqsY9xll4Jh5v9h-TvRJvW6W_Q==

GET
DATA 200
OK truncated
/ Frame B3B0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 081d92859a41fa900435e926d8a4cb638f665b54401ce82718b34033cc5ee0fa

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame ADF9
Redirect Chain

https://dmx.districtm.io/s/v1/users/10002
https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUmFTRzlDY2s5dFJVc3hjRkEyY2tnMlJFa3hkbkI1WkhNMCJ9.U55JhjeU8jycVNWWAk4OW7...

43 B
556 B

39ms
33ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUmFTRzlDY2s5dFJVc3hjRkEyY2tnMlJFa3hkbkI1WkhNMCJ9.U55JhjeU8jycVNWWAk4OW7yNe4MicWGaSEI-Ew-fxF0_b5tqDLLEOqUd2B0SCQWHi8I_rshbUdok6-6DA97GRA

Requested by

Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html?sellerid=10002&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Ddmx.com%26id%3D%7BUID%7D

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.districtm.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:21 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 48B8YS6CJCSW571KVZH8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://s.amazon-adsystem.com/ecm3?ex=dmx.com&id=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAyLCJ1c3IiOiJxZ1llc2dZYk1qUmFTRzlDY2s5dFJVc3hjRkEyY2tnMlJFa3hkbkI1WkhNMCJ9.U55JhjeU8jycVNWWAk4OW7yNe4MicWGaSEI-Ew-fxF0_b5tqDLLEOqUd2B0SCQWHi8I_rshbUdok6-6DA97GRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: DELETE, GET, OPTIONS, POST
access-control-allow-origin: https://cdn.districtm.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6d75f13acee5548b-YYZ
access-control-allow-headers: Origin, Content-Type
content-length: 0

GET
H3 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 49 KB
4 KB 69ms
40ms Document
text/html 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44afe2ee5d462a0e35761b545acacb5b240681383e00e56b19dbfc385e89de72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3943
date: Wed, 02 Feb 2022 19:49:21 GMT
expires: Thu, 03 Feb 2022 19:49:21 GMT
cache-control: public, max-age=86400
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 26AA
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=KZ5YR0AV-1K-JTNX
https://s.amazon-adsystem.com/ecm3?id=KZ5YR0AV-1K-JTNX&ex=d-rubiconproject.com&status=ok

43 B
556 B

35ms
30ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=KZ5YR0AV-1K-JTNX&ex=d-rubiconproject.com&status=ok

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:22 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GT3GSKYPWXVX6815TG5Q
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?id=KZ5YR0AV-1K-JTNX&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 83041abbe8494cb29eff3083edd6dff6
Expires: 0

GET
H2 200 main.gr.19.8.284.js Show response
static.adsafeprotected.com/ Frame 5C21 189 KB
60 KB 19ms
19ms Script
application/javascript 2600:9000:21dd:5200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.284.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=5100623217&chanId=21809871911&placementId=5897428233&pubCreative=138378998954&pubOrder=2973321011&cb=1388661384&custom=index&custom2=2&adsafe_par&impId=363a09f7-8461-11ec-8946-028169c47751
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:5200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eff9611cedbd4005f4e14141b36370a67bffe1e50b1082cb32a84ee835c27a21

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:07:10 GMT
content-encoding: gzip
age: 614531
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Jan 2022 16:52:12 GMT
server: AmazonS3
etag: W/"fb9b2792c3db887dfff0ad3cd668ef5a"
vary: Accept-Encoding
x-amz-version-id: dmAY6a2.PaweZS3llbmldpNvP5GdhzI6
via: 1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR53-C2
content-type: application/javascript
x-amz-cf-id: FAptHCW2030CesjSu7fBdsUMaEvITpdY5Ta4rKtrWWSYkdEFMWhYLg==

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 7AF0
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=D6B2E08D-B04D-44E3-BC9F-E33DD80F5DDF
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D6B2E08D-B04D-44E3-BC9F-E33DD80F5DDF

35 B
467 B

46ms
38ms

Document
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D6B2E08D-B04D-44E3-BC9F-E33DD80F5DDF

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 02 Feb 2022 19:49:21 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Wed, 02 Feb 2022 19:49:21 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D6B2E08D-B04D-44E3-BC9F-E33DD80F5DDF
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E358
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfrgQQADOAERNQAy&gdpr=0&gdpr_consent=

1 B
257 B

53ms
23ms

Document
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfrgQQADOAERNQAy&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 02 Feb 2022 19:49:21 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: njrpug017:0:940
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfrgQQADOAERNQAy&gdpr=0&gdpr_consent=
accept-ranges: bytes
date: Wed, 02 Feb 2022 19:49:21 GMT
via: 1.1 varnish
x-served-by: cache-yul12829-YUL
x-cache: HIT
x-cache-hits: 0
x-timer: S1643831362.861027,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H/1.1 200
OK ecm3 Show response
s.amazon-adsystem.com/ Frame 8B95 43 B
556 B 37ms
31ms Document
image/gif 209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?id=D6B2E08D-B04D-44E3-BC9F-E33DD80F5DDF&ex=pubmatic.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Server: Server
Date: Wed, 02 Feb 2022 19:49:21 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: 89BB893TFFMFYKHN795S
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E1C7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1rLgjbBNROO8n-M92A9d3w%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

41ms
34ms

Image
text/html

23.221.203.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Server: 23.221.203.12 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-203-12.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=39136
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Thu, 03 Feb 2022 06:41:37 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

px
p.adsymptotic.com/d/ Frame E1C7
Redirect Chain

https://idsync.rlcdn.com/420486.gif?partner_uid=D6B2E08D-B04D-44E3-BC9F-E33DD80F5DDF
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEQ2QjJFMDhELUIwNEQtNDRFMy1CQzlGLUUzM0REODBGNURERhAAGg0IwcDrjwYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=090cd6c536fd2dddda1e93763c31e6747ad11ad3c0d7361a0a29e88e8aedb3ac791426b5417dce21&_=2
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d

43 B
120 B

68ms
67ms

Image
image/gif

104.18.98.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Server: 104.18.98.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d75f140e95054bb-YYZ
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

date: Wed, 02 Feb 2022 19:49:22 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame E1C7
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9ae061fa-e041-4b00-925c-d6bd5330343a

0
260 B

71ms
18ms

Image
text/plain

104.36.115.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9ae061fa-e041-4b00-925c-d6bd5330343a
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Server: 104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 02 Feb 2022 19:49:21 GMT
Server: MT3 4133 baa842e master ord-pixel-x24 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9ae061fa-e041-4b00-925c-d6bd5330343a
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 02 Feb 2022 19:49:20 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E1C7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDZCMkUwOEQtQjA0RC00NEUzLUJDOUYtRTMzREQ4MEY1RERG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
188 B

75ms
23ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cache-control: no-store, no-cache, private
x-lat: njrpug020:0:344
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E1C7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAqDp_MQxb5_QkUMIFIR6L0&google_cver=1

42 B
593 B

74ms
22ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAqDp_MQxb5_QkUMIFIR6L0&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 15:24:00 GMT
cache-control: no-store, no-cache, private
x-lat: njrpug027:0:396
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAqDp_MQxb5_QkUMIFIR6L0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E1C7
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3D51347408CC40D7BB6EE1AF4172DDBC

42 B
381 B

20ms
19ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3D51347408CC40D7BB6EE1AF4172DDBC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:22 GMT
cache-control: no-store, no-cache, private
x-lat: njrpug018:0:687
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Wed, 02 Feb 2022 19:49:21 GMT
x-content-type-options: nosniff
server: nginx
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3D51347408CC40D7BB6EE1AF4172DDBC
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Tue, 01 Feb 2022 19:49:21 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame E1C7
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3908086959649085956&gdpr=0&gdpr_consent=&us_privacy=

1 B
324 B

27ms
21ms

Image
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3908086959649085956&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:22 GMT
cache-control: no-store, no-cache, private
x-lat: njrpug017:0:601
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3908086959649085956&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame E1C7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=33110dd9-1b59-410c-abc5-f076108cd5fa

42 B
603 B

74ms
22ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=33110dd9-1b59-410c-abc5-f076108cd5fa
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:21 GMT
cache-control: no-store, no-cache, private
x-lat: njrpug015:0:652
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=33110dd9-1b59-410c-abc5-f076108cd5fa
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1F4B 0
0 61ms
52ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIMl89FvmkShPcyFeJ7UHfztkys6MijmT0TfPNRH7rgO3EK0ozWiHtKy4mOWlG98sgr89yrEo1O8AJqB1RJSiFd1xtiqlPiSTfH_9dtlw4afa-9_ov6XC7dVxBtOZvEplACWy4Gxlj9epTPM--m5Q1LZ1bXxjA8lYGcrfnAzyrNLv6POvD7rwXX3w6LG5JRtrOlgP9sy53FZoGqSSn3x6mgJ_tcmkhAf5bmbR2yHNIvhGfI64lgt56bhYxd8YQ1W7DFqtD0KAp-vFQ9HRgupWQ0Ooqhn5c6ISKdpmNZWgrwOCgsR1Ir5dtinbOv9YvZ7lsHJA8IXQ0vaAJjfxrxcLtS2mmzpRXY7JWFMUALbCdNCBKXt2SLwgNM8c&sai=AMfl-YREYaAh-N1QeJ7keqoOrAWMyTSYibfN285z0lRzac8KrB8Mv9sf3x2fzQlQxF4v_SFIMpejImMBPGQ_7hA7bb6kvPyC4y1K5hfRT-KlSJZrA5RGyjAoyXfTUxW54P_1rtPHkt2sIiVEZyJGEvKeA_8&sig=Cg0ArKJSzG8MaBlQQ_zzEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Feb 2022 19:49:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 02 Feb 2022 19:49:21 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 26AA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9ae061fa-e041-4b00-925c-d6bd5330343a&expires=28

42 B
689 B

190ms
25ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9ae061fa-e041-4b00-925c-d6bd5330343a&expires=28
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 29af2665c43893332e84c235bac366c1
Content-Type: image/gif

Redirect headers

Date: Wed, 02 Feb 2022 19:49:21 GMT
Server: MT3 4133 baa842e master ord-pixel-x56 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9ae061fa-e041-4b00-925c-d6bd5330343a&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 02 Feb 2022 19:49:20 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 26AA
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/AjQ7JtMFLOtczdl9I0sB1sn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1398967750230874303

42 B
689 B

30ms
29ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1398967750230874303
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: af308bb17a856a105b8c87aaae7d7f8c
Content-Type: image/gif

Redirect headers

date: Wed, 02 Feb 2022 19:49:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1398967750230874303
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26AA
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzhiOGJjYWZjYzNhMzJhZDcwMTQ0Y2YwZjk0YzM0MDBkYWYzZDhhYg

170 B
188 B

42ms
42ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzhiOGJjYWZjYzNhMzJhZDcwMTQ0Y2YwZjk0YzM0MDBkYWYzZDhhYg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzhiOGJjYWZjYzNhMzJhZDcwMTQ0Y2YwZjk0YzM0MDBkYWYzZDhhYg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 382e2818ca015d35b02cd449aa60881d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 26AA
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ5YR0AV-1K-JTNX&sigv=1&esig=2~53d03411a9b02294a242bc18d72728cba01e4051

0
194 B

515ms
33ms

Image
text/plain

2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ5YR0AV-1K-JTNX&sigv=1&esig=2~53d03411a9b02294a242bc18d72728cba01e4051

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

Server

2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:22 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ5YR0AV-1K-JTNX&sigv=1&esig=2~53d03411a9b02294a242bc18d72728cba01e4051
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: af308bb17a856a105b8c87aaae7d7f8c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 709414.gif
id.rlcdn.com/ Frame 26AA 42 B
286 B 56ms
45ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Feb 2022 19:49:21 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 26AA
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=33110dd9-1b59-410c-abc5-f076108cd5fa&gdpr=0&gdpr_consent=&expires=30

42 B
689 B

191ms
26ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=33110dd9-1b59-410c-abc5-f076108cd5fa&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 19ea072139d67f7022c6e463249c998e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=33110dd9-1b59-410c-abc5-f076108cd5fa&gdpr=0&gdpr_consent=&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 289

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 26AA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfrgQQADOAERNQAy

42 B
689 B

192ms
24ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfrgQQADOAERNQAy
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 382e2818ca015d35b02cd449aa60881d
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1643831362.886255,VS0,VE0
x-served-by: cache-yul12829-YUL
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfrgQQADOAERNQAy
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 26AA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHBG5X6iJB3-UVF6bb9GNkQ&google_cver=1

42 B
764 B

187ms
23ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHBG5X6iJB3-UVF6bb9GNkQ&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 29af2665c43893332e84c235bac366c1
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHBG5X6iJB3-UVF6bb9GNkQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 8203 80 KB
21 KB 25ms
24ms Script
application/javascript 2600:9000:21dd:5200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:5200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:16:10 GMT
content-encoding: gzip
age: 5848392
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR53-C2
content-type: application/javascript
x-amz-cf-id: 3tGzN2EkPiKhPIp39QyOv_8nrp4bbsf4dzhhpJqSXM3-FoF1tF22Ow==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 29ms
29ms Image
image/gif 35.170.223.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=928934&campId=300x250&pubId=4811995650&chanId=21809871911&placementId=5887549810&pubCreative=138378392442&pubOrder=2967171286&cb=93229263&custom=index&custom2=1&adsafe_par&impId=363a09f6-8461-11ec-8946-028169c47751&adsafe_url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:8a719160-6396-13c0-4d58-b6864ce19c23,c:35WfgW,sl:inView,em:true,fr:true,thd:1,mn:jsserver-experiment-primary-7d6b9dd8f4-89d6p,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:650.108.300.250,am:i,cc:650.108.300.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:233,fm:sWjyRYL+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17*.928934%7C171%7C172%7C181,idMap:17*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:268,oid:373755b8-8461-11ec-a3f8-027293211ca3,v:19.8.284,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.223.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-223-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:21 GMT
x-server-name: app02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 gwdpage_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 55 B
80 B 28ms
26ms Stylesheet
text/css 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
x-content-type-options: nosniff
age: 80987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 731 B
262 B 27ms
25ms Stylesheet
text/css 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 24 B
49 B 28ms
24ms Stylesheet
text/css 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
x-content-type-options: nosniff
age: 80987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 gwdimage_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 281 B
186 B 32ms
27ms Stylesheet
text/css 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 gwdtaparea_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 157 B
143 B 31ms
26ms Stylesheet
text/css 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 googbase_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 400 B
303 B 44ms
39ms Script
text/javascript 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 21 KB
6 KB 39ms
35ms Script
text/javascript 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

630dcb1aea14b0b32672353c6718f225a51122da1e170c35185ed4177b3489cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6269
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 3 KB
1 KB 42ms
37ms Script
text/javascript 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3702675bb100b35f2cc13c2d7e830a1abb3d645ddeb6a2155be81d777d21dfa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 16:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13037
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1307
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Feb 2022 16:12:04 GMT

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 8 KB
3 KB 38ms
34ms Script
text/javascript 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47362f03763fafea173fabaa570f4054c7931e5f8d1e6f6daa2b08cafae41cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3174
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 8318 118 KB
40 KB 28ms
23ms Script
text/javascript 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 06:40:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Feb 2022 06:40:15 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 13 KB
4 KB 46ms
42ms Script
text/javascript 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d1651d91488d8e6357d29c08174475d886c695a2a9101ab4c73efd0137ad3ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4463
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 5 KB
2 KB 45ms
41ms Script
text/javascript 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e3bc05f59be2a1faacba16a7c0fba7de267a60f2e88c04789e4ffe0dfb6056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2004
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 gwdtaparea_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 4 KB
2 KB 43ms
39ms Script
text/javascript 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d66c408f2d22f32c480961298e6fba83ca59fe57386f9e6726a47c27553aad90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1809
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 gwd-events-support.1.0.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 5 KB
1 KB 42ms
39ms Script
text/javascript 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/gwd-events-support.1.0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97f021d21f4c6ecb256ef53df152984ad47d4fa5d9b013223454abaccb92814a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1287
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame CC25 113 B
159 B 76ms
42ms XHR
application/json 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e06dea74/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

deee2c79a186a90b5128a2ef0b98f61898ab18c1d9a90c3e44903d98f42e3294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CC25 29 B
157 B 27ms
26ms Script
text/javascript 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e06dea74/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:43:14 GMT
x-content-type-options: nosniff
age: 368
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 19:58:14 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 113ms
38ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=8a719160-6396-13c0-4d58-b6864ce19c23&tv=%7Bc:35Wfjk,pingTime:0,time:415,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:267%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:415,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:266,wc:0.0.1600.1200,ac:650.108.300.250,am:i,cc:650.108.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B178~100%5D,as:%5B178~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sWjyRYL+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17*.928934%7C171%7C172%7C181,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=u
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:22 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 0B07 80 KB
21 KB 43ms
36ms Script
application/javascript 2600:9000:21dd:5200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:5200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:16:10 GMT
content-encoding: gzip
age: 5848393
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR53-C2
content-type: application/javascript
x-amz-cf-id: UAuSvvnUUhTd0XzodDHkiApEKBedbDyPMT_rTXkTjdnVAVLnG1L14A==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 45ms
39ms Image
image/gif 35.170.223.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=928934&campId=728x90&pubId=5100623217&chanId=21809871911&placementId=5897428233&pubCreative=138378998954&pubOrder=2973321011&cb=1388661384&custom=index&custom2=2&adsafe_par&impId=363a09f7-8461-11ec-8946-028169c47751&adsafe_url=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:4baa76bf-ddd2-7efa-b7db-88249b2817c2,c:35WfjY,sl:outOfView,em:true,fr:true,thd:1,mn:app17va,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:436.1262.728.90,am:i,cc:436.1262.728.90,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:330,fm:sWjyS0B+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C171%7C172%7C173%7C18*.928934%7C181,idMap:18*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:342,oid:3745faf3-8461-11ec-abb0-0e8c96cf9bbf,v:19.8.284,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.223.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-223-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:22 GMT
x-server-name: app26.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 remote.js Show response
www.youtube.com/s/player/e06dea74/player_ias.vflset/en_US/ Frame CC25 97 KB
30 KB 36ms
20ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e06dea74/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e06dea74/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c1ef1b740888182594c1cecdfbbe59079ac16011b8841de8c5383faf0569bb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/6kfv6OjkAPo?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y%2CQkT6LepK8mg&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253DIAS_UNSCORED_PG%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp2932617955798506941%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30653
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 01:11:26 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Jan 2023 16:56:37 GMT

GET
H3 200 dA9BWHSnTT0d1pxloHd0fuHbGmDminjac2L7r7hVS8Y.js Show response
www.google.com/js/th/ Frame CC25 35 KB
13 KB 29ms
24ms Script
text/javascript 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/dA9BWHSnTT0d1pxloHd0fuHbGmDminjac2L7r7hVS8Y.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e06dea74/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

740f415874a74d3d1dd69c65a077747ee1db1a60e68a78da7362fbafb8554bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 04:31:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13500
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 04:31:15 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/e06dea74/player_ias.vflset/en_US/ Frame CC25 26 KB
7 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e06dea74/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e06dea74/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4e643ae33d23032dbb28195005972e53661b8979823f4935823d5d4012a2e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/6kfv6OjkAPo?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y%2CQkT6LepK8mg&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253DIAS_UNSCORED_PG%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp2932617955798506941%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:56:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183184
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7573
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 01:11:26 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Jan 2023 16:56:18 GMT

GET
DATA 200
OK truncated
/ Frame CC25 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLS_LxZARH_Vp750gZxeQBeyiDUz04bcD1_casZj=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CC25 2 KB
2 KB 72ms
20ms Image
image/jpeg 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLS_LxZARH_Vp750gZxeQBeyiDUz04bcD1_casZj=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b487e6390458c38b99abb6215507b8bd25f795dbaf1e24d233ddd5c51d295a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:51:18 GMT
x-content-type-options: nosniff
age: 7084
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2114
x-xss-protection: 0
server: fife
etag: "va"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 10 Dec 2021 08:35:14 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/6kfv6OjkAPo/ Frame CC25 27 KB
27 KB 48ms
21ms Image
image/webp 2607:f8b0:4006:817::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/6kfv6OjkAPo/sddefault.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8638ec50e9819468bde0e186fd824072ea0944ef09ffe6f3060996adcd0027d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:13 GMT
x-content-type-options: nosniff
age: 9
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27146
x-xss-protection: 0
server: sffe
etag: "1643415215"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 02 Feb 2022 21:49:13 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 20ms
18ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=8a719160-6396-13c0-4d58-b6864ce19c23&tv=%7Bc:35Wft8,pingTime:-2,time:1024,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:235,beZ:236,mfA:467,cmA:469,inA:469,inZ:477,prA:477,prZ:492,si:503,poA:504,poZ:532,cmZ:532,mfZ:532,loA:652,loZ:655,ltA:1257,ltZ:1257%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:267%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1024,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:266,wc:0.0.1600.1200,ac:650.108.300.250,am:i,cc:650.108.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B787~100%5D,as:%5B787~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sWjyRYL+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17*.928934%7C171%7C172%7C181,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,slid:%5Bgoogle_ads_iframe_/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index_0,google_ads_iframe_/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index_0__container__,ad-1,ad__inner-1,main-content%5D,sinceFw:754,readyFired:true%7D&br=u
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:22 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 23ms
20ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=4baa76bf-ddd2-7efa-b7db-88249b2817c2&tv=%7Bc:35Wfui,pingTime:-2,time:981,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:206,beZ:208,mfA:536,cmA:537,inA:537,inZ:540,prA:540,prZ:545,si:548,poA:549,poZ:571,cmZ:571,mfZ:571,loA:1128,loZ:1129,ltA:1188,ltZ:1188%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:341%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:982,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:341,wc:0.0.1600.1200,ac:436.1262.728.90,am:i,cc:436.1262.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B650~0%5D,as:%5B650~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sWjyS0B+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C171%7C172%7C173%7C18*.928934%7C181,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index_1,google_ads_iframe_/3081/SMCO_ENCO_MAGOnFarmer_EN_WEB/index_1__container__,ad-2,ad__inner-2,main-content%5D,sinceFw:639,readyFired:true%7D&br=u
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:22 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B3B0 0
0 54ms
52ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbR7HL35z-wIZTUwhW_NLrHvnMYa_MF0_WMm6zlnNp04Ztf-VsOWSnk_dDKQjTiZVrYjXTdg_i-tCUO5jif952Z8ABq2SceUhJ_klu83Ps8OP7EzlKoEsi7heKhNmeVLjguhACMsj8ab7LkmG37UKlqwDpp0w5NYXHLKFl8JeDwgYMZ563JKP9mH3cyBtPHXlv-2Z03jaPGOKSE4Pv8Q3M-UkVQL1l306Onm9BR2W9fwVqN6q1SPubsnfthiTWvs_D1IvR50ASau8V5Td_q0LyAyfYVdmVCD7EtRMnRqP9Zd2H-Kya-08W_u5kZwy6UnHs1phYjlCJWpCbdZJI8Lv8JFTtksW9jlsprTrexrvGpFYPVCQIpqBdalA&sai=AMfl-YRb0-5c6MP9HE0PBF6Lm_uBCY1UFXKj_Bie1Zz_1Li45fUonh74KzuhUm7bA9rEkfdevEOctAqZPKz68uQN61JuWH4ZGAfosLyxzrOOyauGo0HE7Qpp2rd8kfA3V1lnXFJkG6vLjy3hcWAzdoiQlxg&sig=Cg0ArKJSzF3gSmqgusEMEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Feb 2022 19:49:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 02 Feb 2022 19:49:22 GMT

POST
H3 200 embedded_player Show response
www.youtube.com/youtubei/v1/ Frame CC25 48 KB
16 KB 62ms
62ms Fetch
application/json 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/embedded_player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e06dea74/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9813ad0f05767baa0c0ce4ff395a6f36fa988ce8501b7666cb87cc735d9165a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/6kfv6OjkAPo?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y%2CQkT6LepK8mg&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253DIAS_UNSCORED_PG%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp2932617955798506941%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220130.00.00
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-Goog-Visitor-Id: CgstOE9OWEtmdThqWSjBwOuPBg%3D%3D
Content-Type: application/json

Response headers

date: Wed, 02 Feb 2022 19:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16339
x-xss-protection: 0

GET
H2 200 optout_check Show response
beacon.krxd.net/ 82 B
241 B 25ms
24ms Script
text/javascript 34.206.47.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.postmedia.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.47.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-47-24.compute-1.amazonaws.com
Software: /
Resource Hash: 6a9f6b5ba8fb96d03271aa0817c1a56e3823459870b9bd4ce57aab9395b4906b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:22 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=45 t=1643831362
x-served-by: beacon-n003-ash-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 364 B
509 B 35ms
35ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=42fb57ac-2013-45a6-8dad-332d53e17c1b&technographics=1&callback=Krux.ns.postmedia.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ce01230fa0eec85b2d1f5e090083c70b5b93d8e21d122f31a621ec735c5d2964

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Wed, 02 Feb 2022 19:49:22 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a001-ash-prod.krxd.net, cache-yul12824-YUL
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1643831363.937086,VS0,VE23
content-length: 281
x-cache-hits: 0, 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 107ms
44ms XHR
application/json 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df93795ded06d07481560c96d9dc9d6de22d18572bfc5944f912baf7f9450a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Feb 2022 19:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9891
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CC25 4 KB
3 KB 117ms
67ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e06dea74/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 19:49:23 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame CC25 0
9 B 30ms
29ms Image
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?bvF25A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/6kfv6OjkAPo?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y%2CQkT6LepK8mg&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253DIAS_UNSCORED_PG%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp2932617955798506941%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 ribn-postmedia.min.js Show response
assets.ribn.com/v2/production/ 13 KB
4 KB 440ms
25ms Script
application/javascript 2600:9000:2140:7a00:7:75d4:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by: Host: gcp-bc-785-ontariofarmer.gdev.postmedia.digital
URL: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:7a00:7:75d4:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 20:25:38 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 18:06:03 GMT
server: AmazonS3
age: 84226
etag: W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: rRkNZCi10oDyoU4bhQQbC5ZbtgoZHJ3nw6T2-ATVrK3Trg3vLnnwXw==

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/10276888/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
348 B

43ms
41ms

Script
application/javascript

13.33.46.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 13.33.46.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-46-48.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:38:41 GMT
via: 1.1 c7f2e710eb5e4c599a030513a5a7ed22.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 643
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: EWR52-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: hghqZgdxdvfScFWzgjpyTb0aGIgFhku2oWdeW2foFK7Rz1aQupu62Q==

Redirect headers

date: Wed, 02 Feb 2022 19:49:23 GMT
via: 1.1 c7f2e710eb5e4c599a030513a5a7ed22.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: zDCJ_m4-geJEa9F_0SCKcjujSf_rD4Lk0CDse8kWMtGf4o4_wQHGAQ==

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 30ms
19ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=8a719160-6396-13c0-4d58-b6864ce19c23&tv=%7Bc:35WfAB,pingTime:1,time:1486,type:p,env:%7Bar:self.0%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:267%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1486,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:266,wc:0.0.1600.1200,ac:650.108.300.250,am:i,cc:650.108.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1248~100%5D,as:%5B1248~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:148,fm:sWjyRYL+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17*.928934%7C171%7C172%7C18.928934%7C181,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:23 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 55ms
24ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=8a719160-6396-13c0-4d58-b6864ce19c23&tv=%7Bc:35WfAC,pingTime:1,time:1487,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:267%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1487,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:266,wc:0.0.1600.1200,ac:650.108.300.250,am:i,cc:650.108.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1249~100%5D,as:%5B1249~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:148,fm:sWjyRYL+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17*.928934%7C171%7C172%7C18.928934%7C181,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:23 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 57ms
18ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=8a719160-6396-13c0-4d58-b6864ce19c23&tv=%7Bc:35WfAC,pingTime:1,time:1487,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:267%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1487,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:266,wc:0.0.1600.1200,ac:650.108.300.250,am:i,cc:650.108.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1249~100%5D,as:%5B1249~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:148,fm:sWjyRYL+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17*.928934%7C171%7C172%7C18.928934%7C181,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:23 GMT
X-Server-Name: dt57.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 351ms
49ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 19:49:23 GMT

GET
H3 200 CTA_Logo.svg
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 11 KB
3 KB 24ms
21ms Image
image/svg+xml 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/CTA_Logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe2e13082fd8bb9d2fe827126b12f5d4dfe291a2689e60252883516008a400ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2914
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 InspiringCanadians_Tagline.svg
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 17 KB
4 KB 25ms
22ms Image
image/svg+xml 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/InspiringCanadians_Tagline.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31ad8e40b297b21fb15bff2784c9c0b801c15ff6f9d0a01ddc65d4addf968bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3623
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 WithExpertInfo_BodyV2.svg
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 36 KB
6 KB 35ms
32ms Image
image/svg+xml 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/WithExpertInfo_BodyV2.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a5bda9f4574a42d3b55344f38997045a8b6a62c6fc28755efb8a9ae9b84137c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6592
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 btn_replay-01_HealthingBlue.svg
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 813 B
566 B 34ms
31ms Image
image/svg+xml 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/btn_replay-01_HealthingBlue.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

833c8ac03f4a02a79e5ea94a3a11b7665b3e744c5f4d9bcc9964a2d3c98f040b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 538
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 StopWorrying.svg
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 6 KB
2 KB 32ms
29ms Image
image/svg+xml 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/StopWorrying.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce70150527555f85137bbb3a1b17eafbdfdeef7e3b85787e09a62f94917852cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2179
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 StartHealthing.svg
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 7 KB
2 KB 26ms
24ms Image
image/svg+xml 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/StartHealthing.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e861091d963f75924c28aee29268465759dd8787cfd5f2020b6749d64fdaefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1994
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H3 200 BB_BG1_V2.png
s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/ Frame 8318 103 KB
103 KB 36ms
34ms Image
image/png 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/BB_BG1_V2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4546393993a8bb2aae2f89edd715015fcdb6d6cefa5ab0cbc0fc8bed9a22682c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62002358/20220114151116424/index.html?e=69&leftOffset=0&topOffset=0&c=cnivk2CDIa&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:19:34 GMT
x-content-type-options: nosniff
age: 80989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105659
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 23:11:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 21:19:34 GMT

GET
H2 200 42fb57ac-2013-45a6-8dad-332d53e17c1b Show response
consumer.krxd.net/consent/get/ 224 B
308 B 33ms
33ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 90af3724c1fdead89b472ffa445d2b1341061ff3001500ecac1e174db7f959cc

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:23 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a016-ash-prod.krxd.net, cache-yul12833-YUL
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1643831363.241959,VS0,VE19
content-length: 185
x-cache-hits: 0, 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/97/ Frame CC25 53 KB
15 KB 49ms
20ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/97/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15488
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 15:04:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Thu, 03 Feb 2022 17:17:13 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 19ms
18ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=8a719160-6396-13c0-4d58-b6864ce19c23&tv=%7Bc:35WfCR,pingTime:-10,time:1626,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1643831363268%7C%7C304fa09e786d9b3286ac3dde6e6aa5e5%7C%7C8866308252d63f9bf74b74e606896148%7C%7C158dff398a8ae7c6e5753468fcd86b86%7C%7Caa73ef411c06767d81149f144a68b9cf%7C%7C4f56a76aa237274f189eb369ab929b70%7C%7Ca2277cbfdc03d9041f80b79fda881eac%7C%7C4117a9dab358f041955c7de73d748a46%7C%7C1629390669%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:23 GMT
X-Server-Name: dt57.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
336 B 24ms
24ms Image
text/plain 34.206.47.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=uthtxmddg&_kpid=42fb57ac-2013-45a6-8dad-332d53e17c1b&_kcp_s=communities&_kcp_d=postmedia.digital&_knifr=8&_kua_kx_tz=0&geo_country=ca&geo_region=qc&geo_dma=124462&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_whistle=0&_kua_mpid=2932617955798506941&_kua_ad_light_user=false&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=ca&_kua_kx_geo_region=qc&_kua_kx_geo_dma=124462&_kpa_domain=postmedia.digital&_kpa_page_type=index&_kpa_communities_page_type=index&_kpa_main_category=index&_kpa_env=test&_kpa_view_type=HTML&_kpa_paywall_whitelist=false&t_navigation_type=0&t_dns=0&t_tcp=28&t_http_request=-1&t_http_response=352&t_content_ready=4525&t_window_load=7943&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=w3vhm65bx&userdata_user=Oo5d9P0r%2Cw3vhm65bx&sview=1&kplt0=41818&kplt1=42920&kplt2=42921&kplt3=42922&kplt4=44981&kplt5=45977&kplt6=46302&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F42fb57ac-2013-45a6-8dad-332d53e17c1b%2C249%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C311%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C360%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F42fb57ac-2013-45a6-8dad-332d53e17c1b%2CNaN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.47.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-47-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=80 t=1643831363
x-served-by: beacon-n018-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 20ms
19ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=4baa76bf-ddd2-7efa-b7db-88249b2817c2&tv=%7Bc:35WfDZ,time:1582,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1583,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:341,wc:0.0.1600.1200,ac:436.1262.728.90,am:i,cc:436.1262.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1251~0%5D,as:%5B1251~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:117,fm:sWjyS0B+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C171%7C172%7C173%7C18*.928934%7C181,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:23 GMT
X-Server-Name: dt57.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 468D 13 KB
5 KB 46ms
22ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Feb 2022 03:34:20 GMT
expires: Thu, 02 Feb 2023 03:34:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 58503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C4EA 783 B
533 B 67ms
55ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f74d2779db1962c90654cb28a9f369d1decde98d623cb55452d42bbe3b2eef71

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iExiUrQ/QlRjFbdFiYsW2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 02 Feb 2022 19:49:23 GMT
date: Wed, 02 Feb 2022 19:49:23 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-iExiUrQ/QlRjFbdFiYsW2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 mdqKvlGwTeSXiP4SbDG4fPc0JxjBpG49JTgeDIKrRjQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 468D 35 KB
13 KB 54ms
20ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mdqKvlGwTeSXiP4SbDG4fPc0JxjBpG49JTgeDIKrRjQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99da8abe51b04de49788fe126c31b87cf7342718c1a46e3d25381e0c82ab4634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 15:08:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Feb 2023 15:08:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C4EA 0
0 98ms
83ms Image
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012701&jk=393317054189003&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame E1C7 0
260 B 78ms
24ms Script
text/plain 8.28.7.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:28:11 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B3B0 42 B
64 B 111ms
82ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnC3uHMQqFRUOQB_FcuESLzTxkyhKVZnOemeI8ykPENGKLPxaKykF44W0OyvuGFTLSCeD8kzeg6O9EK1MbY8iwrQDEo3dMzQ9I9cep9zWZbBMVjkIv&sig=Cg0ArKJSzH6B43pZHATGEAE&id=lidar2&mcvt=1017&p=108,650,358,950&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20220131&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=625928897&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643831361403&rpt=1378&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 468D 0
9 B 23ms
23ms Image
text/plain 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SzSoBg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 20ms
19ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=4baa76bf-ddd2-7efa-b7db-88249b2817c2&tv=%7Bc:35WfSj,pingTime:-10,time:2470,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1643831363268%7C%7C304fa09e786d9b3286ac3dde6e6aa5e5%7C%7C8866308252d63f9bf74b74e606896148%7C%7C158dff398a8ae7c6e5753468fcd86b86%7C%7Caa73ef411c06767d81149f144a68b9cf%7C%7C4f56a76aa237274f189eb369ab929b70%7C%7Ca2277cbfdc03d9041f80b79fda881eac%7C%7C4117a9dab358f041955c7de73d748a46%7C%7C1629390669,sca:%7Bspg:8a719160-6396-13c0-4d58-b6864ce19c23%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:24 GMT
X-Server-Name: dt57.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 89ms
82ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012701&jk=393317054189003&bg=!TE-lTwvNAAYZkRhwGZE7ACkAdvg8WpjRJlTfJ46U15zgoMd_mu_gHzNQAmvrBboTNKyFI6T74gi0BAIAAACvUgAAAAVoAQcKAA0zSAeHjf1v7U5w7tRFmQLss_TQr7nTXHwkhhmtqtCIvvMxl2L7_bz7JCglaK17uuS5gAOgHuHhaMXQWpFXyAsbSOn5vUiqOJ4PAETy647yo0434AZ--Ml1sh8I00QcUWeRPsJzgnSl2wQii6kEVcAa6TdyIQHxigw68hxNb60mFu2Okq1jtOKrofBakqXeebXXnfx8jozUOxTH37PZl-1TqNYQ-I7J335U_N5hllhF-62p91T9ZOvssrzLaDvYwyi3kyga6vQq6cs8XFhGyoL0J6prJ87KEKb3-ZQoqiV3sMXCScAfvL625HlWpCZSjxcIijGILIH6LYTfP1aRsYQJfnlitS9xk1L0yXXkwH8gdIDUZeq2-nguUKe0hCDAiQ74kiYnj3Rleb9k4yij9Z79OBnlZ7DO-GXFJqN-VWJJIvvEX_T0B3mxOqlD2FNcesRCYBapK8DLDd51CSPKgm8iWTkxmyDvt39ZPLr96K2Awkzv79IPoHFDp61joVBbAX52m9hvcvb4G0eJ7OkTXD-dKqdBLPZ32Br1fL3H-_qbRFp1ozk5XBImCZpFC8lEuwvj-ReEo6ltaKMzJsoIz3vpBV2KRTF8MAwAMzWuHt21Z5lt7jwsIEGW_mfi5DVWr9t4DI3hsvOE90giltYUuqYEEB-vBQptFCwAd-gfp0BRoU30DN6rW_uJ3OHyJDTOhRHwa0InW4tNZaivxrJrkcfRVt4AhEGnXebkFls-hA9ONlPXCHLYpYwZ6S4ljTjPWlOQYx-LwCrgw8C3scosZOZEx19qqxrPAYpzjZff7GyWnNklp7ScsPtU8YiafMB9tU1IVxtpC72oQ3RDimbOTJZ1Wp9YChLmSMRpB_qCrHVEp6hb_fLa_rchfYlcxfH2ueqMYDEbNhUgybtpve0Rfc21PhTfpNyDfilF8cVw7t54hfVnEdbHxZTT8EyRQatRxIgL26C8D85eKh9nHhk9lDD5snO_d28U0lmon7P23MADBMVhaUUjBNpeky6nog

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 19:49:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CC25 28 B
50 B 41ms
40ms XHR
application/json 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e06dea74/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/6kfv6OjkAPo?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fgcp-bc-785-ontariofarmer.gdev.postmedia.digital&playsinline=1&rel=0&playlist=6kfv6OjkAPo%2CGSTTZ7mtwKc%2ClkhYkiqApyI%2CLefQlPR5tiU%2CiYlGGPcBNLM%2Ce3Q4fByDnWY%2CFELEXBxSqOc%2CHiIgtQALCkI%2CU04Sbe64a2Y%2CQkT6LepK8mg&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2FSMCO_ENCO_MAGOnFarmer_EN_WEB%2Findex%22%2C%22cust_params%22%3A%22player%253Dyt%2526no_pol%253Dtrue%2526page%253Dindex%2526pr%253Donf%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253DIAS_UNSCORED_PG%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp2932617955798506941%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1
X-YouTube-Client-Version: 1.20220130.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgstOE9OWEtmdThqWSjBwOuPBg%3D%3D
X-YouTube-Ad-Signals: dt=1643831361857&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C501%2C282&vis=1&wgl=true&ca_type=image&bid=ANyPxKq6aHHw-kwNlP7q6mYPSF1G0Cm4c0B7VMvW5LWG3U251yGmr1JxWmoOM66xgid6g-qefl1VyORTylejj-FyXTykMEOIXQ

Response headers

date: Wed, 02 Feb 2022 19:49:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

POST
H2 202 events Show response
jssdks.mparticle.com/v3/JS/us1-a9588c0ddc27594cabd152e47ffe27ee/ 41 B
286 B 55ms
26ms Fetch
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v3/JS/us1-a9588c0ddc27594cabd152e47ffe27ee/events
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-a9588c0ddc27594cabd152e47ffe27ee/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 31a6430155ebdbc3696d64b5d7ab869119619cd26f12d032f34311d2827b2b8b

Request headers

Accept: text/plain;charset=UTF-8
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 02 Feb 2022 19:49:25 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1643831365.203526,VS0,VE16
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by: cache-yul12829-YUL
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 19ms
18ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928934&asId=8a719160-6396-13c0-4d58-b6864ce19c23&tv=%7Bc:35WgC0,pingTime:5,time:5417,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:267%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5417,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:266,wc:0.0.1600.1200,ac:650.108.300.250,am:i,cc:650.108.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5179~100%5D,as:%5B5179~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:49,fm:sWjyRYL+11%7C12%7C13%7C1411%7C14121%7C14122%7C14123%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C15%7C16%7C17*.928934%7C171%7C172%7C18.928934%7C181,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gcp-bc-785-ontariofarmer.gdev.postmedia.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Feb 2022 19:49:27 GMT
X-Server-Name: dt57.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

98 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/	1970-01-20 00:47:16	Name: x-id Value: {"data":{"id":"zxsmh67la3pmdxfj7ycohg7h30le4jy4m","updated":1643831359616},"exp":604800000,"ts":1643831359658,"mac":1683620562}
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/	1970-01-20 00:37:11	Name: __adblocker Value: false
.postmedia.digital/	1970-01-20 02:46:47	Name: _gcl_au Value: 1.1.882856729.1643831360
.scorecardresearch.com/	1970-01-20 17:53:59	Name: UID Value: 1041357570fb2a484a7e2421643831360
d395dw5zk780j2.cloudfront.net/	1970-01-20 00:47:16	Name: x-id Value: {"data":{"id":"zxsmh67la3pmdxfj7ycohg7h30le4jy4m","updated":1643831359616},"exp":604800000,"ts":1643831360139,"mac":1703787178}
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/	1970-01-20 00:47:16	Name: political-ad-opt-out Value: {"data":false,"exp":604800000,"ts":1643831360202,"mac":-149213346}
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/	1970-01-20 00:37:13	Name: sailthru_pageviews Value: 1
.postmedia.digital/	1970-01-20 09:22:47	Name: mprtcl-v4_767FC2FC Value: {'gs':{'ie':1\|'dt':'us1-a9588c0ddc27594cabd152e47ffe27ee'\|'av':'1.0.0'\|'cgid':'4e4166cc-114f-4ffc-87ec-258087f08c3b'\|'das':'b9ccfd2a-cceb-4e5b-b0b7-8b2713f88948'\|'csm':'WyIyOTMyNjE3OTU1Nzk4NTA2OTQxIl0='\|'sid':'13C3F8A9-E638-4E6C-809C-5526DDC56C24'\|'les':1643831360330\|'ssd':1643831359925}\|'l':1\|'2932617955798506941':{'fst':1643831360143\|'ui':'eyIwIjoienhzbWg2N2xhM3BtZHhmajd5Y29oZzdoMzBsZTRqeTRtIn0='}\|'cu':'2932617955798506941'}
.linkedin.com/	1970-01-20 02:46:47	Name: li_sugr Value: 00f8206e-2672-4139-9d42-68605189e23d
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:09:05	Name: bcookie Value: "v=2&66460c9f-32de-4dc7-8135-a9ff72ea7e89"
.linkedin.com/	1970-01-20 00:38:37	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2531:u=1:x=1:i=1643831360:t=1643917760:v=2:sig=AQEP37cbeL8R-yggRaR8rnMk0oOj_91s"
gcp-bc-785-ontariofarmer.gdev.postmedia.digital/	1970-01-20 09:22:47	Name: sailthru_visitor Value: 40bf25c4-650b-4799-9f15-8bb222a03722
.postmedia.digital/	1970-01-20 02:46:47	Name: _fbp Value: fb.1.1643831360638.1441199513
.linkedin.com/	1970-01-20 01:20:23	Name: UserMatchHistory Value: AQK_sjgHU7cAYAAAAX67-_x9B1f3iJg_IURT5DV6WbhUBlBUeJz1s8nc0cywgRKVeDocobLYeaX9UQ
.linkedin.com/	1970-01-20 01:20:23	Name: AnalyticsSyncHistory Value: AQLM_VUMABdVrgAAAX67-_x9Y5ElKau0XI7ltD_4nGeZ_3uSGy2QyE-GAIjyZMzl38r7eVdZRp16OqniKdGDBA
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 18:09:05	Name: bscookie Value: "v=1&20220202194920d1ac1c53-5685-4760-8e1a-538887904b84AQEoOcqvlu_NNOf-x5oPiI6DTJJs7zys"
.facebook.com/	1970-01-20 02:46:47	Name: fr Value: 0p0pP5JP1sAuPhNK0..Bh-uBB...1.0.Bh-uBB.
.yahoo.com/	1970-01-20 09:23:08	Name: A3 Value: d=AQABBEHg-mECEIkmpxv-hCffP5BihIBGcpEFEgEBAQEx_GEEYgAAAAAA_eMAAA&S=AQAAAl0ipgaPzo1dudps9u9VuvE
.krxd.net/	1970-01-20 04:56:23	Name: _kuid_ Value: Oo5d9P0r
.everesttech.net/	1970-01-20 09:22:47	Name: everest_g_v2 Value: g_surferid~YfrgQQADOAERNQAy
.acuityplatform.com/	1970-01-20 09:22:47	Name: auid Value: 644504955137
.t.co/	1970-01-20 18:08:23	Name: muc_ads Value: 1ee7cca8-f61e-4cd8-91c4-335bd3f0d184
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrQwNDYwNTA3sDS3NLMwMjQyNBTiM9StijQzNHKJSAyqMPYBAH4hsuMlAAAA
.rfihub.com/	1970-01-20 09:58:47	Name: eud Value: H4sIAAAAAAAAAGsS5DU0MzG2MDY0NjM0MDUAAAw5LZMQAAAA
.rfihub.com/	1970-01-20 09:58:47	Name: rud Value: H4sIAAAAAAAAAOMSNrQwNDYwNTA3sDS3NLMwMjQyNBTiM9StijQzNHKJSAyqMPaR4jU0MzG2MDY0NjM0MLEEAC5hK440AAAA
.twitter.com/	1970-01-20 18:08:23	Name: personalization_id Value: "v1_Z65FljtN/Rpg1gJujobo1w=="
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: JPlPUZ7mKhU
.youtube.com/	1970-01-20 04:56:23	Name: VISITOR_INFO1_LIVE Value: -8ONXKfu8jY
.analytics.yahoo.com/	1970-01-20 09:24:13	Name: IDSYNC Value: 191l~230j
sync.srv.stackadapt.com/	1970-01-20 09:22:47	Name: sa-user-id Value: s%3A0-631c443d-f5bc-4916-69b7-a9e4a8a640b1.7GQHyYU99%2FkvBKCmSriLZi9vLPuxtuGaOow45iu7FQ0
.srv.stackadapt.com/	1970-01-20 09:22:47	Name: sa-user-id-v2 Value: s%3A0-631c443d-f5bc-4916-69b7-a9e4a8a640b1%24ip%24149.56.153.188.47UoCoPHxfIbg8G16C14bUWlWoJg1o9TrM%2BsFmFOw68
.amazon-adsystem.com/	1970-01-20 06:24:13	Name: ad-id Value: A1-_9eXoDk6FsvJMt1PgmGs
.amazon-adsystem.com/	1970-01-21 21:50:08	Name: ad-privacy Value: 0
.adsymptotic.com/	1970-01-20 02:46:47	Name: U Value: f81a0735ffada8c35d4f5476379c7624
.doubleclick.net/	1970-01-20 18:08:23	Name: IDE Value: AHWqTUkW-5c0mVhIWHPxmFHTjchAWnVjK68LiBOKztYjVfrBrt_BAyTbX8m7i0uThd0
.casalemedia.com/	1970-01-20 09:22:47	Name: CMID Value: YfrgQYYQiCCi6db-edHtygAA
.casalemedia.com/	1970-01-20 02:46:47	Name: CMPS Value: 470
.casalemedia.com/	1970-01-20 02:46:47	Name: CMPRO Value: 987
.casalemedia.com/	1970-01-20 00:38:37	Name: CMST Value: YfrgQWH64EEA
.ml314.com/	1970-01-20 00:37:11	Name: u Value: aHR0cHM6Ly9jZG4ua3J4ZC5uZXQvcGFydG5lcmpzL3hkaS9wcm94eS4zZDIxMDBmZDcxMDcyNjJlY2I1NWNlNjg0N2YwMWZhNS5odG1sIyFreGNpZD11dGh0eG1kZGcma3h0PWh0dHBzJTNBJTJGJTJGZ2NwLWJjLTc4NS1vbnRhcmlvZmFybWVyLmdkZXYucG9zdG1lZGlhLmRpZ2l0YWwma3hjbD1jZG4ma3hwPQ==
.ml314.com/	1970-01-20 09:22:47	Name: pi Value: 3624862461483548697
.openx.net/	1970-01-20 09:22:47	Name: i Value: fb9a86fc-59e9-0cf1-014c-426db581902b\|1643831361
.sharethrough.com/	1970-01-20 09:22:47	Name: stx_user_id Value: 006b84b3-57e9-4dfc-ba38-e02a3d9e8e87
.lijit.com/	1970-01-20 09:22:47	Name: ljt_reader Value: dfcd23d4f91ca4530438c695
.3lift.com/	1970-01-20 02:46:47	Name: tluid Value: 3037751682814284874272
.doubleclick.net/	1970-01-20 00:37:12	Name: test_cookie Value: CheckForPermission
.adnxs.com/	1970-01-20 02:46:47	Name: uuid2 Value: 2184349593536315459
.mathtag.com/	1970-01-20 10:03:06	Name: uuid Value: 9ae061fa-e041-4b00-925c-d6bd5330343a
.postmedia.digital/	1970-01-20 09:58:47	Name: __gads Value: ID=30300266ed538017-22246676b77b0034:T=1643831360:S=ALNI_MalsjmJiFLS4lu4WCDH4EO-Ho0TXg
.lijit.com/	1970-01-20 09:22:47	Name: ljtrtbexp Value: eJyrVjIzU7IyNDMxNTAxsDQz1FGyMEbjW6LyLQ1Q%2BSYo6msBmaMQSw%3D%3D
.openx.net/	1970-01-20 00:58:47	Name: pd Value: v2\|1643831361\|vMgakWgyiK
.bidr.io/	1970-01-20 10:05:41	Name: bito Value: AACur07D9cEAAGxNrR7PhA
.bidr.io/	1970-01-20 10:05:41	Name: bitoIsSecure Value: ok
.agkn.com/	1970-01-20 09:22:47	Name: ab Value: 0001%3AGWL7G2JZG%2BzOA%2FtqXMuoRRihihQ9JUy%2B
.districtm.io/	1970-01-20 01:03:06	Name: _dm_uid Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2JJQWJJR0d6STBXa2h2UW5KUGJVVkxNWEJRTm5KSU5rUkpNWFp3ZVdSek5Mb0dGUWlnVGhJUVdXWnlaMUZSUVVSUFFVVlNUbEZCZWJvR0VRaW1UaElNTmpRME5UQTBPVFUxTVRNM3VnWWdDS3BPRWh0WmVIaEZVR1pYT0ZOU1duQjBObTVyY1V0YVFYTmFWVFJ0WW5lNkJnTUlyazY2QmdNSXNFNjZCaGdJeUU0U0V6RTRNVE13TlRBM01EazNPVFk0TWpFeU1URzZCakVJeVU0U0xIa3RkbFJyUlcxYVpFVXlkVWgyZVZJM1pWUTRSbGxmVGpBMU1qUnBZWFZ4UTNwRk1tUnRkR28wTFg1QiIsImlhdCI6MTY0MzgzMTM2MX0.CKuZU9-Ycn_GIXgfq1yM30z_SVOqYs7LZE8zg0BrOhgfr-5VFsxscgZzcyYcpW1e3eIFLO63U1Qgfi4lsUj3OQ
.adsrvr.org/	1970-01-20 09:22:47	Name: TDID Value: 33110dd9-1b59-410c-abc5-f076108cd5fa
.quantserve.com/	1970-01-20 02:46:47	Name: d Value: ECIBDQGsJd-owQA
.quantserve.com/	1970-01-20 10:07:25	Name: mc Value: 61fae041-8badb-5f5cc-e2360
.acuityplatform.com/	1970-01-20 09:22:47	Name: aum Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTM3+o11c2VyTWF0Y2hpbmdJZCQEkpFsYXN0RHJvcFRpbWVNaWxsaXMlAT8ufz9wmJhsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQE/Ln8/cJiPdGhpcmRQYXJ0eVVzZXJJZCH7gTI3+kIktkMlAT8uf0ABmkQlAT8uf0ABmkVXZGZjZDIzZDRmOTFjYTQ1MzA0MzhjNjk1+/uGdmVyc2lvbsL7
.pubmatic.com/	1970-01-20 02:46:47	Name: KADUSERCOOKIE Value: D6B2E08D-B04D-44E3-BC9F-E33DD80F5DDF
.pubmatic.com/	1970-01-20 02:46:47	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 00:38:37	Name: pi Value: 156011:2
.pubmatic.com/	1970-01-20 02:46:47	Name: DPSync3 Value: 1644969600%3A201_197%7C1644364800%3A164%7C1643846400%3A174
.pubmatic.com/	1970-01-20 02:46:47	Name: SyncRTB3 Value: 1644364800%3A2%7C1644969600%3A22_54_220_21_13
.owneriq.net/	1970-01-20 18:08:23	Name: si Value: Q6971177611306531574
.owneriq.net/	1970-01-20 00:51:35	Name: p2 Value: sv
.postrelease.com/	1970-01-20 09:22:47	Name: visitor Value: 0f49997a-51ca-4847-a37f-8b7704221280
.postrelease.com/	1970-01-20 09:22:47	Name: status Value: 1
.openx.net/	1970-01-20 00:58:47	Name: univ_id Value: 537072971\|33110dd9-1b59-410c-abc5-f076108cd5fa\|1643831361655243
.lijit.com/	1970-01-20 09:22:47	Name: _ljtrtb_66 Value: 644504955137
.lijit.com/	1970-01-20 09:22:47	Name: _ljtrtb_43 Value: l1eRi8RWw9uMXpWLxQTa38dTlImMA8XZl1Z_Q92p
.lijit.com/	1970-01-20 09:22:47	Name: _ljtrtb_90 Value: 0f49997a-51ca-4847-a37f-8b7704221280
.rlcdn.com/	1970-01-20 09:22:47	Name: rlas3 Value: M//OQ7p6e/YK49Ye2QrlLPk5LRlTjpemoRifGL440W8=
.adsrvr.org/	1970-01-20 09:22:47	Name: TDCPM Value: CAESGwoMc2hhcmV0aHJvdWdoEgsI9p2LvOSjszoQBRIXCghwdWJtYXRpYxILCMjXuL7ko7M6EAUSFgoHcnViaWNvbhILCLah6L_ko7M6EAUYASACKAIyCwjIz7vr-qOzOhAFOAFaCHB1Ym1hdGljYAI.
.mathtag.com/	1970-01-20 01:20:23	Name: mt_mop Value: 9:1643831361
.adform.net/	1970-01-20 01:17:30	Name: C Value: 1
.pubmatic.com/	1970-01-20 01:20:23	Name: KRTBCOOKIE_377 Value: 6810-33110dd9-1b59-410c-abc5-f076108cd5fa&KRTB&22918-33110dd9-1b59-410c-abc5-f076108cd5fa&KRTB&23031-33110dd9-1b59-410c-abc5-f076108cd5fa
.pubmatic.com/	1970-01-20 02:46:47	Name: PUBMDCID Value: 2
.pubmatic.com/	1970-01-20 01:20:23	Name: KRTBCOOKIE_218 Value: 4056-YfrgQQADOAERNQAy&KRTB&22978-YfrgQQADOAERNQAy&KRTB&23194-YfrgQQADOAERNQAy&KRTB&23209-YfrgQQADOAERNQAy
.turn.com/	1970-01-20 04:56:23	Name: uid Value: 3908086959649085956
.rlcdn.com/	1970-01-20 02:03:35	Name: pxrc Value: CMHA648GEgUI6AcQABIFCOhHEAA=
.pubmatic.com/	1970-01-20 01:20:23	Name: KRTBCOOKIE_80 Value: 22987-CAESEAqDp_MQxb5_QkUMIFIR6L0&KRTB&16514-CAESEAqDp_MQxb5_QkUMIFIR6L0&KRTB&23025-CAESEAqDp_MQxb5_QkUMIFIR6L0
.simpli.fi/	1970-01-20 09:24:13	Name: suid Value: 3D51347408CC40D7BB6EE1AF4172DDBC
.adform.net/	1970-01-20 02:03:35	Name: uid Value: 761471914038002777
.pubmatic.com/	1970-01-20 01:20:23	Name: KRTBCOOKIE_22 Value: 14911-3908086959649085956
.pubmatic.com/	1970-01-20 01:20:23	Name: PugT Value: 1643831362
.pubmatic.com/	1970-01-20 01:20:23	Name: KRTBCOOKIE_148 Value: 19421-uid:3D51347408CC40D7BB6EE1AF4172DDBC
.pippio.com/	1970-01-20 09:22:47	Name: did Value: aK6ElpRCOIIngrL0
.pippio.com/	1970-01-20 09:22:47	Name: didts Value: 1643831362
.pippio.com/	1970-01-20 02:03:35	Name: nnls Value:
.pippio.com/	1970-01-20 02:03:35	Name: pxrc Value: CMLA648GEgUI3k4QAA==
.rubiconproject.com/	1970-01-20 09:22:47	Name: khaos Value: KZ5YR0AV-1K-JTNX
.lijit.com/	1970-01-20 09:22:47	Name: ljtrtb Value: eJwNysEKwjAMANB%2FyXmFpE2bZDePgjtsDDZ2GdU5ECrsIgriv9vr430hJWghMUdki5GCQAOG1XBnM5PsIt2yY2VxOcju9CqC7D15xXo51FvoPjx0mN726uZjunz6MQfdxnJ%2Bdiedl0LL2ps%2F4PcH1rEdDg%3D%3D
.lijit.com/	1970-01-20 09:22:47	Name: _ljtrtb_83 Value: KZ5YR0LU-T-6RFE
.rubiconproject.com/	1970-01-20 09:22:47	Name: audit Value: 1\|weWl7ioYYVAcnAKcz4tVfoJVm6NYwEHQWUGYBBV3A+ceECEUBMheivXZtg4p8Aaad3AKLMyvtDfqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.pubmatic.com/	1970-01-20 01:20:23	Name: SPugT Value: 1643822891

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71) Message: Unrecognized feature: 'attribution-reporting'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-full-version-list'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ad.turn.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.ca
adservice.google.com
ak.sail-horizon.com
analytics.twitter.com
ap.lijit.com
api.sail-personalize.com
assets.ribn.com
auth.lrcontent.com
beacon.krxd.net
c.amazon-adsystem.com
c1.adform.net
cdn.adsafeprotected.com
cdn.districtm.io
cdn.krxd.net
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
consumer.krxd.net
d395dw5zk780j2.cloudfront.net
dmx.districtm.io
dmx.us-east-34.districtm.io
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
f58beb23466913df738d0be754ce563b.safeframe.googlesyndication.com
fem.prod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
gcp-bc-785-ontariofarmer.gdev.postmedia.digital
googleads.g.doubleclick.net
hb.districtm.io
i.ytimg.com
ib.adnxs.com
id.rlcdn.com
identity.mparticle.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jadserve.postrelease.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
ml314.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
px.owneriq.net
px4.ads.linkedin.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
smartcdn.gprod.postmedia.digital
smartcdn.prod.postmedia.digital
snap.licdn.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
static.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.srv.stackadapt.com
t.co
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
www.facebook.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.npttech.com
www.youtube.com
yt3.ggpht.com
104.16.190.66
104.18.98.194
104.244.36.20
104.244.42.131
104.244.42.133
104.36.115.109
104.36.115.113
104.36.115.114
104.76.100.229
107.178.254.65
108.174.10.14
13.225.214.33
13.225.63.43
13.225.63.82
13.225.71.80
13.33.46.48
142.250.65.162
142.250.80.98
142.251.40.98
151.101.2.49
151.101.66.133
156.154.200.36
185.167.164.37
199.232.36.157
199.38.167.128
2001:4998:14:800::1000
209.54.177.54
213.19.162.90
216.200.232.253
23.192.31.127
23.208.217.6
23.21.108.64
23.221.203.12
23.223.1.189
23.92.190.68
23.92.190.74
2600:141b:13::17d7:82d1
2600:1f18:4e9:5a07:6be:e2b0:f1c0:b548
2600:9000:2140:7a00:7:75d4:e40:93a1
2600:9000:21dd:5200:8:48e:53c0:93a1
2600:9000:21ec:9000:8:f216:eb80:93a1
2606:4700:10::ac43:835
2606:4700:3032::ac43:c0b6
2607:f8b0:4006:807::200e
2607:f8b0:4006:809::2003
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:817::2016
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::2006
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2008
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2001
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::2004
2607:f8b0:4006:822::2001
2607:f8b0:4006:823::2001
2620:112:f002:bbbb::21
2620:116:800b:21:61c0:eb61:c438:2f4e
2620:1ec:21::14
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:600::645
2a04:4e42::645
3.216.55.148
34.149.157.221
34.206.47.24
34.226.144.114
34.73.194.24
34.95.11.30
34.98.64.218
35.170.223.143
35.190.60.146
35.71.131.137
35.71.139.29
52.116.221.248
52.45.33.138
52.85.61.78
54.144.85.208
54.166.81.178
54.85.224.115
68.67.161.207
69.173.151.100
69.90.254.78
75.2.40.13
8.28.7.84
00e3bc05f59be2a1faacba16a7c0fba7de267a60f2e88c04789e4ffe0dfb6056
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
04ac22c00ed974893ab074a4d186725a18d8a6c22f91aff7f4fcc7db13d35361
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
081417696c4bc8c61ab42ec11a63db18893fa9372a66935c5492d931f4aebfc9
081d92859a41fa900435e926d8a4cb638f665b54401ce82718b34033cc5ee0fa
0a1bc874bc9b95a5583a5ec5cc1fc101590d6af74f716899b6f76d374da42e38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b93db8d9084f4d447ad44bc0517ae517c735507636add991dcfa41aac220127
0ca3199c7b5a1ec5078888cbf10373952e32c56ee292eda7bb82d17b158b1292
0ca367a40b39037858a2dbfc221129b3f620a7a35731880c725369a9671863d2
0e24bbff895f179766de8370bbca1ac0f9f98a70d39043fc4880efd8ce9cf90f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fbc907061b6169dcb1fb510d8e037414886f7c2d0782747392db7c423b89116
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1497c2deda8954f8b1eb298e6d80fd5a025c55bf3c679ea7c99dfbac50b4103a
166b06e63d1525b36173f7a22ae9e37705e29932b009543e03a97946fd1017dd
1a5bda9f4574a42d3b55344f38997045a8b6a62c6fc28755efb8a9ae9b84137c
1d1651d91488d8e6357d29c08174475d886c695a2a9101ab4c73efd0137ad3ef
1df93795ded06d07481560c96d9dc9d6de22d18572bfc5944f912baf7f9450a1
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23d00276404c2322c5d3bb27f5e930b67f81bc964189b36b028ab1521a5929db
24a45d59abbd870a878333929905816419eeea7bf302f44c39f487aabb706752
259970f8ac47bef42801979dc4f2e7b584d567b77d04eb96c2c83369ed132aca
25d2e9d2c676ae8ee0c6fe98862078372495e316a5222e859d7f81385ccf6c7d
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
300b9ba11e041384aafe746b81adbac891f04890e6d71728d572df9073610076
31a6430155ebdbc3696d64b5d7ab869119619cd26f12d032f34311d2827b2b8b
31ad8e40b297b21fb15bff2784c9c0b801c15ff6f9d0a01ddc65d4addf968bce
348180de8ed0528db1aee2b84174dcbe296baf2df1048a6f8d405181f4c3861d
34c4351e0ce42542bb0657355bfd91b4cb376ffce3bfc7de9ab1be8652124e3e
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3702675bb100b35f2cc13c2d7e830a1abb3d645ddeb6a2155be81d777d21dfa8
3807264035aecd2c6a31b146e19e85e68fb62eb21d04ab6849824c7f9335448b
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
39874e19af66fa05a8e943e773c81187cb7437bb3cb0076df6defb9381d32911
39a95bd7f8ff911c8a36dc1ae3b37f85d4684fd3897ab3df6dca5f8c3cd9b422
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe81c235530b0377e51de97148adceae2f8693488dd4cc240cbbaab7e9db4b1
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
42cb48fcecb9f09d629e736d1ca8a7eb9c37c8e493b140d071fa92396897b333
42d28b968b79182a5ce39cb1bfb0a1f62441f1fb1a5d233162712097967aa6cd
43c9c73ac2044d63ece453923cbbf9bbf45e15e239e45dce7d295e460f42224f
441203d18edcd1cbecf48bfccc264aa413f41d3607caf63ee51c670b8a5bf55c
44afe2ee5d462a0e35761b545acacb5b240681383e00e56b19dbfc385e89de72
4546393993a8bb2aae2f89edd715015fcdb6d6cefa5ab0cbc0fc8bed9a22682c
47362f03763fafea173fabaa570f4054c7931e5f8d1e6f6daa2b08cafae41cd3
4822f8790ca333d0f92d8f10d8bf11aba79a18a7ce1afe310b17be4d8e669269
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4910659dc839049030cd900a2fba16b8b73872cbdc04bf71c494b0c0512edef4
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4df71ea2400d4b8c6b87adb7ccf2812a2d4c6b1175f25d57adaabf624577fcc1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54056c3d00a9d4604098d48477c24bca2cf71ea95b9d95bc099a0e20b895a320
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5853621d02d975fba45c91907a09fec43c635c608a30f31ecd9b85342693b41d
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
59e623fb78cdfb931ce91f7d2b52fd78f3051ddfcc12ff164dc42e766cd51d3c
5bfee1a430ede5828fcb00547e58f4121e6758b35517b4ee1b5387067a2e65e9
5e861091d963f75924c28aee29268465759dd8787cfd5f2020b6749d64fdaefa
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61a9435112cb68acc5f8da27798416ac4082a71a8ee5d392fb39c30185e4bc73
61aa815692e9edf603f12550ad0976ccde355df6e118e42f018a691738997d40
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f55cdfbd107792a0dd39f29b7b74de202f8c34bde3ef826b7a161637b8c0a0
630dcb1aea14b0b32672353c6718f225a51122da1e170c35185ed4177b3489cd
64e0e14481a2760b8d3ec49a4d01e89875c947635b38672487866d6191edcedc
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
6a9f6b5ba8fb96d03271aa0817c1a56e3823459870b9bd4ce57aab9395b4906b
6c1ef1b740888182594c1cecdfbbe59079ac16011b8841de8c5383faf0569bb1
728963de62d8aa3c97c44cecd4c4cc716a5104e698562b3ee4a596087724c060
7366c6fe73593de65c1a888b264acf0c02b80fefc2c25f04bba18b54a7eb770a
73b783357e1ed270e36ebc7846a8477f3d0d44e457405f46926ee2dc2a7db692
740a9e7b3db299d6c5d2013418c00c437d768f4097e5d74f6c58db38cc431e28
740f415874a74d3d1dd69c65a077747ee1db1a60e68a78da7362fbafb8554bc6
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
763a7cf64681177cb56a336b6f86c39db0e4d940d0459e739f4040d70f57f443
76a237b880fbfc8ac655e91dcf5c9af3b44ccc506c69328409b4047d72519eea
7720a0f40d088f144d749c07f075b8dfdc84afd25900a59045fe6c29d0fc5090
7a8eeaf2b963d18188f07f3e78982938224c9e58b5fab050989e51cbf44a3d6c
7b4157a837c3d4b1b9b6dbec916f1fe1ee0b28c3977ee8385618b50cd4bd4e19
7fb15552a88b764ca42963e71136255cecf99c6bccc6fdc68fbe0f930a516cb7
82b89ed3521ceae654e81e6b5d453c0c73abf4fce788f7f55dc92cc1b0b39551
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833c8ac03f4a02a79e5ea94a3a11b7665b3e744c5f4d9bcc9964a2d3c98f040b
8638ec50e9819468bde0e186fd824072ea0944ef09ffe6f3060996adcd0027d3
8beb132a751bf7fdfd70084935bcd73065ba507d0210fe7b2365d19941a81bcf
8ddf9e8fa96d1bbbeaf292ca94fc082dde61e4a6be90c87f8b2609fd88edbd4d
8e340e692f338702711a74ea15f2ba7c881ef508d86cdb17d2ca99fba7b26efe
8efc268132d526206d433febe50d279a657513bcf23a6b6a527f84811c6ba6c8
9008ac843d4735e349bdde45c352caeb6d5c1517622730fa602d6b56cf5e4b3a
9034335635758d7a2b0d8f6f94a42f45ca55f3a87ed38929c7ab89800036e708
90af3724c1fdead89b472ffa445d2b1341061ff3001500ecac1e174db7f959cc
94f7f09c46211d4a6fb5a8ce8e486faf744c21bfa6cf6843d5469a2cc38e4b08
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
97ebbb14c84d4682c8097790b33367c3a0614d1775bc8eb76b194e8c94262b3d
97f021d21f4c6ecb256ef53df152984ad47d4fa5d9b013223454abaccb92814a
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
9813ad0f05767baa0c0ce4ff395a6f36fa988ce8501b7666cb87cc735d9165a6
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99da8abe51b04de49788fe126c31b87cf7342718c1a46e3d25381e0c82ab4634
9b487e6390458c38b99abb6215507b8bd25f795dbaf1e24d233ddd5c51d295a5
9c7065338651c8d13e687d70c3ef6554dffb26d6e534eaad58e090481d30e5d6
a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd
a1f4086973dc8059c20b2a680c1e4cfae4069ff3a4a063a297bbcd9281115dab
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a43daa7f7b51b472b7b657134f86414bfbde762ce8828a9a66f57a0c22db4152
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa8c4f5924fd06cbaf5c65fac729f0c3207d1f70534b07fc0915948c41b29d6e
ac12663e136143f7c3a3bdadce2d8469e23431cb13d28a54319fec62cf861c3d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad83df4b65b92ddc371e35cb5adf21fc3f4fea2a90a93fccb543cfc2fbd8855a
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
af292e1466b0f8d0784fbda9e2be89d26c77262d4eaa7a929ea23390ccd75a0a
b0d6febbc20c47e27e4c7a0722e86da6190be9fdc8618a6f97adc0a965aa0cc2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b40fffdca8df7dcf6a825dc35de6f3ee8bca5119730c8938e77e805d8016cb78
b6450083a5b47788232fbe8dbf4ef3f900984519e23585b78d082e9f41109a1b
bed79e22634d48c6e53d084c7dc1ac8e7ed34377df61478f7020d89248124ea1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c26c7c1a018d2bbfd594f87c5bf5777229dce6949ccf0144a45bcb035a9abf02
c4e643ae33d23032dbb28195005972e53661b8979823f4935823d5d4012a2e8e
c5bfe7e837984f45a4b301978ceb06a03fea2e60a15b937d99fd5b30d6ae9946
c6d4675d324e5b40ed5fe0f15dfc55855a7d6389232ce7c981062d99b80d366c
c7360a9b46fde11845b3090ca0034fb409d92398a71f3ae15fac3a2fa29ae6cc
c7e1ebd4b71faafb93b3e412f872696a80b929958343d36bf931b881822a405d
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
ca157b8a9c98a19c0446a974ea642d13e3b3398f328d312fd474df9f63c45fe9
cc3cc0865aad29753640bd3cfee8f49521946b2c5867aea60616ea09b15f599e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce01230fa0eec85b2d1f5e090083c70b5b93d8e21d122f31a621ec735c5d2964
ce70150527555f85137bbb3a1b17eafbdfdeef7e3b85787e09a62f94917852cd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d36db8aee51bc56c39ecffea72d34245b6b8283dea712dae98e8e067b8758059
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
d5f7c1c0cbec2c27d4165db4cd06b7780f477fc9161008bde67c7a9d62b223aa
d66c408f2d22f32c480961298e6fba83ca59fe57386f9e6726a47c27553aad90
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
deee2c79a186a90b5128a2ef0b98f61898ab18c1d9a90c3e44903d98f42e3294
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfdc1f05ccfc2cb2352ee1b2a6a0988d1525f7c67cb966dce430ae8c4231245d
e04221fd9801b9b02aeef8202d787681fd89a42d68f5bd1be5e0616c0d71d67d
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e2cf23246faa8dc51d53f8194af77082ccfa8dff6a73596ea98c0ded52fb3a39
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e2f4ff612aae54db25ceb56885665ad9c8bfac2cad5f30c1b582febc1fe10789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e8989050bbb0d2b2573fdd8dfd7313ad8b377438339e13b400b1daf6adf600e5
e8d66f3c75632486132c8467957c0fba979e2cbb6b08c80bf5d4c0d91788ee3a
e90c54533fa9616c44df1623c81863cddb3cc17b097d53d4e5562fbb71d61f16
ea24837103070968a4b29ff947900cc3595204a8164ab822e53e0731074989ed
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa6cb2caa997918df62222b229b7e48be5ec55f53eb25b4effedbfe996da27a
eff9611cedbd4005f4e14141b36370a67bffe1e50b1082cb32a84ee835c27a21
f395d3ced059157c8870f5d24213c473e2425b9be016d82066917b216a429843
f40c33990c532ef379fe609b48dfca08d5fbcb6139e312a8e829466d7d09f34e
f74d2779db1962c90654cb28a9f369d1decde98d623cb55452d42bbe3b2eef71
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f79e1f14cff6f380ebbbea645bb159978ead5447a33a0ced34534b2271eb4019
f83eb7d18499c9a6689edb25617a4a24f5d105da04bc73d4c546f7d9918929a7
f95eb1f3cb1dbf2e5687a3f8422611bb45e64aa82a6e7dae0b1b3b6c5a68908d
fd583bd394cf970e462e11c2855609a468859ce761c8c3b6bc93dc90e93923cf
fe2e13082fd8bb9d2fe827126b12f5d4dfe291a2689e60252883516008a400ab
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

gcp-bc-785-ontariofarmer.gdev.postmedia.digital Open in urlscan Pro 34.95.11.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

267 Requests

72 %HTTPS

36 %IPv6

61 Domains

101 Subdomains

69 IPs

5 Countries

3190 kBTransfer

9832 kBSize

98 Cookies

12 Outgoing links

Page URL History

Redirected requests

267 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gcp-bc-785-ontariofarmer.gdev.postmedia.digital Open in urlscan Pro
34.95.11.30 Public Scan

Screenshot
Live screenshot

Full Image

267
Requests

72 %
HTTPS

36 %
IPv6

61
Domains

101
Subdomains

69
IPs

5
Countries

3190 kB
Transfer

9832 kB
Size

98
Cookies

267 HTTP transactions
5 data transactions