urlscan.io logo urlscan.io
SecurityTrails logo

winnipegsun.com Open in urlscan Pro
34.111.249.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://winnipegsun.com/
Effective URL: https://winnipegsun.com/
Submission: On January 07 via api from KR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 112 IPs in 9 countries across 75 domains to perform 436 HTTP transactions. The main IP is 34.111.249.109, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is winnipegsun.com.
TLS certificate: Issued by GTS CA 1D4 on November 17th 2023. Valid for: 3 months.
This is the only time winnipegsun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 34.111.249.109 396982 (GOOGLE-CL...)
25 34.149.157.221 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 65.9.90.93 16509 (AMAZON-02)
2 23.37.63.179 16625 (AKAMAI-AS)
1 13.32.27.33 16509 (AMAZON-02)
25 34.117.54.29 396982 (GOOGLE-CL...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 18.66.112.84 16509 (AMAZON-02)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
16 22 2600:9000:212... 16509 (AMAZON-02)
23 2a04:4e42:400... 54113 (FASTLY)
1 5 18.245.60.76 16509 (AMAZON-02)
27 151.101.65.44 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 65.9.95.3 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 13.107.6.158 8068 (MICROSOFT...)
1 184.30.211.26 16625 (AKAMAI-AS)
1 35.241.9.51 396982 (GOOGLE-CL...)
3 8 37.252.173.215 29990 (ASN-APPNEX)
1 4 2a02:2638:3::c 44788 (ASN-CRITE...)
9 34.107.254.252 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
4 54.194.182.86 16509 (AMAZON-02)
1 65.9.93.173 16509 (AMAZON-02)
1 104.18.35.167 13335 (CLOUDFLAR...)
2 75.2.40.13 16509 (AMAZON-02)
32 52.28.203.152 16509 (AMAZON-02)
15 18.196.234.143 16509 (AMAZON-02)
1 35.186.253.211 15169 (GOOGLE)
1 34.120.63.153 396982 (GOOGLE-CL...)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 16 172.64.151.101 13335 (CLOUDFLAR...)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
2 2602:803:c004... 26667 (RUBICONPR...)
1 52.209.113.22 16509 (AMAZON-02)
2 35.244.193.51 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.129.44 54113 (FASTLY)
15 141.226.228.48 200478 (TABOOLA-AS)
1 2600:9000:225... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 18.185.12.185 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2600:9000:212... 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
3 52.223.40.198 16509 (AMAZON-02)
3 2a05:d018:d29... 16509 (AMAZON-02)
8 104.79.89.214 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:1f18:44f... 14618 (AMAZON-AES)
4 2a04:4e42:200... 54113 (FASTLY)
4 69.173.144.138 26667 (RUBICONPR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
4 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 3 65.9.95.52 16509 (AMAZON-02)
1 65.9.97.61 16509 (AMAZON-02)
5 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:400... 54113 (FASTLY)
1 18.66.112.41 16509 (AMAZON-02)
1 143.204.98.101 16509 (AMAZON-02)
1 54.155.18.159 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
3 167.235.124.61 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
1 152.199.22.243 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42::626 54113 (FASTLY)
3 2600:9000:223... 16509 (AMAZON-02)
1 69.173.144.137 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 2600:1f13:800... 16509 (AMAZON-02)
1 44.215.232.18 14618 (AMAZON-AES)
3 2600:9000:212... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
1 141.226.224.32 200478 (TABOOLA-AS)
3 184.30.16.195 16625 (AKAMAI-AS)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 57.128.96.93 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 104.18.38.76 13335 (CLOUDFLAR...)
1 185.64.190.78 62713 (AS-PUBMATIC)
4 4 18.211.201.194 14618 (AMAZON-AES)
2 2 193.0.160.130 54312 (ROCKETFUEL)
1 35.244.174.68 15169 (GOOGLE)
2 2 142.250.181.226 15169 (GOOGLE)
1 2 209.54.182.161 16509 (AMAZON-02)
1 1 35.204.158.49 396982 (GOOGLE-CL...)
2 2 151.101.66.49 54113 (FASTLY)
1 1 35.214.246.118 15169 (GOOGLE)
1 57.128.96.92 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 184.30.16.183 16625 (AKAMAI-AS)
1 104.79.88.129 16625 (AKAMAI-AS)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2 104.76.200.221 16625 (AKAMAI-AS)
1 1 45.137.176.88 60350 (VP)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 37.157.6.254 198622 (ADFORM)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 184.30.24.22 16625 (AKAMAI-AS)
2 3.125.220.0 16509 (AMAZON-02)
436 112
3    34.111.249.109 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.249.111.34.bc.googleusercontent.com
winnipegsun.com
25    34.149.157.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    65.9.90.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-90-93.prg50.r.cloudfront.net
c.amazon-adsystem.com
2    23.37.63.179 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-63-179.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
1    13.32.27.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-33.fra56.r.cloudfront.net
cdn.adsafeprotected.com
25    34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
dcs-static.gprod.postmedia.digital
fem.gprod.postmedia.digital
1    2606:4700:3037::ac43:9bd7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    18.66.112.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-84.fra56.r.cloudfront.net
ak.sail-horizon.com
6    2606:4700:20::681a:fe4 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.catapultx.com
22    2600:9000:2127:a000:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
23    2a04:4e42:400::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
assets-jpcust.jwpsrv.com
5    18.245.60.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-76.fra60.r.cloudfront.net
sb.scorecardresearch.com
27    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:4400::ac40:9256 (United States)

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1    65.9.95.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-3.prg50.r.cloudfront.net
config.aps.amazon-adsystem.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700::6812:5eb (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
5    13.107.6.158 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: bingforbusiness.com
edge-auth.microsoft.com
1    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
8    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
4    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
9    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    2606:4700::6811:7711 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
12    2606:4700:20::681a:13e (United States)

ASN13335 (CLOUDFLARENET, US)
events.qortex.ai
demand.qortex.ai
2    2606:4700:e2::ac40:8714 (United States)

ASN13335 (CLOUDFLARENET, US)
api.fouanalytics.com
4    54.194.182.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-182-86.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    65.9.93.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-93-173.prg50.r.cloudfront.net
aax.amazon-adsystem.com
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
2    75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
32    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
15    18.196.234.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-234-143.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
16    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    52.209.113.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-113-22.eu-west-1.compute.amazonaws.com
ap.lijit.com
2    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    2a00:1450:4001:806::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
15    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
1    2600:9000:2250:fc00:15:2b26:f200:93a1 (United States)

ASN16509 (AMAZON-02, US)
placement-prd.jwpltx.com
6    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4572733f42e83b7bee2dd86ba051458d.safeframe.googlesyndication.com
4    18.185.12.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
postmedia.hub.loginradius.com
5    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2606:4700::6812:b07e (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
5    2600:9000:2127:5000:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
9    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
3    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    2a05:d018:d29:3605:c0d2:1e6b:33e4:3d3e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
8    104.79.89.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-214.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2600:1f18:44f0:4847:e5f9:63eb:8cb4:6f23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
4    2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    2606:4700:4400::6812:2a4f (United States)

ASN13335 (CLOUDFLARENET, US)
assets.ribn.com
4    2a02:26f0:1700:181::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
1    2606:4700::6811:c376 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
3    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:3033::6815:325a (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    65.9.95.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-52.prg50.r.cloudfront.net
get.s-onetag.com
live.rezync.com
1    65.9.97.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-97-61.prg50.r.cloudfront.net
cdn.parsely.com
5    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
3    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)
jssdks.mparticle.com
1    18.66.112.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-41.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.98.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-101.fra50.r.cloudfront.net
signal-beacon.s-onetag.com
1    54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
p1.parsely.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    167.235.124.61 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0039.cxense.com
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2600:9000:223f:a800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    152.199.22.243 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
3    2600:9000:223e:a400:1b:6b7c:c940:93a1 (United States)

ASN16509 (AMAZON-02, US)
prd.jwpltx.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
8    2600:1f13:800:7780:6e51:f02f:11ff:9181 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
1    44.215.232.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-232-18.compute-1.amazonaws.com
i.viafoura.co
3    2600:9000:2127:7200:2:cecb:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
videos-cloudfront-usp.jwpsrv.com
2    2606:4700::6812:4eb (United States)

ASN13335 (CLOUDFLARENET, US)
config.lrcontent.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
3    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    57.128.96.93 (Sartrouville, France)

ASN16276 (OVH, FR)
PTR: haproxy05.cl11.ovh.mrf.io
events.newsroom.bi
1    2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)
experiences.mrf.io
4    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    18.211.201.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-201-194.compute-1.amazonaws.com
i.liadm.com
2    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
2    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.214.246.118 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 118.246.214.35.bc.googleusercontent.com
csync.loopme.me
1    57.128.96.92 (Sartrouville, France)

ASN16276 (OVH, FR)
PTR: haproxy06.cl11.ovh.mrf.io
compassdata.mrf.io
1    2606:4700::6812:907e (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
1    184.30.16.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-183.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    104.79.88.129 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-129.deploy.static.akamaitechnologies.com
contextual.media.net
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
postmedia-d.openx.net
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    104.76.200.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com
hblg.media.net
2    3.125.220.0 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-220-0.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
Apex Domain
Subdomains		 Transfer
50 postmedia.digital
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 137760
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 179807
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 231126
851 KB
45 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1255
trc.taboola.com — Cisco Umbrella Rank: 960
vidstat.taboola.com — Cisco Umbrella Rank: 3607
am-trc-events.taboola.com — Cisco Umbrella Rank: 11740
images.taboola.com — Cisco Umbrella Rank: 1897
imprammp.taboola.com — Cisco Umbrella Rank: 11126
am-match.taboola.com — Cisco Umbrella Rank: 12141
am-vid-events.taboola.com — Cisco Umbrella Rank: 11014
pips.taboola.com — Cisco Umbrella Rank: 1936
cds.taboola.com — Cisco Umbrella Rank: 2300
730 KB
35 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 2827
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
3 KB
23 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 3192
entitlements.jwplayer.com — Cisco Umbrella Rank: 4229
90 KB
19 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 4264
videos-cloudfront-usp.jwpsrv.com — Cisco Umbrella Rank: 6247
962 KB
19 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 4062
ads.rubiconproject.com — Cisco Umbrella Rank: 2896
fastlane.rubiconproject.com — Cisco Umbrella Rank: 791
eus.rubiconproject.com — Cisco Umbrella Rank: 951
token.rubiconproject.com — Cisco Umbrella Rank: 744
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1222
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 4039
237 KB
16 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 757
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
11 KB
15 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1894
2 KB
15 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 5466
pixel.adsafeprotected.com — Cisco Umbrella Rank: 1190
static.adsafeprotected.com — Cisco Umbrella Rank: 988
dt.adsafeprotected.com — Cisco Umbrella Rank: 933
114 KB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
4572733f42e83b7bee2dd86ba051458d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
131 KB
12 qortex.ai
events.qortex.ai — Cisco Umbrella Rank: 34200
demand.qortex.ai — Cisco Umbrella Rank: 63400
6 KB
10 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2986
cdn.permutive.com — Cisco Umbrella Rank: 3770
52 KB
10 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
240 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
737 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
acdn.adnxs.com — Cisco Umbrella Rank: 957
secure.adnxs.com — Cisco Umbrella Rank: 793
23 KB
9 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 3026
449 KB
8 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 8531
identity.mparticle.com — Cisco Umbrella Rank: 2904
jssdks.mparticle.com — Cisco Umbrella Rank: 7780
115 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 6215
p1cluster.cxense.com — Cisco Umbrella Rank: 15673
comcluster.cxense.com — Cisco Umbrella Rank: 5742
id.cxense.com — Cisco Umbrella Rank: 13926
82 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
90 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
s.amazon-adsystem.com — Cisco Umbrella Rank: 398
77 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 6
region1.analytics.google.com — Cisco Umbrella Rank: 2014
2 KB
6 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766
ads.pubmatic.com — Cisco Umbrella Rank: 811
image6.pubmatic.com — Cisco Umbrella Rank: 1215
76 KB
6 catapultx.com
tags.catapultx.com — Cisco Umbrella Rank: 71183
193 KB
5 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 16289
215 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 597
bidder.criteo.com — Cisco Umbrella Rank: 878
mug.criteo.com — Cisco Umbrella Rank: 1867
8 KB
5 microsoft.com
edge-auth.microsoft.com — Cisco Umbrella Rank: 76668
307 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 274
6 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 979
2 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1067
cdn.indexww.com — Cisco Umbrella Rank: 2632
3 KB
4 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 10258
experiences.mrf.io — Cisco Umbrella Rank: 12895
compassdata.mrf.io — Cisco Umbrella Rank: 70638
59 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
21 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 16578
i.viafoura.co — Cisco Umbrella Rank: 18554
4 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 236409
1 KB
4 jwpltx.com
placement-prd.jwpltx.com — Cisco Umbrella Rank: 255164
prd.jwpltx.com — Cisco Umbrella Rank: 3317
811 B
4 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 114786
config.lrcontent.com — Cisco Umbrella Rank: 27252
100 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
storage.googleapis.com — Cisco Umbrella Rank: 682
imasdk.googleapis.com — Cisco Umbrella Rank: 639
537 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 4002
578 B
3 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 5297
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6989
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 9346
19 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
445 B
3 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 11211
cdn.tinypass.com — Cisco Umbrella Rank: 8727
buy.tinypass.com — Cisco Umbrella Rank: 9223
117 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1682
contextual.media.net — Cisco Umbrella Rank: 1093
hblg.media.net — Cisco Umbrella Rank: 2922
10 KB
3 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1919
lexicon.33across.com — Cisco Umbrella Rank: 2501
5 KB
3 winnipegsun.com
winnipegsun.com
72 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
1 KB
2 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 3039
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396
646 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1485
2 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2302
1 KB
2 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7834
851 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
62 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 4472
p1.parsely.com — Cisco Umbrella Rank: 3579
22 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
91 KB
2 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 184729
8 KB
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1007
postmedia-d.openx.net — Cisco Umbrella Rank: 408752
547 B
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 5444
498 B
2 fouanalytics.com
api.fouanalytics.com — Cisco Umbrella Rank: 18395
805 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
3 KB
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 41203
269 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 11048
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2147
281 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 2160
416 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1467
291 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1428
626 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 764
98 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 2504
134 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
17 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
65 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 7648
2 KB
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 998
278 B
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 325855
384 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623
17 KB
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 254059
112 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 5474
33 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 10326
3 KB
436 75
Domain Requested by
32 c2shb.pubgw.yahoo.com micro.rubiconproject.com
25 smartcdn.gprod.postmedia.digital winnipegsun.com
22 cdn.jwplayer.com 16 redirects winnipegsun.com
cdn.jwplayer.com
dcs-static.gprod.postmedia.digital
ssl.p.jwpcdn.com
21 dcs-static.gprod.postmedia.digital winnipegsun.com
dcs-static.gprod.postmedia.digital
16 assets-jpcust.jwpsrv.com winnipegsun.com
15 btlr.sharethrough.com micro.rubiconproject.com
14 images.taboola.com winnipegsun.com
13 am-trc-events.taboola.com cdn.taboola.com
winnipegsun.com
11 events.qortex.ai tags.catapultx.com
10 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
9 www.googletagmanager.com fem.gprod.postmedia.digital
www.googletagmanager.com
jssdkcdns.mparticle.com
winnipegsun.com
www.google-analytics.com
9 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
9 cdn.taboola.com winnipegsun.com
cdn.taboola.com
9 ssl.p.jwpcdn.com cdn.jwplayer.com
8 dt.adsafeprotected.com
8 eus.rubiconproject.com am-match.taboola.com
imprammp.taboola.com
eus.rubiconproject.com
ssl.p.jwpcdn.com
micro.rubiconproject.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
www.googletagservices.com
6 ib.adnxs.com 1 redirects 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
micro.rubiconproject.com
acdn.adnxs.com
6 tags.catapultx.com winnipegsun.com
tags.catapultx.com
5 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 edge-auth.microsoft.com winnipegsun.com
edge-auth.microsoft.com
5 sb.scorecardresearch.com 1 redirects winnipegsun.com
fem.gprod.postmedia.digital
5 securepubads.g.doubleclick.net winnipegsun.com
securepubads.g.doubleclick.net
www.googletagservices.com
4 i.liadm.com 4 redirects
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 region1.analytics.google.com www.googletagmanager.com
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 token.rubiconproject.com eus.rubiconproject.com
4 identity.mparticle.com jssdkcdns.mparticle.com
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
4 pixel.adsafeprotected.com cdn.adsafeprotected.com
winnipegsun.com
4 fonts.gstatic.com fonts.googleapis.com
4 fem.gprod.postmedia.digital winnipegsun.com
fem.gprod.postmedia.digital
3 ads.pubmatic.com tags.catapultx.com
ssl.p.jwpcdn.com
micro.rubiconproject.com
3 videos-cloudfront-usp.jwpsrv.com ssl.p.jwpcdn.com
3 www.gstatic.com cdn.jwplayer.com
www.gstatic.com
3 prd.jwpltx.com
3 jssdks.mparticle.com jssdkcdns.mparticle.com
3 www.google.de
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 api.viafoura.co cdn.viafoura.net
3 pr-bh.ybp.yahoo.com am-match.taboola.com
imprammp.taboola.com
ssum-sec.casalemedia.com
3 match.adsrvr.org am-match.taboola.com
imprammp.taboola.com
ssum-sec.casalemedia.com
3 trc.taboola.com cdn.taboola.com
winnipegsun.com
3 gum.criteo.com 1 redirects cdn.taboola.com
static.criteo.net
3 c.amazon-adsystem.com winnipegsun.com
c.amazon-adsystem.com
3 winnipegsun.com 1 redirects dcs-static.gprod.postmedia.digital
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 c1.adform.net 2 redirects
2 secure.adnxs.com 2 redirects
2 x.dlx.addthis.com 1 redirects ssum-sec.casalemedia.com
2 cdn.indexww.com ssum-sec.casalemedia.com
2 sync-tm.everesttech.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 cm.g.doubleclick.net 2 redirects
2 p.rfihub.com 2 redirects
2 live.rezync.com 2 redirects
2 js-sec.indexww.com ssl.p.jwpcdn.com
micro.rubiconproject.com
2 events.newsroom.bi sdk.mrf.io
2 static.criteo.net micro.rubiconproject.com
static.criteo.net
2 config.lrcontent.com auth.lrcontent.com
2 imasdk.googleapis.com cdn.jwplayer.com
imasdk.googleapis.com
2 static.adsafeprotected.com pixel.adsafeprotected.com
winnipegsun.com
2 connect.facebook.net winnipegsun.com
connect.facebook.net
2 sdk.mrf.io winnipegsun.com
sdk.mrf.io
2 assets.ribn.com www.googletagmanager.com
winnipegsun.com
2 www.google.com tpc.googlesyndication.com
2 lexicon.33across.com cdn-ima.33across.com
micro.rubiconproject.com
2 fastlane.rubiconproject.com micro.rubiconproject.com
2 htlb.casalemedia.com micro.rubiconproject.com
ssl.p.jwpcdn.com
2 hbopenbid.pubmatic.com micro.rubiconproject.com
ssl.p.jwpcdn.com
2 api.sail-personalize.com ak.sail-horizon.com
2 api.fouanalytics.com tags.catapultx.com
winnipegsun.com
2 auth.lrcontent.com winnipegsun.com
cdn.viafoura.net
2 cdn.jsdelivr.net micro.rubiconproject.com
securepubads.g.doubleclick.net
1 hblg.media.net contextual.media.net
1 euexchangesync.digitaleast.mobi 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 d.turn.com 1 redirects
1 postmedia-d.openx.net micro.rubiconproject.com
1 contextual.media.net micro.rubiconproject.com
1 acdn.adnxs.com micro.rubiconproject.com
1 buy.tinypass.com cdn.tinypass.com
1 compassdata.mrf.io sdk.mrf.io
1 csync.loopme.me 1 redirects
1 um.simpli.fi 1 redirects
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 experiences.mrf.io sdk.mrf.io
1 sync.adkernel.com tags.catapultx.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 mug.criteo.com
1 demand.qortex.ai tags.catapultx.com
1 i.viafoura.co cdn.viafoura.net
1 s0.2mdn.net imasdk.googleapis.com
1 prebid-server.rubiconproject.com ssl.p.jwpcdn.com
1 entitlements.jwplayer.com cdn.jwplayer.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 p1cluster.cxense.com cdn.cxense.com
1 www.facebook.com
1 region1.google-analytics.com www.googletagmanager.com
1 p1.parsely.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 cdn.parsely.com www.googletagmanager.com
1 get.s-onetag.com www.googletagmanager.com
1 c2.piano.io cdn.tinypass.com
1 cdn.tinypass.com experience.tinypass.com
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 am-vid-events.taboola.com
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 experience.tinypass.com fem.gprod.postmedia.digital
1 4572733f42e83b7bee2dd86ba051458d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 placement-prd.jwpltx.com
1 vidstat.taboola.com cdn.taboola.com
1 storage.googleapis.com dcs-static.gprod.postmedia.digital
1 ap.lijit.com micro.rubiconproject.com
1 bidder.criteo.com micro.rubiconproject.com
1 prebid.media.net micro.rubiconproject.com
1 rtb.openx.net micro.rubiconproject.com
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 secure.cdn.fastclick.net winnipegsun.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 ak.sail-horizon.com winnipegsun.com
1 www.npttech.com winnipegsun.com
1 cdn.adsafeprotected.com winnipegsun.com
1 micro.rubiconproject.com winnipegsun.com
1 fonts.googleapis.com winnipegsun.com
436 140
Subject Issuer Validity Valid
winnipegsun.com
GTS CA 1D4		 2023-11-17 -
2024-02-15		 3 months crt.sh
gprod.postmedia.digital
GTS CA 1D4		 2024-01-02 -
2024-04-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
npttech.com
GTS CA 1P5		 2023-12-28 -
2024-03-27		 3 months crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M02		 2023-12-04 -
2024-12-30		 a year crt.sh
catapultx.com
GTS CA 1P5		 2023-12-14 -
2024-03-13		 3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-30 -
2024-09-30		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2024-01-05 -
2024-04-04		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
edge-auth.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2023-11-28 -
2024-11-22		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.prmutv.co
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
api.permutive.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-12-26 -
2024-12-25		 a year crt.sh
qortex.ai
GTS CA 1P5		 2023-12-20 -
2024-03-19		 3 months crt.sh
fouanalytics.com
E1		 2024-01-05 -
2024-04-04		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01		 2023-04-25 -
2024-05-23		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-17 -
2024-04-10		 6 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.lijit.com
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-19		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
jwpltx.com
Amazon RSA 2048 M03		 2023-10-12 -
2024-11-09		 a year crt.sh
*.loginradius.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-12 -
2024-11-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
viafoura.com
Amazon RSA 2048 M02		 2023-08-08 -
2024-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-02 -
2024-06-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-08 -
2024-06-08		 a year crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-13		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-16 -
2024-01-14		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
jssdks.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-09-16 -
2024-10-17		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1		 2023-04-11 -
2024-05-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
jwpsrv.com
Amazon RSA 2048 M02		 2023-03-20 -
2024-04-16		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
ssl03.cert.cl11.k8s.mrf.io
R3		 2023-11-30 -
2024-02-28		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
ssl02.cert.cl11.k8s.mrf.io
R3		 2023-12-21 -
2024-03-20		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh

This page contains 30 frames:

Primary Page: https://winnipegsun.com/
Frame ID: EBF4F97A7206D975B34FCD7AEF31AF5C
Requests: 329 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v93.0/xd.html
Frame ID: 273B62B4A156C4814ED26B6F798FCFC2
Requests: 2 HTTP requests in this frame

Frame: https://4572733f42e83b7bee2dd86ba051458d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 04E66D2C43D57617BE024F42797F837A
Requests: 1 HTTP requests in this frame

Frame: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=ce754272-8433-4822-bceb-556a4f63775d&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Frame ID: 546749201A302256056EF54F6E66D3A1
Requests: 4 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CtACLAZE5U--xUeSzRGIyp98i48kmysAAABgYID-AIkZVsaVa7VyqxaLyVq0Gi3WCtNu4dY4ZpOZzebZWIa7ISAxw8q4cq1WbtViMVmLVqPFWmHaLdwax2wys9k8G8twNwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve5ptzsNL5_ndbdr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxUFhPka_3WVzmU3-AAAAAAACAAAAgARAwgFBCQCZrogT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQudmLK9RFS3IiBbtFGAEAAACA-ldYPjJJJ6hYVPn__--3AnAFACCAUTyTGyWL7qDEWxgAAAAAMUYhIW4cSpfAYxboYfH7zQ67xu92mf________9_M_9n_tEIRY1epwm6mplR8wsIALDmFxAAgM24AQB4IwAn5GCg6XT4XPd63dNudxpePs_rbtf43X7RIWjFYLA6ATE7AAAAAHf-____8RiFhLhxKF0C6wGJ5cTiWo4Gy8nIt1wuNw6PzbVZuVzDmcW2W3kM28M4KPjWQKgY2EdEWGa_7yDku12Gh89lEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEZDBAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIBkezmWfkW6xFHpPFLRptNm6Fw7Vbyxwul3HjWuw2u5Vb9PqYPs7NxjmceZFggMpeJE-LdCJyrWweh2fiGW5GI-fEZjOubA7nbLCZzCwj33A5EUs0J4t0IrvsG8uJxbUcDZaTkW-5XG4cHptrs3K5hjOLbbfyGPbF0WzmGfkWa5HHZHGLRpuNW-Fw7dYyh8tl3LgWu81u5Ra9PqaPc7NxDmf-xm4wmg2Gu-Fm39gNRrPBcDfc7DtMpmfqczaKT5LVx-dxVqtRn81pULgMFu9PYlpMu7ODb3NRPnVOY7KoM_r9fr_f7_f7_X6_Qes5mA0K3-wctSmzt7S0ml4YxAaDIpYILtKJ4O85vV0mp8Ote9rtTsPL53ndLWKJ0nSRTvRFv9tlePhc_opYIjhdpBOh3-2yqP-oAQdzyWo1VwzmksFmlQAAAAAAAAAALME0000AAAAAnAxquZhNBut0MJvBYDZZLRcAxjCxLmAQAAAAAACAXVbvR_Og2r3XxRp7rAL-ntPbZXI63Lqn3e40vHye193KADA6d5ht9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8oarvQAzeKnV9BTCab4f4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAvzg!&cmcv=&pix=undefined&cb=1704608784081&uv=3372&tms=1704608784081&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vC!ufwfrtb_vA!unf_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=f0e8e55e-5112-4541-a47a-c162fff3c287&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: BD346E597AF926FBCA760C32CF88FECE
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8CtACLAZE5U--xUeSzRGIyp98i48kmysAAABgYID-AIkZVsaVa7VyqxaLyVq0Gi3WCtNu4dY4ZpOZzebZWIa7ISAxw8q4cq1WbtViMVmLVqPFWmHaLdwax2wys9k8G8twNwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve5ptzsNL5_ndbdr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxUFhPka_3WVzmU3-AAAAAAACAAAAgARAwgFBCQCZrogT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQudmLK9RFS3IiBbtFGAEAAACA-ldYPjJJJ6hYVPn__--3AnAFACCAUTyTGyWL7qDEWxgAAAAAMUYhIW4cSpfAYxboYfH7zQ67xu92mf________9_M_9n_tEIRY1epwm6mplR8wsIALDmFxAAgM24AQB4IwAn5GCg6XT4XPd63dNudxpePs_rbtf43X7RIWjFYLA6ATE7AAAAAHf-____8RiFhLhxKF0C6wGJ5cTiWo4Gy8nIt1wuNw6PzbVZuVzDmcW2W3kM28M4KPjWQKgY2EdEWGa_7yDku12Gh89lEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEZDBAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIBkezmWfkW6xFHpPFLRptNm6Fw7Vbyxwul3HjWuw2u5Vb9PqYPs7NxjmceZFggMpeJE-LdCJyrWweh2fiGW5GI-fEZjOubA7nbLCZzCwj33A5EUs0J4t0IrvsG8uJxbUcDZaTkW-5XG4cHptrs3K5hjOLbbfyGPbF0WzmGfkWa5HHZHGLRpuNW-Fw7dYyh8tl3LgWu81u5Ra9PqaPc7NxDmf-xm4wmg2Gu-Fm39gNRrPBcDfc7DtMpmfqczaKT5LVx-dxVqtRn81pULgMFu9PYlpMu7ODb3NRPnVOY7KoM_r9fr_f7_f7_X6_Qes5mA0K3-wctSmzt7S0ml4YxAaDIpYILtKJ4O85vV0mp8Ote9rtTsPL53ndLWKJ0nSRTvRFv9tlePhc_opYIjhdpBOh3-2yqP-oAQdzyWo1VwzmksFmlQAAAAAAAAAALME0000AAAAAnAxquZhNBut0MJvBYDZZLRcAxjCxLmAQAAAAAACAXVbvR_Og2r3XxRp7rAL-ntPbZXI63Lqn3e40vHye193KADA6d5ht9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8oarvQAzeKnV9BTCab4f4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAvzg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: FBF3EAC90F38FF86A663DA71777DA5C7
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 19CFFA53BBBBAB0DCEE52C7ADBF4A0E4
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 1A032FD0DCA69B5D6B4CE099F99AA861
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E2B6CCE4F9D5F8192FF9D3C7F4967FA4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A562DDFF7D6E26F4E1E18720C60A99E1
Requests: 2 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: FAE35C65E11AE48C7B2EDFF7A677647B
Requests: 4 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=401010421&placementId=6404573011&pubCreative=138455016757&pubOrder=3265484082&cb=645629352&custom=index&custom2=1&adsafe_par&impId=adb354a2-ad25-11ee-b4f1-0aa85974baeb
Frame ID: A2616E69F97F7AF65CD8BA73CF611DCA
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusOVVT5Aj2Vvsqjvp7PkpgI4Ktp482iZQ7T8_fo_FDZyefHv7CJ030vAA_3RUhTYqrRxN1RssxwnO5eYywEP2_HsGJDm-KIPncueaLlGnF1fEdDNVjPkrgikv5PFTnV_HlyQxVXJ4ntIHUM0Xr1DesdYACGD8DfJ9DuLu5yWWLtQrmv9IiWNZ_pH2cxsuHy4-Kf6S-yyLA5kRttXUiXfosWS3PMp3D_Vc9Gvwm1-OgZKGjttNl9HNd5fJCIXt2yYr-nCYhbBukSWz-PtJAcxUbp3GwNqDrHY7AInL4sf9_-heBZhxtBnLYXPNA50MJY44M2gI-HUdvAM4QzvVhs2IhiY4S_SHk3odGSyGDnyhWKGUvvw7tI24glBYi-W5pxA&sai=AMfl-YSJ_qOEFNZ6yEH0NfVz4MnZOcyzOdBJNw-pcki0N037rq2wATptFFoqxDfkhcf869AuPU-lRJmdnMFdHbAUWFqd6ASjOpxLUZ-phrQaJVoLbelYkiF1Y-UgVz4HuvTPJQosTdjPpTO0g--d9PLdq_sY&sig=Cg0ArKJSzGsQ_mAqECZoEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: D9E7078407845524527C4CC383CE9373
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en_ca.html
Frame ID: 1A7A24BFCEA7454501549791CE16A6E8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E7FD6034E9C206A5E005B8CF25FE0FE7
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 53914CE0AF2EA790BF1265588CD49B14
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=winnipegsun.com
Frame ID: C3D051AF23BEAB3312DED7A730278063
Requests: 2 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=202263&r=https%3A%2F%2Fdemand.qortex.ai%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwinnipegsun.com%7C%7BUID%7D
Frame ID: 5F3CA49DE6CDC2E84B26B4D668A6E98B
Requests: 1 HTTP requests in this frame

Frame: https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Frame ID: F4E8D21DC2E8AF345B88462B8550F24A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: 2D82667DD47F857A32534CD69793A127
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 373AC9A8721B737C1BB7CDA31F75986B
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AF328A7951BA51770872E694CC2EABFF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 885EB92252EDEAB81666C0E10B82702E
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F782440E357477E1E4EF97082642AEFF
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2012%2C2034%2C2033%2C2055%2C172%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C459%2C70%2C97%2C55%2C77%2C2023%2C2022%2C3012%2C262%2C461%2C244%2C201%2C2039%2C246%2C4%2C203%2C326%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 788D1630B8AAEC64DE2C0FE3A2CE2C26
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: 05DE20839FEE83D828DF5697001CAE40
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 98EDAD4FB1F905728EA2AC5B4745523A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 251C3EA87D55C3B2DFC4BCAC8505E4C1
Requests: 3 HTTP requests in this frame

Frame: https://postmedia-d.openx.net/w/1.0/pd
Frame ID: 70422031457ABE74A39C6F503B47512D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 79D85890641D83725767345CB1A3FBD6
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Winnipeg Sun Home Page | Winnipeg SunWinnipeg SunUser

Page URL History Show full URLs

  1. http://winnipegsun.com/ HTTP 308
    https://winnipegsun.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

436
Requests

92 %
HTTPS

45 %
IPv6

75
Domains

140
Subdomains

112
IPs

9
Countries

7186 kB
Transfer

19309 kB
Size

85
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://winnipegsun.com/ HTTP 308
    https://winnipegsun.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://sb.scorecardresearch.com/cs/10276888/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 161
  • https://cdn.jwplayer.com/v2/media/Iv67Shyx/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/lqbjtgex-320.jpg
Request Chain 162
  • https://cdn.jwplayer.com/v2/media/br7L84WR/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/45bEBgIV-320.jpg
Request Chain 163
  • https://cdn.jwplayer.com/v2/media/XvPMTTp4/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/fa3Lx4xY-320.jpg
Request Chain 164
  • https://cdn.jwplayer.com/v2/media/ezBKvBhV/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/KwC275w1-320.jpg
Request Chain 165
  • https://cdn.jwplayer.com/v2/media/SR4Na9dW/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/e1fbvge5-320.jpg
Request Chain 166
  • https://cdn.jwplayer.com/v2/media/94EtwCnP/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/pvja2ecn-320.jpg
Request Chain 167
  • https://cdn.jwplayer.com/v2/media/KOHrP986/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/3Pjtsw8W-320.jpg
Request Chain 168
  • https://cdn.jwplayer.com/v2/media/t29us0iK/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/CXNE72js-320.jpg
Request Chain 169
  • https://cdn.jwplayer.com/v2/media/bmXEcx9C/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/hUJxBR0n-320.jpg
Request Chain 170
  • https://cdn.jwplayer.com/v2/media/STu5EiL5/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-320.jpg
Request Chain 309
  • https://cdn.jwplayer.com/tracks/VFcsuNm3.srt HTTP 301
  • https://assets-jpcust.jwpsrv.com/tracks/VFcsuNm3.srt
Request Chain 311
  • https://cdn.jwplayer.com/strips/STu5EiL5-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/STu5EiL5-120.vtt
Request Chain 315
  • https://cdn.jwplayer.com/v2/media/STu5EiL5/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-720.jpg
Request Chain 316
  • https://cdn.jwplayer.com/v2/media/STu5EiL5/poster.jpg?width=640 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-640.jpg
Request Chain 354
  • https://cdn.jwplayer.com/strips/STu5EiL5-120.jpg HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/STu5EiL5-120.jpg
Request Chain 360
  • https://cdn.jwplayer.com/v2/media/Iv67Shyx/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/lqbjtgex-120.jpg
Request Chain 373
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=winnipegsun.com&sn=ChromeSyncframe&so=0&topUrl=winnipegsun.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=d34ul3xtelN3SmJ6eHI4MldDT214NUNkM3JZMXdHYXJlQUZaRElJREdmNU12aHVhcG1kSnM4YkQvTldaR1JKVUNFa3FxeERFWFNHS0RYTVZQK05icHp3aHNaa2VReGw1WjVBS2psdGFveDM2ajhCMkE1QUVJVjI1UjFpWVJZNmhnZ3o2V1k4ME9sQjBYbm1JVjlJMkNOb3hNb0VuVkxmb1FEd25kOHZEQy9sSlg3QlB3aGVmaDEwV29wTGZUSTRQQVg1WlpSdjJGNEUxZHNGTjJqWmpaYUxpdEtVYTBvUFB6aVpObXdVUlhqV3d3ekpwQUowSlRLKzFqSUU3SlZodVpvMzFWcVhIR3k2UEJoSU9CeUNQZjFBaWRNb0dObXg1Y3FyVlZmNENFWVRTZWlEdz18&cppv=2
Request Chain 396
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 397
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZpEEgic-eONetSKbJENWgAA%263355&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZpEEgic-eONetSKbJENWgAA%263355&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=e7ce200d7da24c20a9349c3bf6bcfada HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e7ce200d-7da2-4c20-a934-9c3bf6bcfada HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=df621624-649e-411c-adfe-b13a1e92b5e4%3A1704608786.648362&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Ddf621624-649e-411c-adfe-b13a1e92b5e4%253A1704608786.648362%26_%3D1704608786.6513498&cb=1704608786.6513882 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831972779480&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Ddf621624-649e-411c-adfe-b13a1e92b5e4%253A1704608786.648362%26_%3D1704608786.6513498 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=df621624-649e-411c-adfe-b13a1e92b5e4%3A1704608786.648362&_=1704608786.6513498
Request Chain 398
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZpEEgic-eONetSKbJENWgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKVXrqHLjPGnsd__w4M16PA&google_cver=1
Request Chain 400
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZpEEgic_eONetSKbJENWgAADRsAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZpEEgic_eONetSKbJENWgAADRsAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 401
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433831972779480
Request Chain 402
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=98EED889713B4A26BFF68FE2347D4A34
Request Chain 403
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZZpEEgAMrvtw1wBH HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZpEEgAMrvtw1wBH&_test=ZZpEEgAMrvtw1wBH
Request Chain 404
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=288b093f-9c0c-46b8-88be-ef7b87da6119&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 421
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 422
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZpEEgic_eONetSKbJENWgAADRsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENPjAIpV82zR8-Uo3xrb1xQ&google_cver=1
Request Chain 423
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZpEEgic-eONetSKbJENWgAA%263355&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3264084337486377254 HTTP 303
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=e7ce200d-7da2-4c20-a934-9c3bf6bcfada HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=e7ce200d-7da2-4c20-a934-9c3bf6bcfada&rd=Y
Request Chain 424
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4783785104606883176
Request Chain 426
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 428
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3950935734914934088&expiration=1705818389
Request Chain 429
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=2f03f508-bcd5-48b6-be23-950620713a27

436 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
winnipegsun.com/
Redirect Chain
  • http://winnipegsun.com/
  • https://winnipegsun.com/
447 KB
70 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
c8b5f1882448209443d9ca23155ea3787f1ad00822e7f921150fde22082de1f9
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=180
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Sun, 07 Jan 2024 06:26:22 GMT
expires
Sun, 07 Jan 2024 06:28:53 GMT
last-modified
Sun, 07 Jan 2024 06:25:01 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-dcs-cache-page
HIT
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time
3
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-6cbdf6d5bf-wzn4g
x-pmd-cache
HIT

Redirect headers

Cache-Control
private
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Jan 2024 06:26:22 GMT
Location
https://winnipegsun.com:443/
0107scheifele-scaled-e1704575288612.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/0107scheifele-scaled-e1704575288612.jpg?quality=90&strip=all&w=466&type=webp&sig=lLW-UcMNiDyk62D8uK6Hvw
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
79bed4bd2e5b5194e24adf9eb26a4f06ce160d3921c3a688ebc60ea85804a28d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"9479f59c5587b96d685ba6987624413d01014d15"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29678
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
64bd62679fbefcfd46fb16c93bccda65b4716fdb1714a7d0912f14601dc082e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jan 2024 06:26:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 06:26:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jan 2024 06:26:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58580818cd52a439b77c37f518cd45de06b3f6463d207f15d600c8821f88b48f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29084
x-xss-protection
0
server
cafe
etag
33 / 19729 / m202401020101 / config-hash: 2026918608723226553
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 06:26:23 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:13:13 GMT
content-encoding
gzip
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, PRG50-C1
age
790
x-amz-server-side-encryption
AES256
etag
W/"d6937d02acbbf691a008906e9d0617e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
F_eioK_mioVRTGWJ3Ivi0NzEDsNEPA_w-zNXS4pk2C9_KHeyjc9HSw==
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		611 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
0d8fecb99b8bb7c1400c6f452bb1c0ef5ff024eae93dabc368275ed385f33700

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:22 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-14648_The_Winnipeg_Sun.js
content-type
text/javascript;charset=UTF-8
cache-control
public, must-revalidate, max-age=14400
content-length
167930
expires
Sun, 07 Jan 2024 16:29:30 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-33.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 20:59:22 GMT
Content-Encoding
gzip
Via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
466021
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
c-79Gxn8HtS-D174jmmnA_l8dJjNN-YBOCa7W4xY6u4ZdK13Zs_Qsg==
output.e13822da2ca5.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/ 		29 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.e13822da2ca5.css
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:19 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1593063
x-guploader-uploadid
ABPtcPp_y_peOPpZe5wESUqhc0Mf2OyavY1w-alm00n10X45HufjelpTkrnzXbCtiUBKmFFZsGrWu-Jb0g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2527
last-modified
Tue, 19 Dec 2023 19:46:05 GMT
server
UploadServer
etag
W/"e294df1b7807772797bf8455e49389d1"
vary
Accept-Encoding
x-goog-generation
1703015165240881
x-goog-hash
crc32c=7LFLRw==, md5=4pTfG3gHdyeXv4RV5JOJ0Q==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
29809
accept-ranges
none
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9bd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
A7NP5MDC4YT9PXDG
age
3681
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Q6R6xP7LJ9p3DYJhGOX48VV8WHvATfSUTrykCyVm4CO7HkWCSpZNV/lDT4F31ebzfV9JSTpdm4Y=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wESfVt93KOFVIjF0xrz%2F%2B30bF6m691BEmbiXss9wdFcV1b8Y4Dy9pivJo3GrkpsJItpixawvUhlkLB7rZeB8MyhSKeFuPF0GNNy2ZvMGszml9vK1DdKinlIiOTRobFoWHSGUhyRxB9LlL7cXIL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
841a20fe1b3eb710-AMS
output.aae9a9d2b305.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/ 		89 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.aae9a9d2b305.css
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
959d0d916d267c94ec1d1bfb179a81166bbb5cb22d6a2e90ea35c4b57941cb8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:19 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1593063
x-guploader-uploadid
ABPtcPoFWBp7_n50r1XKLUATeAvorTfV8lGBbn_Go2LENM3jXO4n1pzHq-F7ANbjTpltfUlxGup4Ize6Tw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14512
last-modified
Tue, 19 Dec 2023 19:46:03 GMT
server
UploadServer
etag
W/"54ca4296baf7810e4e11ba0fb7a875f7"
vary
Accept-Encoding
x-goog-generation
1703015163616121
x-goog-hash
crc32c=ASXRuQ==, md5=VMpClrr3gQ5OEboPt6h19w==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
91335
accept-ranges
none
output.69d7190ec3c2.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/ 		70 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9f85a8964e063aa66ae22e30e1e86722714e1fcca4a00ee718a34123620e98a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:19 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1593063
x-guploader-uploadid
ABPtcPoKJ8LJkrqpL5fFtghcqgi5x_WP7pN7IVusg5uFFnkFHgTQ_2fYw8mhsuX_nWJM0M26EFSHhwWUQA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7622
last-modified
Tue, 19 Dec 2023 19:46:01 GMT
server
UploadServer
etag
W/"8c86b41813052df1cc90c98a30275029"
vary
Accept-Encoding
x-goog-generation
1703015161532854
x-goog-hash
crc32c=ytC9tQ==, md5=jIa0GBMFLfHMkMmKMCdQKQ==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
71252
accept-ranges
none
output.e747a4a877d9.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.e747a4a877d9.css
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6bff84e7d1f5c524b06d6b572ca20870ec894706e6f2b96f60e4cd18f238bfb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:17:41 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1591721
x-guploader-uploadid
ABPtcPpfhLEXA0-A2eTKV7ITjMmiWpbXuaH45y57jkbVFQLMUQkmRwfXxOkDEgZ01AF11dE5nfYFn-72IQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4699
last-modified
Tue, 19 Dec 2023 19:46:05 GMT
server
UploadServer
etag
W/"b93e6faff3dd2d5a67e56bc8653cdae4"
vary
Accept-Encoding
x-goog-generation
1703015165583970
x-goog-hash
crc32c=ZGZM3g==, md5=uT5vr/PdLVpn5WvIZTza5A==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
28644
accept-ranges
none
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-84.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:23:45 GMT
content-encoding
gzip
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 21:44:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
158
x-amz-server-side-encryption
AES256
etag
W/"edee28fbd3a5c9f3c17e0333554b5646"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
NfXlLoe4mRLN6Dt93pm8wI3U08LhWOfsaSwmBPEpzuMJOhkH8g_MZA==
fem.js
fem.gprod.postmedia.digital/v93.0/ 		380 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/fem.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cae693444d5c4b70988da3ee41b0c3809de3f7701f474183ed8a446be6c970a5

Request headers

Referer
Origin
https://winnipegsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:01:00 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1702321262
age
1592722
x-guploader-uploadid
ABPtcPqer7OqeUx4_gfa2h3ELEdn-ZjwBbfEHbw1FgadwJ_Nv8gzrNFL5xr-stLlqnAZ0V3_d7L3V23apg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109102
last-modified
Mon, 11 Dec 2023 19:02:01 GMT
server
UploadServer
etag
W/"614b2d032ff8e38b1fff2badbf038f1a"
vary
Accept-Encoding
x-goog-generation
1702321321950203
x-goog-hash
crc32c=K4lC0Q==, md5=YUstAy/444sf/yutvwOPGg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
389565
accept-ranges
none
content-type
application/javascript
bootstrapper
tags.catapultx.com/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/bootstrapper?group-id=mWG1MKwnUqyMj5mnvTfg&video-container=.jw-wrapper
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
eaa1fe6daa6d6efa271e07a942dd6cd521cf367b0f2a1470512f43dc315ad50c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 13 Dec 2023 15:58:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzyKIxJQv0EMVIn3DbOR%2Bv%2FjZjCpYF9RyiRgNIZfpQNj9Sro5VBgw0UmFjkMvzzH8NbLA2JB0pFdBOoH27RUZYZ4EigX26agMAUHDIkcXg5A3jTRur2i1J1p4NHOtau7X2Ju%2F1xKiZOvkfyFDvG99g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841a20fe099119b1-FRA
embed.js
cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/ 		58 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:a000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
a075f92744836d04b6d6baea13c646a1376afa236c13827f37e52420050b3a64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:18 GMT
content-encoding
gzip
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
4
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-robots-tag
noindex, indexifembedded
content-length
22525
x-amz-cf-id
ZmVX-ff4rC6i_SUgHvohKjus4CDIfWnhaMDZvQkglVS1tWf8W8cDtg==
ws20240106cp09-wp.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ws20240106cp09-wp.jpg?quality=90&strip=all&w=466&type=webp&sig=5je78VuDvzboSeC6bUXGcg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a95739b4b93dbd173f97284d0dfc4f6618dd8e73df7c8ebadd5086dafa1c7fea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"75ab2798e311db2a22ee49688bb3ff871c18beb6"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-vj775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35844
1911321701.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/1911321701.jpg?quality=90&strip=all&w=466&type=webp&sig=C_hX-MryX7PBiiikB__ZNQ
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
96119dffa2a1f0050bd63d37e5d21e7db9cbf492fae9c81384e4c379c06bc350

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"53ece8bd99708660733bab047858b099a460ae6d"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55354
ws20231127kkye14-wp.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ws20231127kkye14-wp.jpg?quality=90&strip=all&w=466&type=webp&sig=5rf9txDJQj223L8T3qKwTQ
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
6d2f4051fe191229c5734100c6d00251dde89ecca3e0b672164840e622c19082

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"2d8151dfeb155446d4bf4add75d37902dca99fcd"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29794
0710-bi-flying-low.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/0710-bi-flying-low.jpg?quality=90&strip=all&w=466&type=webp&sig=6BVal2oWavuOktZO96s7zA
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
fbed93a01c598e42100606f2f3d8f9d6a5f489924b63efcf403cac3452dc230a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"13e5807ac7fde63acb774063a70e90da24221bf2"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11126
donald-trump-1-scaled-e1704579874716.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/donald-trump-1-scaled-e1704579874716.jpg?quality=90&strip=all&w=466&type=webp&sig=8kqGfXFspt4yOKJ_OLuNRg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
5e56c81f63546dd3a9210fad335b9fc5185b3ca550c2e331127088c43aa4836e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"57077a6653021fed74b02ea66f999343bbd3b1eb"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-vj775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24302
1911317072-scaled-e1704520074232.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/1911317072-scaled-e1704520074232.jpg?quality=90&strip=all&w=466&type=webp&sig=eRm1f9m57_Z7jkxNCf12qA
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
d5aa23484da50dbf70acfa054df684250a4afef10b85aba07511058d2dc0225f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sat, 06 Jan 2024 10:31:35 GMT
via
1.1 google
server
nginx/1.18.0
age
71688
etag
"ad24fb74a4dd6171660cd25fd6386e6fe87405d9"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29320
ws20231019kk20-wp.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/10/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/10/ws20231019kk20-wp.jpg?quality=90&strip=all&w=466&type=webp&sig=gk7kPRd_EJqV1VNiqW5udA
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
290da9f8b18565ea1199eb581fb2f6b68184437089d273fb198faf81cecafd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"86d7d457a1129c1355aaee39ca30182a4c6f942c"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25492
Upper-Galilee-scaled-e1704556728967.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/Upper-Galilee-scaled-e1704556728967.jpg?quality=90&strip=all&w=466&type=webp&sig=bArJ00EiXRDkPGKvQ_wRfg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
77a6ea8b801f8c10a2d63c5b3a596116082b2b8971dbee3abcdc7a7e787c1ce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"3fc8f467a0c52e02191255d0e61eb153b9a350d6"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40578
pasquales-slow-roasted-italian-beef-sandwich.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/pasquales-slow-roasted-italian-beef-sandwich.jpg?quality=90&strip=all&w=466&type=webp&sig=W40ix1PuZyM2hpsWIdiQEQ
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a80d3185331cc6e5b233f0eb70351ca79171739a05acaaedff50e8a5d0c975e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"6ab7e1297868799ccc5489e8db63bf57bbce7c04"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32414
geo.json
cdn.jwplayer.com/v2/ 		40 B
277 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/geo.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:a000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e130b9e1b17b7ec22e7f07051b4627d6d7db556006980f2d33122c64ce01006e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 06:24:48 GMT
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
95
x-amz-cf-id
-wWrqJz21pIHIH3zaTBVfEySyGKSpnIosSFmyEuxcZ0RHtrhFi80GA==
x-cache
Hit from cloudfront
index.js
ssl.p.jwpcdn.com/player/services/jwpsrv/v/4/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/services/jwpsrv/v/4/index.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f733263ba0d482063be46904102884233d3e14ebc2818968db52579a7bdaf83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 varnish
age
1102
x-cache
HIT
content-length
20535
x-served-by
cache-fra-eddf8230088-FRA
last-modified
Wed, 13 Dec 2023 06:00:18 GMT
server
AmazonS3
x-timer
S1704608783.043903,VS0,VE0
etag
"1d1853b5560baf12b94fc6c5f4860bd2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
3
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/10276888/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 06:36:11 GMT
content-encoding
gzip
via
1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
85812
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
SV2gQEbsQ5qsWb3gvIgH9ldZsxuuPjO_bkK8u_em4pLAFfAFuUr_Bw==

Redirect headers

date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
XX4Y8I1X67dlWTzyD8gXqCEiFYDbAVHGLDKMspgtdTPPTzjzPX6u3g==
loader.js
cdn.taboola.com/libtrc/postmedia1-network/ 		181 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1484a6b3216bdb84d79a659a0ea5497b1cbb55f0dbdb225814024585a52e4db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
poy7_VYdnwbwvKvTZHg6ExQmlJERYAci
content-encoding
gzip
via
1.1 varnish
date
Sun, 07 Jan 2024 06:26:23 GMT
x-amz-request-id
9ZF6F22RH5DSW1SZ
age
111
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
46660
x-amz-id-2
TaMyvYhJOyqj052RzFeLAw/oLM0F88SJnRRgJL3WDOx/yD6TaE3MSXeLnuhnZ0oSf88cR6e7B2Y=
x-served-by
cache-fra-etou8220108-FRA
last-modified
Thu, 04 Jan 2024 11:03:06 GMT
server
AmazonS3
x-timer
S1704608783.041070,VS0,VE1
etag
"8ba71e7aef71b25f3e0fdd2c7f2de53b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
75
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://winnipegsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 17:28:03 GMT
x-content-type-options
nosniff
age
478700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 17:28:03 GMT
icon-generic-play.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/ 		1 KB
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/icon-generic-play.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.e747a4a877d9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.e747a4a877d9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:01:07 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014127
age
1592716
x-guploader-uploadid
ABPtcPpJ4Ua7KHUHpSmpkVoEZzEWR2KdbKzR3Za9d9HsuqRbm4apjXdd7ryr0tiE-rWCDf00uu4jHFz-JQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
501
last-modified
Tue, 19 Dec 2023 19:46:52 GMT
server
UploadServer
etag
W/"34ef0f992f9fa3f5a172353b887ba82c"
vary
Accept-Encoding
x-goog-generation
1703015212812511
x-goog-hash
crc32c=+OS2xg==, md5=NO8PmS+fo/WhcjU7iHuoLA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1091
accept-ranges
none
NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
fonts.gstatic.com/s/heebo/v22/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v22/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41fa01c782917e3f2c7ec4c60602f471ee628280908b71da13d4b127626ac85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://winnipegsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 23:02:08 GMT
x-content-type-options
nosniff
age
113055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11076
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Jan 2025 23:02:08 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://winnipegsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:42:27 GMT
x-content-type-options
nosniff
age
189836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Jan 2025 01:42:27 GMT
PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v10/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_xRfK9oXHga0XdZsg_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://winnipegsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 10:44:00 GMT
x-content-type-options
nosniff
age
502943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18860
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:03:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 10:44:00 GMT
icon-fire.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/ 		835 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/icon-fire.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.69d7190ec3c2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:27 GMT
x-goog-meta-goog-reserved-file-mtime
1703014127
age
1593056
x-guploader-uploadid
ABPtcPrO7MJOm3UMy7YecF2q6pmGkIL6QMlI9OHGIMF7-FqLdKSZv6oj8uNl8R1hV0_h_swQAfE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
835
last-modified
Tue, 19 Dec 2023 19:46:52 GMT
server
UploadServer
etag
"9c6e99306a671d196d8945273b28bfe8"
x-goog-generation
1703015212683442
x-goog-hash
crc32c=0k5Zig==, md5=nG6ZMGpnHRltiUUnOyi/6A==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
835
accept-ranges
bytes
truncated
/ 		2 B
2 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		452 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30f25e81c256d0985a5bf21776bfae5456e07f49c400790a58b51cc29bc559e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ABPtcPpU3mTxzntRSHm4JmVr7m_LPY084gyuBPPvDXmNQH7zcrQaPlWahSwSrdIdVdVdj0898ZKLNZ2u
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
114398
last-modified
Thu, 04 Jan 2024 17:07:06 GMT
server
cloudflare
etag
"ace30f4e21ce4b590eb964836c2bc18a"
vary
Accept-Encoding
x-goog-generation
1704388026061867
content-type
application/javascript
x-goog-hash
crc32c=p3rB7g==, md5=rOMPTiHOS1kOuWSDbCvBig==
cache-control
public, max-age=900
x-goog-stored-content-length
114398
accept-ranges
bytes
timing-allow-origin
*
cf-ray
841a20fe7cb42c46-FRA
expires
Sun, 07 Jan 2024 06:41:23 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 23:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
26680
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140253
x-xss-protection
0
server
cafe
etag
11435206252018266965
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 05 Jan 2025 23:01:43 GMT
3528
config.aps.amazon-adsystem.com/configs/ 		532 B
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3528
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-3.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
79dee0042597950493e8956e9090ddc47c3decbfd1df6331349296d96ea51c0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:23:34 GMT
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
age
169
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
LqGBi77U8T-vWYgB9A9AKjN0fqIn2sj6rWcH5o-Gsf2xxaJ3LvoVMw==
config
c.amazon-adsystem.com/cdn/prod/ 		353 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fwinnipegsun.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
Server /
Resource Hash
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:17:06 GMT
via
1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
age
557
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://winnipegsun.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
353
x-amz-cf-id
AbkfHWPwh8vfaPv0CSzBDteqPJ9M644Lh5MgnVDWvrbB2slcCzwAdg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
date
Sun, 07 Jan 2024 06:26:23 GMT
x-amz-cf-pop
PRG50-C1
age
10900
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
QQWhSPgWt1wsXsayU65Zrsc4Aa4LMyfSA1OFYwW51xfSwNCa77ao8g==
14648-pbjs-floors.json
ads.rubiconproject.com/floors/ 		65 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
34ed8105edbfc97fbadb9a12c489607da5bb361fde365244752626ea59e3f297

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
last-modified
Sun, 07 Jan 2024 05:40:37 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5354
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240107
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c1cfb7c6e2365e418e97e060ba0fa6fb277fadda1b54d156010a7edf60b1064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8729
x-jsd-version
1.0.1927
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21948-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"633-4uXSHVk5yCknsIHl51fG8nuVO8Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0UzSfCfX8vsaiziEkDyPRxLgLbGqYm8Sly3TsU%2BGWCYfrtHo9yL2xwg2JQ%2Bk67Do5xip3RwlIpaLVlmHKz0d9x1ZIgrUI7XqbKckhkn2Wj5BjzrZBl46c4EC6bsEaX2w7bTuR%2FOEYWx5D7SeXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
841a20fecdd35c74-FRA
impl.20240104-7-RELEASE.js
cdn.taboola.com/libtrc/ 		833 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d48838c5cb12eedc7ddecf68684fdf8a6692818d80bbfb86437d7f4e2d0ad1c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
wgSKbKxiT2.bVgTpAIeE4skihedLcyMc
content-encoding
br
via
1.1 varnish
date
Sun, 07 Jan 2024 06:26:23 GMT
x-amz-request-id
6G041TYX4PGD5MJ7
age
13094
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
176440
x-amz-id-2
cqOS2auUmW77R3KIsj+h+zLPwsD3nPiSui82wKyYcOw+qJFxa3/4KHcsCFp2MpEkGfDrsPK4BFM=
x-served-by
cache-fra-etou8220108-FRA
last-modified
Thu, 04 Jan 2024 10:40:18 GMT
server
AmazonS3-br
x-timer
S1704608783.159951,VS0,VE0
etag
"5d1a26d82acd8ece5d0bca4d478ba6c9"
vary
Accept-Encoding
content-type
application/javascript
abp
82
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
10289
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		211 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 77774663cd471a2b20da2890eff7e1a0.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
5269
x-amz-cf-pop
AMS58-P4
cf-polished
origSize=1336927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 04 Dec 2023 07:20:23 GMT
server
cloudflare
etag
W/"34dedade3a8f1aa4aa0db4d3bf475de7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
841a20feeb765d67-FRA
x-amz-cf-id
PxjSnWfx6SLkurg3ElhnF63EyZXQL7UBoJvQsrwU9-xOywZX8eJZag==
expires
Sun, 07 Jan 2024 10:26:23 GMT
ms_auth_client.min.js
edge-auth.microsoft.com/js/ 		279 KB
280 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/js/ms_auth_client.min.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
feb2160dccd8b0345096a272f9753c529fa2f32b843400805851dc714372d9d5
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-sFQ8fQh4xzqpdfJ1+9DE21yyr5uUtP2V9x1yd0ZMgnF26IetuxRljC8itFikZJRpyQ+N3G+7YgWnVP+Wkx6qQJBXkOZDeqHZBNjAXVkokFB/dPcOOAVSPRWMbzMbEtyWi/WrVFnn43JjrsfQoutWVIFdOjtn5RHwFWYltPdumM4=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-sFQ8fQh4xzqpdfJ1+9DE21yyr5uUtP2V9x1yd0ZMgnF26IetuxRljC8itFikZJRpyQ+N3G+7YgWnVP+Wkx6qQJBXkOZDeqHZBNjAXVkokFB/dPcOOAVSPRWMbzMbEtyWi/WrVFnn43JjrsfQoutWVIFdOjtn5RHwFWYltPdumM4=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
date
Sun, 07 Jan 2024 06:26:22 GMT
last-modified
Mon, 01 Jan 1601 00:57:17 GMT
x-msedge-ref
Ref A: 9DFA518274F54112AA7383D40A5668BD Ref B: AMS231032601029 Ref C: 2024-01-07T06:26:23Z
etag
"80098cf88"
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
285448
shared.883fef4c2994.js
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
185113239a6613ca82207e73bb41dcc84ce2274da2732f6ece828c207f2f060c

Request headers

Referer
https://winnipegsun.com/
Origin
https://winnipegsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:27 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1593056
x-guploader-uploadid
ABPtcPrwyA9xOvR64IRfaoj1gv7JnKbOUGLb-rSporvHjAeRjLQ8X2-_3YIZ-Baj5KLmPYb16Po
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7514
last-modified
Tue, 19 Dec 2023 19:46:06 GMT
server
UploadServer
etag
W/"9821e7f2a511b6c16c288d392dd2c55d"
vary
Accept-Encoding
x-goog-generation
1703015166560299
x-goog-hash
crc32c=nd/6aQ==, md5=mCHn8qURtsFsKI05LdLFXQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
20870
accept-ranges
none
content-type
application/javascript
main.de60ce74dc51.js
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/ 		134 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/main.de60ce74dc51.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
de60ce74dc51181fe850f249ae75cc015cbf18c96b9e44f5a40e9cc56b0ba85b

Request headers

Referer
https://winnipegsun.com/
Origin
https://winnipegsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:27 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1593056
x-guploader-uploadid
ABPtcPqz7Ad75hbhGCA0XxLjtbT0v4HPWF0EoQrDY53eDb77H_Uxzncjd841KAbZbqRGDomKVlY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46401
last-modified
Tue, 19 Dec 2023 19:46:06 GMT
server
UploadServer
etag
W/"0482cd44a5474059f0144f00e198305f"
vary
Accept-Encoding
x-goog-generation
1703015166460645
x-goog-hash
crc32c=6y/t+g==, md5=BILNRKVHQFnwFE8A4ZgwXw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
136827
accept-ranges
none
content-type
application/javascript
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1704608783169&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwinnipegsun.com%2F&c8=Home%20%7C%20Winnipeg%20Sun%20Home%20Page%20%7C%20Winnipeg%20Sun&c9=
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-amz-cf-id
VqRRT-HF8ETGXaST3jRkh8nkJ1Te_9_pj5xI4X1s01mEH66FBLYP-w==
x-cache
Miss from cloudfront
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sun, 07 Jan 2024 06:41:23 GMT
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 		46 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
eb11737c985ffc9753fd5ad38a8682a8d0938b0bc1ecf117bbd3a318f91e35aa

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:23 GMT
an-x-request-uuid
44d45418-28ca-4b6f-a9c8-365c9185b066
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://winnipegsun.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.10.203; 80.255.10.203; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
b9780a4a-c245-4e3d-afa4-5e9d3c5df5dd
https://winnipegsun.com/ 		159 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://winnipegsun.com/b9780a4a-c245-4e3d-afa4-5e9d3c5df5dd
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d09cb7ee7ca0b5197e35281a401882b36f2be6a08dc219adcad051d3111b1fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
163076
Content-Type
49f8dd26-1a6f-4941-917e-dcdf4dcbb554
https://winnipegsun.com/ 		159 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://winnipegsun.com/49f8dd26-1a6f-4941-917e-dcdf4dcbb554
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d09cb7ee7ca0b5197e35281a401882b36f2be6a08dc219adcad051d3111b1fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
163076
Content-Type
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
288934
expires
60
geoip
api.permutive.com/v2.0/ 		209 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
9d799961163bc310e9b528b76ced3dd459085488c92a0713ce48f2ee67c4a06b

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144
watson
api.permutive.com/v2.0/ 		282 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
a138783cc85058d9aadd75448dd2e916991744cd4553d35639ed8a8648c77c43

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
209
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/ 		74 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22f2060365e34c12dd716fcfb19b771866ad57259178c974deebb5fa30f31095

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ABPtcPojIOh6e7zbZxOqBBwz6sYJybVFOHk6m_gHrxJd9UY6Fe6YmZYTZC45MfatuVYjQ1Nco4Q
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
51175
last-modified
Wed, 03 Jan 2024 06:02:28 GMT
server
cloudflare
etag
"34d7dc9b02850c791207b649897da122"
vary
Accept-Encoding
x-goog-generation
1704261748262385
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=Iyg7rQ==, md5=NNfcmwKFDHkSB7ZJiX2hIg==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
51175
accept-ranges
bytes
timing-allow-origin
*
cf-ray
841a20ffe96891e9-FRA
expires
Sun, 07 Jan 2024 05:31:24 GMT
json
trc.taboola.com/postmedia-winnipegsun/trc/3/ 		66 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/postmedia-winnipegsun/trc/3/json?tim=07%3A26%3A23.334&lti=deflated&data=%7B%22id%22%3A546%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1704366185066%2C%22vi%22%3A1704608783329%2C%22cv%22%3A%2220240104-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwinnipegsun.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwinnipegsun.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwinnipegsun.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7244%2C%22nsid%22%3A%22postmedia1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dpostmedia1-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A6865.953125%2C%22mw%22%3A628.5%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbnails-a%3Apub%3Dpostmedia1-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
28fd02f6d92075fa2f5af9243c167f60f3482e80ef1be7a2b7ad2ed04e9707ce

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
390
date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.3935416666666667
x-fastly-to-nlb-rtt
7467
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220108-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1704608783.345482,VS0,VE390
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
identify
api.permutive.com/v2.0/ 		50 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
5a67733ba40e6a78cb31276af489b23c37ee16673db619e0f053a64420032f72

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
seoc-1373-bryce-walker.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/seoc-1373-bryce-walker.jpg?quality=90&strip=all&w=344&type=webp&sig=x71fcQ2HFUo89NHEZ2C8SQ
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
287b8d490ac3484e0610849ab26216d2764bae2d2e9b2b6e5f8fee2110612052

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"98b6451e4a9c938bec4daf2f98351fedde5ac088"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14904
0615-pg-mfnps-pg.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/09/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/09/0615-pg-mfnps-pg.jpg?quality=90&strip=all&w=344&type=webp&sig=EW3a2LJFv_sHPFo-ou3CWQ
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
022fe3cbe86edc8e3027b1869cc7e3770c7f6843324f45e5fabdb1f9111ef49e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"90123316167a59a3ebdd2bdfa271b695b4488321"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28352
hunting1000.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2020/04/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2020/04/hunting1000.jpg?quality=90&strip=all&w=344&type=webp&sig=VIRzTy7mGeJAfo97NTM_Kg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
ecb5d10652f1498a0427ec56c8b13db66d7d62252667e2a332b4238a0ed6e4fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sat, 06 Jan 2024 12:33:38 GMT
via
1.1 google
server
nginx/1.18.0
age
64365
etag
"9f4af5a9043d41296ed9fc80dce21d25400b4e2b"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11114
ws20240106cp03-wp.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ws20240106cp03-wp.jpg?quality=90&strip=all&w=344&type=webp&sig=ipiwQ43yqQ1tsSa03NF2bA
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
60421046384f50110f339191ecde034223695254e364cba941da9f3922ba8bff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"db575cdad3c7e8704fdf5bdec6eadf12849133b9"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12862
breaking-news-police-tape-surrounds-a-crime-scene-in-burnab1-2.jpeg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2022/09/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2022/09/breaking-news-police-tape-surrounds-a-crime-scene-in-burnab1-2.jpeg?quality=90&strip=all&w=344&type=webp&sig=wPLxAU21wW_m3n5-jIIBqg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
f4cf6722a7876d9c95c63ae4830f70dde55c02a52f1085b07d2ec6e4442946c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"f482425cc51dfd0178e55d35d8c9c42c6b011c22"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-vj775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14370
1911321701.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/1911321701.jpg?quality=90&strip=all&w=344&type=webp&sig=qp8PFkXnEbX7qzJGbIwBHA
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0a9c47485812154ec028c7cc187dd3b208b3c7cc2423105828cd98cbdece59b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"b8d1252f28dff491f7ec15186c78d747a69107c5"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8cwvh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35146
0107scheifele-scaled-e1704575288612.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/0107scheifele-scaled-e1704575288612.jpg?quality=90&strip=all&w=344&type=webp&sig=UL_hMcP0UUTX6vzvrjF7ig
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
d3e061a0e389bc8b910f18f229c015350c78aec0b08ab81ad9d110115dc0b28a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"bed72f13b498a1dda7eb9f422c21f0c60e91ff46"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-vj775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19636
jennifer-botterill-scaled-e1704500728606.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/jennifer-botterill-scaled-e1704500728606.jpg?quality=90&strip=all&w=344&type=webp&sig=xzVZLlwuiOBezbB3WtLaDQ
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
bde967a30def33227519fcf15da0368d22aa14cd3f74ba20db1459cd22efe966

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sat, 06 Jan 2024 06:09:16 GMT
via
1.1 google
server
nginx/1.18.0
age
87427
etag
"60e5d67147ce747976a305fbf3032d0f93f330d8"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21994
pasquales-slow-roasted-italian-beef-sandwich.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/pasquales-slow-roasted-italian-beef-sandwich.jpg?quality=90&strip=all&w=344&type=webp&sig=QMqpVbeeP1POAh6rbguZ_A
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a54755664fa513c9d9525232826b221b2c0930e5f4c7c7e73ec8ec2e86e59d0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sat, 06 Jan 2024 19:02:12 GMT
via
1.1 google
server
nginx/1.18.0
age
41051
etag
"1a8ff6e0381905fc28c3a05b826bbb14544ce809"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21868
chretien-2-e1704488877788.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/chretien-2-e1704488877788.jpg?quality=90&strip=all&w=344&type=webp&sig=z-xayfDZGoAjKyB6i92_qQ
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
8c171ad15f89084c490ea873efc59e1d1b7b78c3a6726d1489b97a0150532741

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"41586e134ce38521d7bf008072abd2682351b5f6"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12396
GettyImages-1019902904-scaled-e1693951080833.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/GettyImages-1019902904-scaled-e1693951080833.jpg?quality=90&strip=all&w=344&type=webp&sig=wnl3qFnL9JlQknTSkTnEdQ
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a29ec18a5db51ce2cb84e49a132508760d642be072547ff66fbdd634ec71c8f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"c4e96157a6be50384dd4b0d3b1d39c632c28851a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-vj775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14664
GettyImages-620407048-scaled-e1704161827617.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/GettyImages-620407048-scaled-e1704161827617.jpg?quality=90&strip=all&w=344&type=webp&sig=bt1aYQuHSf9fYZtWD3BjKQ
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
91bea09bb5b862f1281f09d3cb07fb229cbbbb490af1da3f537d8b3bad09dfab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"b505a462e2be04fb384f6d6beae8b38bdeca2d3b"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-vj775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25244
CP169573194-scaled-e1704492878999.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/CP169573194-scaled-e1704492878999.jpg?quality=90&strip=all&w=344&type=webp&sig=uUHUsw8N25M9GEEJtiXJog
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
1540cb75cc21eb63cb96d5c7e6e231564b58f84016924c19b4d79f4d06b1199b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"2c62a859f1c8358526538e2e43ef59cf29b64a75"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8cwvh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9858
Ont-Toronto-Hate-Investigation-20240103-scaled-e1704492544700.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/Ont-Toronto-Hate-Investigation-20240103-scaled-e1704492544700.jpg?quality=90&strip=all&w=344&type=webp&sig=DMN-8xjxe4J1yBejkuVoIQ
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
c0273dbb77b9f7cde21785e958eb005e95cc8a333ee11046275f926a5e9c9184

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"e67c66eb6cf6fc2c408d24cb488799270634b4c6"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8cwvh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27682
Mason-Rudolph-scaled-e1704588705417.jpg
smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2024/01/Mason-Rudolph-scaled-e1704588705417.jpg?quality=90&strip=all&w=344&type=webp&sig=NClZU8dVgZ4b3Vpsb3rqzA
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
8d155ad03d6e9930caa878e380b47e792c0c0d09dcec4af546c3132c10abfe07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
winnipegsun
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
nginx/1.18.0
etag
"a602588a151cb4d3d31a9d62edd78d31738bd12b"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-vj775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23410
688c080cafcfa4457b823.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/688c080cafcfa4457b823.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f8859622b014c35916f294efc76fdb684a5681149809636416851b765d4eaf39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1593063
x-guploader-uploadid
ABPtcPo2iOj4WpPOnP4PjLZANMIFmCwxJsVL7Miw1PXAK1g5zLsfhrwhWvzW4_6dt3oIu7LicX5K4W-oOQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3749
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"732fda2c30c3393b58bf994c348513e9"
vary
Accept-Encoding
x-goog-generation
1703015238971652
x-goog-hash
crc32c=Vq7U3Q==, md5=cy/aLDDDOTtYv5lMNIUT6Q==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11752
accept-ranges
none
f8ea7554630384877a2617.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/f8ea7554630384877a2617.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1185218883cb5ec765c3292aaaccf15869b99c089b1c938266134666608a6ba1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
1593063
x-guploader-uploadid
ABPtcPqg2XaeZq1io9MhusC0L03UKWdjOL-qyNyGI0QasJq-7JtDZn7tSdeo1a5cdcUaOlEQyzo9goxWxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4454
last-modified
Tue, 19 Dec 2023 19:47:20 GMT
server
UploadServer
etag
W/"63ac658e3632ca1e5a0f6645b4912a38"
vary
Accept-Encoding
x-goog-generation
1703015240772266
x-goog-hash
crc32c=Q2a+sw==, md5=Y6xljjYyyh5aD2ZFtJEqOA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
14083
accept-ranges
none
7380f428297495c9787e0.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/7380f428297495c9787e0.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1593063
x-guploader-uploadid
ABPtcPpd3ab4EkBPPJIGU3NRkPh2rUaJKvtql21bNswPltQHsUX7guErqiN8dmxCsyc2OTDQ4yvISmRvHQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2829
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
W/"16a345a6eb36c4391df09d45582d99e7"
vary
Accept-Encoding
x-goog-generation
1703015239108648
x-goog-hash
crc32c=eCv7Ug==, md5=FqNFpus2xDkd8J1FWC2Z5w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6981
accept-ranges
none
836d4e0fd22a7dc68a052.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/836d4e0fd22a7dc68a052.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
102879bcdf1bb8d7079cbf09cd33581139013f7a0b109c64fd2a8f9511f3cbf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 07:15:10 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
429073
x-guploader-uploadid
ABPtcPrWqHQ6lX2wJr7QAHdeT_66zqfOcOotEa2htHEee2uXNhY1L4ZBz8s71KgouuuFOJZgi20
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11017
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
W/"40601ecfe330a5efc9af7222edd73d39"
vary
Accept-Encoding
x-goog-generation
1703015239470643
x-goog-hash
crc32c=1HdvsQ==, md5=QGAez+Mwpe/Jr3Ii7dc9OQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
35648
accept-ranges
none
6a86c658a5e7c0d0e7db5.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/6a86c658a5e7c0d0e7db5.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6be53e044a8e84e3c66d8eb5d2f359feba5b32c072ef3456830f32acedb163a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:02:53 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
408210
x-guploader-uploadid
ABPtcPpIh8wI96NvsG-ydgZza9OE-c1iUyRRLouqL3XvE9Is9C3KNQkspgyIhq11aPRVgb4bm8Y
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3495
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
W/"58c394221ccae33c2c42f73f3470f6f5"
vary
Accept-Encoding
x-goog-generation
1703015239045531
x-goog-hash
crc32c=hNkDkQ==, md5=WMOUIhzK4zwsQvc/NHD29Q==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
10705
accept-ranges
none
990b9e18d9293f53494350.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		224 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/990b9e18d9293f53494350.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3f16a99683ec813507fab742f11167db01a3c2ced3fdaa6f1ea859d2f9f4fe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:58:46 GMT
x-goog-meta-goog-reserved-file-mtime
1703014124
age
1592857
x-guploader-uploadid
ABPtcPpoyHeBMjWRmJGEPbA84Pw-2vWQAG8XMy2MOIwIocbalNjjmebac1v0_C-BxkWjJZQMQqRFhsxNpQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
"f2717194027d340cf5c65feefc7ab9b0"
x-goog-generation
1703015239620849
x-goog-hash
crc32c=YHGd/A==, md5=8nFxlAJ9NAz1xl/u/Hq5sA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
1ef368c136434f274a3128.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/1ef368c136434f274a3128.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c2a7c80301032f20f90d00a75cef91a4af5a7fa04651eaac3281f66466c8e8dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:58:46 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1592857
x-guploader-uploadid
ABPtcPrlM8dwl-a6zoLG32M0jdugNG2pnzhB1QQIZB7FMgZ7ZeYgo3ry2kUFttbS_TjW6x2gnJr2YgdpMw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3676
last-modified
Tue, 19 Dec 2023 19:47:15 GMT
server
UploadServer
etag
W/"811b1520f4ab50634eefe75c81fe95b2"
vary
Accept-Encoding
x-goog-generation
1703015235676437
x-goog-hash
crc32c=+Tp0ug==, md5=gRsVIPSrUGNO7+dcgf6Vsg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11527
accept-ranges
none
cf5d329b7f5a70d26c0a18.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		750 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/cf5d329b7f5a70d26c0a18.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0bc0805d442ae7ead864b82381c168035e8d70535e6f6acea31f4f1caf65ae58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:58:46 GMT
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1592857
x-guploader-uploadid
ABPtcPpWsTUWePdC-NzprC1s66WaKA97LeoYAiDDN8pv7XbTluCHgBDxNEJab__ZJRHi8ehNpxmY-KPBsA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
750
last-modified
Tue, 19 Dec 2023 19:47:20 GMT
server
UploadServer
etag
"95321bd12efb680204d12be98f3d7ba4"
x-goog-generation
1703015240256252
x-goog-hash
crc32c=WLxsPQ==, md5=lTIb0S77aAIE0Svpjz17pA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
750
accept-ranges
bytes
286b462e1048adda4f6f36.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/286b462e1048adda4f6f36.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
77f014b24f1d51b9e8feb12df701a957c14c0be286d6c914975afd019d15a79a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:28 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1593055
x-guploader-uploadid
ABPtcPq0l1OsvPoMczt4E2S8Y4xxfugMcmPfxtl4aS6IB3jNTZEBkanM0lHVLJgDgpY5fOON8tw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1072
last-modified
Tue, 19 Dec 2023 19:47:16 GMT
server
UploadServer
etag
W/"3d636269883d1e0a8bcb405d83e6136d"
vary
Accept-Encoding
x-goog-generation
1703015236440261
x-goog-hash
crc32c=MY5NLg==, md5=PWNiaYg9HgqLy0Bdg+YTbQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2461
accept-ranges
none
cb72fc449da58641945238.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/cb72fc449da58641945238.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5d410b4aea9f38a035bdc4323315891f9e798d297e3e3db8d000f6e63f54cb51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:58:46 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
1592857
x-guploader-uploadid
ABPtcPq--8tfthTKOKRo_xIu5vcEagIH6UbzC5_VZXSj7eVHYulnm1C5JdblYSWSoFUUTGTiu0_h4mcSmQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2981
last-modified
Tue, 19 Dec 2023 19:47:20 GMT
server
UploadServer
etag
W/"48956c4b87ff7d0af1cbae347e1d78eb"
vary
Accept-Encoding
x-goog-generation
1703015240228053
x-goog-hash
crc32c=zWYpSg==, md5=SJVsS4f/fQrxy640fh146w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
10050
accept-ranges
none
4f4d1628a8065ccff16624.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/4f4d1628a8065ccff16624.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
43a42702c59bc37d11cb776ffd904de25fe945c6028ef290dabfd0e977a88366

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1593063
x-guploader-uploadid
ABPtcPqda23I98f5cofe0nSda56RcL7AGJ-y9G6VshCW2CCxa3uLDu8OH5MyZ-bDdjLGf-by63eGCVigsg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2093
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"c6326d88acc6beb06cf9db5fffaee6c6"
vary
Accept-Encoding
x-goog-generation
1703015238307588
x-goog-hash
crc32c=hqW8ug==, md5=xjJtiKzGvrBs+dtf/67mxg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6047
accept-ranges
none
4c053bd7593db896d5bd4.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/4c053bd7593db896d5bd4.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
87b85c256b170188318d0d8c695f43153651f18ee7a4788101b65da65ae0b85d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
1593063
x-guploader-uploadid
ABPtcPrhR49xG5AQP-I787WR1kL3SOnQ-WxCai1kDI8pXw8ugotIOMcj_Yl7S6_lvCcuyacK6E5Fyje3Uw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4388
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"7483c234c6571a1ccf1dad53c7ccc622"
vary
Accept-Encoding
x-goog-generation
1703015238079242
x-goog-hash
crc32c=cT/cag==, md5=dIPCNMZXGhzPHa1Tx8zGIg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
15526
accept-ranges
none
a22185a71907d8927c8537.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		224 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/a22185a71907d8927c8537.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e6214b2559f67192d41d07d928357497936f068d2953d63646bbfe104b1d68c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1593063
x-guploader-uploadid
ABPtcPqz8XqEb8MaDqnZKQPGaKoDm8tcIRTASYjC3q4CR3RUJbxKekshvGpEcB93U3L-0e-9P6_16lauPQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
"4ee0e989a064cf6630bf9ebee4879191"
x-goog-generation
1703015239741862
x-goog-hash
crc32c=jUJANA==, md5=TuDpiaBkz2Ywv56+5IeRkQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
player-event
events.qortex.ai/api/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/bootstrapper?group-id=mWG1MKwnUqyMj5mnvTfg&video-container=.jw-wrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8w66GPhgpxszvITgN4P1%2FlhYUVsUV7347sEUwLdC2eB24jW6JHDhCut6%2BwTJYlC%2B8Zz2OukVTf8qhQa8qd1SYbAabElZ99oSuhldxShlmVNNFQIpUkSntfInhwhLKE8DR7TouUPn7bBjffTZrxw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841a210039e41911-FRA
content-length
0
cx-bootstrapper-init
tags.catapultx.com/cxo/ 		49 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/cx-bootstrapper-init
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/bootstrapper?group-id=mWG1MKwnUqyMj5mnvTfg&video-container=.jw-wrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ba7e0e72735ea304bac8a43e87c2da1b7ee2d6705e8548a2fde134beb08d7b48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
123
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DEr8MOV1GMVY8oERzPFvMRhRLI148GplZdG7ojpLFVND8Za92ICZzEuShwt2p%2BPVAWQzHrj6lvWLZBtxg9qj8uacr%2FK%2BI2wmPE%2FEW6a9y8GV05K1hpDgzPkod98u9elRL5nv2NB5UEgItBF4YnCazQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841a21000aa919b1-FRA
init-3392tkd9ir9ggbv3f0mu.js
api.fouanalytics.com/api/ 		0
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.fouanalytics.com/api/init-3392tkd9ir9ggbv3f0mu.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/bootstrapper?group-id=mWG1MKwnUqyMj5mnvTfg&video-container=.jw-wrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nf%2BBJUxGzoYW2QuAbNHqa%2Fr3SogHChZzBfStFgsPS%2FUB%2FS0fZtIFQr1FikJpu91%2FTDy7up%2BeTBTQx%2FjGixIf0AWUeqbgJKpVnNzaBb08U%2BMAz1y4HT63qlD6AmYrYxjNyxJ1VaqlYCZjvDl8a%2BfszVGFdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
841a21004c8cf0ec-CDG
alt-svc
h3=":443"; ma=86400
expires
0
noscript-3392tkd9ir9ggbv3f0mu.gif
api.fouanalytics.com/api/ 		0
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.fouanalytics.com/api/noscript-3392tkd9ir9ggbv3f0mu.gif
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5weTPNJsp5563N%2FsSOiRosyu8WTsXqfHcOB4JIlbkzs%2B1wIwHRmd1g2IvZvPoQ%2Fs5Qs%2BOuLR7Fi0B1VdTClsnG8Id%2BTzW16SH623dEy4YBCmvRNeBKYc8yUyj7WU7L20B56qV79BjMl02zCGoqp%2F7%2B%2FSvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
841a21004c8ff0ec-CDG
alt-svc
h3=":443"; ma=86400
expires
0
xd.html
fem.gprod.postmedia.digital/v93.0/ Frame 273B 		165 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
531dd530899d5c89c1c766c0ca463c5e319a84044ebde699ec95b633807025a5

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1592741
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
165
content-type
text/html
date
Tue, 19 Dec 2023 20:00:42 GMT
etag
"e66a4f59260370c7eb851d9880e08527"
last-modified
Mon, 11 Dec 2023 19:02:03 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1702321323873559
x-goog-hash
crc32c=e89JmA== md5=5mpPWSYDcMfrhR2YgOCFJw==
x-goog-meta-goog-reserved-file-mtime
1702321262
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ABPtcPqCLQn_nl7LsEHpqaalt88R_fc1f1KrCidQ8bMCivezy7DAYeJV4GWQccO4NKg-C0Qu1GscKvuknA
pub
pixel.adsafeprotected.com/services/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.90,970.90,728.90%5D,p:/3081/SMCO_ENUR_WSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_WSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_WSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_WSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_WSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_WSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_WSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_WSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_WSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_WSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_WSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_WSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_WSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_WSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-8,ss:%5B8.8%5D,p:/3081/SMCO_ENUR_WSUN_EN_WEB/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENUR_WSUN_EN_WEB/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=1f34c4f2-a518-0df4-52fa-56dcfb716f89&url=https%253A%252F%252Fwinnipegsun.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-86.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
509847dca3152d2a08b3b2d763d70d3cdd007fba1cb253c18803ff52ad8ddc25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
server
nginx
x-server-name
app02.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://winnipegsun.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fwinnipegsun.com%2F&pid=yMniy6xFO8JcU&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x90%22%2C%22970x90%22%2C%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-2%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-3%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-4%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-5%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-6%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-7%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-8%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.93.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-93-173.prg50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
B21WVYCXGCB9ASED6XX3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
h857YMnPKGZxzfYnj9V1NJ60A8dmt3fyZTqeBFMve5zJKfE3Vvq__Q==
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
296459
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
841a210068ab2bb0-FRA
expires
Wed, 10 Jan 2024 06:26:23 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16766
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230131-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SeaAShY9SQyMY327BTVpvBSovpxZVatrJLiXfNXW7XzDN%2BfL2BtjHeE1hxoF4%2BjdXQ0A5OvId2%2BlHdkU0TUXL1jjrauJFfTXgbCX%2FVYiqvfY3w%2Fn4ZolmwuZGA4DMlQF3kgJBx5qQAae3aOy%2B6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
841a210058176946-FRA
xd.js
fem.gprod.postmedia.digital/v93.0/ Frame 273B 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/xd.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8923b4f2bb98765736f23c71a08a37e09f44734e5ebff0bd587f4db5ab1c9c8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fem.gprod.postmedia.digital/v93.0/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:00:43 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1702321262
age
1592740
x-guploader-uploadid
ABPtcPpJd203vU58F_zjOJvbflCdRpT7DZrRwqQU_n6g-NzL701M05mrYbyeEf1ksXJ4OOMIXX-FqFGFcw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21177
last-modified
Mon, 11 Dec 2023 19:02:03 GMT
server
UploadServer
etag
W/"2139b791b942c7780fd5e1534f6192af"
vary
Accept-Encoding
x-goog-generation
1702321323904544
x-goog-hash
crc32c=05N7iw==, md5=ITm3kblCx3gP1eFTT2GSrw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
68978
accept-ranges
none
/
winnipegsun.com/api-root/media/videos/playlists/07SVOpp3/player/json/ 		11 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://winnipegsun.com/api-root/media/videos/playlists/07SVOpp3/player/json/
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/688c080cafcfa4457b823.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
f216049229babc7f2d23a2d882c64607e118757907e7411da267a7f7c78546ff
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-content-type-options
nosniff
content-encoding
gzip
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
via
1.1 google
x-envoy-upstream-service-time
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
referrer-policy
strict-origin-when-cross-origin
last-modified
Sunday, 07-Jan-2024 06:26:23 GMT
server
istio-envoy
x-pmd-backend
pmd-nginx-proxy-6cbdf6d5bf-kngsv
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,Accept, Cookie, Origin
content-type
application/json
allow
GET, HEAD, OPTIONS
cache-control
max-age=900,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
expires
Sun, 07 Jan 2024 06:40:52 GMT
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Sun, 07 Jan 2024 06:26:23 GMT
simple
api.sail-personalize.com/v1/personalize/ 		288 B
498 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
4547f04e548348861313a49cb5b980141808f5a4187f8e94fd7033617adaae9c

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://winnipegsun.com/
x-referring-url
https://winnipegsun.com/

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
197
expires
-1
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:23 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:23 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:23 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:23 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:23 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:23 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:23 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:23 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:23 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:23 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:23 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:23 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:23 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:23 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:23 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:23 GMT
server
ATS/9.1.10.94
v1
btlr.sharethrough.com/universal/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.234.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-234-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.234.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-234-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.234.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-234-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.234.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-234-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.234.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-234-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.234.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-234-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.234.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-234-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.234.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-234-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.234.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-234-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.234.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-234-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.234.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-234-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.234.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-234-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.234.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-234-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.234.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-234-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.234.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-234-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		53 B
249 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
1e5d4fe9acb9046e86f17789a5220fdcbbf1d60c158071577bda0bea9a0023a3

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a211e1a514500a7677cf6057a725432ab9b3601378cfc8ee2bcb66b5843e40f6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
an-x-request-uuid
0a8fd9cf-35ab-48e9-a93e-7e57383b1ed0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://winnipegsun.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.10.203; 80.255.10.203; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
700 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
fa68f5aeeba6635ff9a64edec18cc97245f98ba054492c0932bf20deed31d0ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:23 GMT
an-x-request-uuid
42f12ba2-25fa-40de-99c9-5ea8c7baf22c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://winnipegsun.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.10.203; 80.255.10.203; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1009 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUKB9454
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
a5d38fbf37bd695ae1b1a840b854ccd1c65527be02b3beded533d21700e46ecf

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
170
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jan 2024 06:26:23 GMT
translator
hbopenbid.pubmatic.com/ 		0
113 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
548 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=613279
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741085f06adb52932a2e7755207e77e991061730e32f22368bc4ad72893d162a

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxEY9i4OGeg1YzPYe6Aw6MHkMty7FzWrYnuS4Nryl9uxgOL%2FFXnpQc4jz7QKIDrL%2BfSUiUwqMFwzJuWfgO4MRknIQZrM5%2FzyhTK53ZhfewE6ddP9HDnNkMX7eJqkbnAo2qFoEuje"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
841a2100ff1e35fe-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		0
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=78216946850&lsavail=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:23 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
bdd25e561da30f333857283f41e9864751bd9bb6925eee8632a6c2fbc806f428

Request headers

Referer
https://winnipegsun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e14452f11348b20745371cd560dbe5459a47642e7d349984554fbecbd1dbc92b

Request headers

Referer
https://winnipegsun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e18409fef0205a95fa67c84acd948547f9d3986a809c1607e9adc0b8f3b0b746

Request headers

Referer
https://winnipegsun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
a55c9bd8df8a2f0a4945692f997d7a8ae4cd2d77f9c131272631c4e1540f5e24

Request headers

Referer
https://winnipegsun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
8281f7090478617d1af70528713404741a5391a534b1510e1229a19e17e1a6bb

Request headers

Referer
https://winnipegsun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
4d83a83adad5bced5b4e76a9628079dccd1a7123c4b1a65aa5bb200ead7b8899

Request headers

Referer
https://winnipegsun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
3f485a3b87ba247e6828438291e17f383e767663c51591d2e9c8d959b809c80d

Request headers

Referer
https://winnipegsun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
1d4d08cb87de13ea144666615403c6c3d417abc97d5f263cf340a7121926ca96

Request headers

Referer
https://winnipegsun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
340 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
061ba4ceef55d54a157bfe2f5659e78da41231eb3396cbc5704e3a897e9aadca

Request headers

Referer
https://winnipegsun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
content-length
82
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
118 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
433a4668c72cce639da0ea37940a202d98e7fd025c61088b11c30ba85c4d396c

Request headers

Referer
https://winnipegsun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
content-length
83
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
29210ccc2fed107ca5dec3d95e53d8a126855ca6c121bbc1be6ab56b21251763

Request headers

Referer
https://winnipegsun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
119 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
959f30df28cfb749379a835dc6a7cc6920a614cb156b9c35f1166c80d2154788

Request headers

Referer
https://winnipegsun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
ee68110f05db809ab428cf4ad590220e48aa7f9236f7bcdf5bc2548f22650164

Request headers

Referer
https://winnipegsun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
eefc072980a2309b9fed7fbb7fb4c132dfb3e591e7a0ebd8690a4f68e847dbe1

Request headers

Referer
https://winnipegsun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
cf51d421525c079d656f1b819732424bd915777e22666d20a6b61bd9b727ac7c

Request headers

Referer
https://winnipegsun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
d408d97284f45bc5fdb582ca1421d27e18bb7267574562cbd72bfec9163677ed

Request headers

Referer
https://winnipegsun.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
content-length
84
fastlane.json
fastlane.rubiconproject.com/a/api/ 		10 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939110&size_id=2%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15&alt_size_ids=55%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57&eid_pubcid.org=7eb757e7-2d42-4d34-86c9-1fd7c96f0166%5E1&rf=https%3A%2F%2Fwinnipegsun.com%2F&tg_i.domain=winnipegsun.com&tg_i.page=https%3A%2F%2Fwinnipegsun.com%2F&tg_i.aupname=%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex&tg_i.pbadslot=%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-1%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-2%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-native-2%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-3%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-native-3%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-4%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-native-4%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-5%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-native-5%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-6&tk_flint=dmpbjs_v8.23.0&x_source.tid=cdbefca9-2698-442b-a33f-ca2add46ce36&l_pb_bid_id=23358d6f87af1bcf%3B2343db5c60b28acc%3B2358a9b8fdff1062%3B236ed39aeb42f79a%3B2371dcbf8f4d3d4e%3B238e3d3c82643cc3%3B239a0286f744f3df%3B240425ae7cd7ab0e%3B241092f87d6bafc8%3B2429bbc3ba192fc&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c19f4ef7-0aab-43e6-8b04-ddcdf3009a16%3B1f81db90-d62a-41a0-a35d-a770824d4209%3B14b298ac-a0da-4804-94e0-2d6cd7f69beb%3Bf3edebef-ab9b-42a1-8f75-6c26dd48ac63%3B0b044772-e1e0-4e16-9ce4-19625d0cd167%3B4d61d7e9-6a45-4fcd-bc41-84cb14214fcf%3B0d74f961-14a2-4c98-8081-67991ec61681%3Bbae12ce4-4f1d-441a-80b2-103edf1e6f57%3B5a88c585-9799-48d0-89ab-7c90512ba5a4%3B8f04b0e9-f8ad-42c0-825d-2946dd8e7c6e&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-1%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-2%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-native-2%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-3%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-native-3%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-4%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-native-4%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-5%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-native-5%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-6&slots=10&rand=0.3187215864544539
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
446e8f9078a8ec0502f5ebea6447d30a3cb1ba842199d85897ea63307174800f

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1017 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=1939110&size_id=15&alt_size_ids=2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57&eid_pubcid.org=7eb757e7-2d42-4d34-86c9-1fd7c96f0166%5E1&rf=https%3A%2F%2Fwinnipegsun.com%2F&tg_i.domain=winnipegsun.com&tg_i.page=https%3A%2F%2Fwinnipegsun.com%2F&tg_i.aupname=%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex&tg_i.pbadslot=%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-native-6%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-7%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-native-7%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-8%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-native-8%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-9&tk_flint=dmpbjs_v8.23.0&x_source.tid=cdbefca9-2698-442b-a33f-ca2add46ce36&l_pb_bid_id=243814b3427b1827%3B24416f42c18065d8%3B245edb700f410a62%3B2467f391108f480f%3B247e70e40eb00309%3B24859f37d8388c08&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c4187362-e532-49e9-ad7c-2bb4018d61b5%3Bc3cf5599-4b5f-4b27-9a8a-b3cd9a64216d%3B7872009d-9ded-4d2b-a957-ed2a5f891568%3Bd936da92-debf-4db2-a95a-a1f09fa5fff4%3B35cc8517-20dc-4703-9a71-dc837f6e3d40%3Ba9b1a11d-4be5-4151-848d-3b0422cd4d55&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-native-6%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-7%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-native-7%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-8%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-native-8%3B%2F3081%2FSMCO_ENUR_WSUN_EN_WEB%2Findex%23ad-9&slots=6&rand=0.020114494745108402
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5d97df0db980380ab1384810b96b17961d95ec4b39d2acea8b6c2013881f9a6d

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
433
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		25 B
278 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.23.0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.113.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-113-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a62b97875f943de76fc2c96ac608b5c9511a8f90e97fe37ec2debe3f69f5e26a

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
envelope
lexicon.33across.com/v1/ 		49 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=esp&ver=1.3.0
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
comscore.js
storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/ 		168 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/comscore.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/286b462e1048adda4f6f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 05:27:24 GMT
age
3539
x-guploader-uploadid
ABPtcPqcDabzx1b8MTlp6BtXLkmlP5zDJQIAbm5rlMnezSh5d5MV7Vke05KOfEGgtsE7fu8-DEI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
171739
last-modified
Tue, 13 Sep 2022 19:04:43 GMT
server
UploadServer
etag
"702fb2c84c6e8b364a6130cb860c7987"
x-goog-generation
1663095883714722
x-goog-hash
crc32c=aQkgGQ==, md5=cC+yyExuizZKYTDLhgx5hw==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
171739
accept-ranges
bytes
expires
Sun, 07 Jan 2024 06:27:24 GMT
pub
pixel.adsafeprotected.com/services/ 		300 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:jw-ad-1,ss:%5B640.480%5D,p:undefined,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=1f34c4f2-a518-0df4-52fa-56dcfb716f89&url=https%253A%252F%252Fwinnipegsun.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-86.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5fc86f9fe68da387978786620eae809d86ed9b29fb2f7bd1cdd79c7f02bd66cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
server
nginx
x-server-name
app07.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://winnipegsun.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
lqbjtgex-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/Iv67Shyx/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/lqbjtgex-320.jpg
21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/lqbjtgex-320.jpg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0b3b527853be89c6cf58ed3010f4a3eef43e61bc98ce229a842c8977d2072590

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
588
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
21785
x-served-by
cache-iad-kcgs7200065-IAD, cache-fra-eddf8230088-FRA
last-modified
Fri, 05 Jan 2024 01:46:47 GMT
server
nginx
x-timer
S1704608784.686925,VS0,VE1
etag
"e936133a6ea747355a132845abd31d87"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
21, 1

Redirect headers

date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/lqbjtgex-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
mW9xyqyCxjwK2DUwT5nDgyma8JrPQl0ariqqqVNfnZbLlEfuKZkO4w==
45bEBgIV-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/br7L84WR/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/45bEBgIV-320.jpg
23 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/45bEBgIV-320.jpg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1e6494c24a33dbdd3877c44a0aeabfc32e356a8752a7877a1a4af8c08407652c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
730
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
22548
x-served-by
cache-iad-kiad7000172-IAD, cache-fra-eddf8230088-FRA
last-modified
Thu, 04 Jan 2024 16:33:35 GMT
server
nginx
x-timer
S1704608784.680273,VS0,VE1
etag
"93561391365587bb4fd1301864ff3fc6"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
18, 1

Redirect headers

date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/45bEBgIV-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
q5SFvlImdajLBkgRg7iyEq0BdS3d9piLQhOYSbHRIlptimlCNTrqyQ==
fa3Lx4xY-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/XvPMTTp4/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/fa3Lx4xY-320.jpg
24 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/fa3Lx4xY-320.jpg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ab9c81354f2fc61fc082bbd15b0c46841de6b0029267514307333bdbd80b7177

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
258
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
23877
x-served-by
cache-iad-kjyo7100037-IAD, cache-fra-eddf8230088-FRA
last-modified
Wed, 03 Jan 2024 21:15:36 GMT
server
nginx
x-timer
S1704608784.680398,VS0,VE1
etag
"077d5987f229b0ecf4a52d4c75902cbd"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
4871, 1

Redirect headers

date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/fa3Lx4xY-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
jCq60aTqCfWgSb_towbcMJdpE8E3SiLf7JBXaSfQ_DPKmR_jxGs1eg==
KwC275w1-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/ezBKvBhV/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/KwC275w1-320.jpg
29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/KwC275w1-320.jpg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f79d1837a7fcc0b57562cf230275f5e5d8668ae84de517af75d181af4fd419af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
213
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
29044
x-served-by
cache-iad-kiad7000062-IAD, cache-fra-eddf8230088-FRA
last-modified
Mon, 01 Jan 2024 13:51:42 GMT
server
nginx
x-timer
S1704608784.685724,VS0,VE1
etag
"a7c66448ae80d7dbc4adcda841ebd12d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
7020, 1

Redirect headers

date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/KwC275w1-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
srsKWo7ZWVXdALvIOHeYt7KyotPyI83ihFkLTkk0pNE6pFkvPf3W_A==
e1fbvge5-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/SR4Na9dW/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/e1fbvge5-320.jpg
17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/e1fbvge5-320.jpg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7a2689a85b4cc1534d8192164ee975eda66817c587a595819586b847f1544a15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
201
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
17298
x-served-by
cache-iad-kjyo7100170-IAD, cache-fra-eddf8230088-FRA
last-modified
Mon, 01 Jan 2024 00:47:52 GMT
server
nginx
x-timer
S1704608784.680531,VS0,VE86
etag
"a3e9b13c459660305ea8126ff55e3c9e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
5074, 1

Redirect headers

date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/e1fbvge5-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
uqb1EgJGLBfX-C8ub77pGO5Se0X8p7eVNyl-6II70EMf71tBvArGkA==
pvja2ecn-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/94EtwCnP/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/pvja2ecn-320.jpg
26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/pvja2ecn-320.jpg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
739556c57654d343bad214bd7752c37c95937c73c3aa9fdd731ec14f5f116aed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
639
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
27086
x-served-by
cache-iad-kiad7000143-IAD, cache-fra-eddf8230088-FRA
last-modified
Sun, 31 Dec 2023 06:17:05 GMT
server
nginx
x-timer
S1704608784.714296,VS0,VE1
etag
"1a4e7cf3ca86cafbe028e42fe92fb1a0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
13030, 1

Redirect headers

date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/pvja2ecn-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
76MhYncPoILAxElsvEgosufoLU63135XoxB_hhw89AOaTahdAu0Iow==
3Pjtsw8W-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/KOHrP986/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/3Pjtsw8W-320.jpg
20 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/3Pjtsw8W-320.jpg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
046db9e8217474f28c809ac99038ce66a7675793d8d4105042610dafa5ae6754

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
487
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
19594
x-served-by
cache-iad-kcgs7200129-IAD, cache-fra-eddf8230088-FRA
last-modified
Tue, 19 Dec 2023 23:40:54 GMT
server
nginx
x-timer
S1704608784.681917,VS0,VE88
etag
"7f2363afbaec9f02396b9fb63cd67ea9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
33150, 1

Redirect headers

date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/3Pjtsw8W-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Ip-pRiJQox6xUcJDwQ-kWBl28cA6BdRc7mavNqQ6zprX4Xu3wEnLlQ==
CXNE72js-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/t29us0iK/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/CXNE72js-320.jpg
27 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/CXNE72js-320.jpg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
047a80d9edc8b66bfa4e8884099d3ac471f89b7fa1286915e1c97156041364fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
334
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
26413
x-served-by
cache-iad-kcgs7200079-IAD, cache-fra-eddf8230088-FRA
last-modified
Fri, 22 Dec 2023 19:56:11 GMT
server
nginx
x-timer
S1704608784.682376,VS0,VE89
etag
"4d5216dbda76dbebe612154a93918e3e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
27396, 1

Redirect headers

date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/CXNE72js-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
-h4tCIZLtZUm1l--j9Ykqj4qroJz8kGle23PLwOknzbZ-mgWJM7gbg==
hUJxBR0n-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/bmXEcx9C/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/hUJxBR0n-320.jpg
22 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/hUJxBR0n-320.jpg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
87097db7fe2a77cab6d89f7e2369430f3c6ffef3ea1c7ee01fe160a4c82bb4f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
334
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
21500
x-served-by
cache-iad-kiad7000086-IAD, cache-fra-eddf8230088-FRA
last-modified
Fri, 22 Dec 2023 18:17:49 GMT
server
nginx
x-timer
S1704608784.684499,VS0,VE86
etag
"88c4978a9a337bac26fed6092baa8f46"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
4580, 1

Redirect headers

date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/hUJxBR0n-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
DZ050vlrwuFudi6W7C33kwc3Z8S-ivDXo2LhfTRJcB4u5wg280t4hA==
wLe9WzmE-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/STu5EiL5/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-320.jpg
29 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-320.jpg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8e2772ae7e6a9b4178e20a772e489c536fdbbc5c7673facbe2aea97d45219b31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
261
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
28941
x-served-by
cache-iad-kjyo7100178-IAD, cache-fra-eddf8230088-FRA
last-modified
Fri, 05 Jan 2024 18:59:47 GMT
server
nginx
x-timer
S1704608784.684139,VS0,VE1
etag
"a02236ab116b91533bbe6db864a7845f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
15, 1

Redirect headers

date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
OWOgbAxq33jtwODUooWGutGOQw_Z9ziGta1qUDXQwjk2tpn7S0iZnQ==
segment
api.permutive.com/adv/v2/ 		14 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
IIqOV7lO.js
cdn.jwplayer.com/libraries/ 		109 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/IIqOV7lO.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/286b462e1048adda4f6f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:a000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
b1f7dc33dcbfa83bc6b5c174816fe3dca66f159e2dea223c83cd6b701a9414cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
gzip
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
41657
x-amz-cf-id
gN0zFLjt9WS5Tc8QwL1XYSpu8JSKSgNURCS2BJkpzmyHuf4U6AIWQg==
07SVOpp3
cdn.jwplayer.com/v2/playlists/ 		58 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/07SVOpp3
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/836d4e0fd22a7dc68a052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:a000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
eba5ac83e3afb2956ec58bbfc47d4505449858f1c6251e1ca284af00a915f47b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
9143
x-amz-cf-id
RiRY8zwxRM86Ce2PtSdGe-HNBcchDttfXoZEHeppk5n7orwEqrgMYw==
expires
Sun, 07 Jan 2024 06:29:24
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.7.5/ 		121 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.7.5/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7bd96688cbb98c39cc3c0dc22f09cbfd22d353d77b651ebc255cfaedfecdbc5

Request headers

Referer
https://winnipegsun.com/
Origin
https://winnipegsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
591597
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34238
x-served-by
cache-fra-etou8220035-FRA
last-modified
Sun, 31 Dec 2023 10:01:09 GMT
server
AmazonS3
x-timer
S1704608784.772080,VS0,VE0
etag
"cf9f8c79c74a3093183012fb770abf82"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
vlSrrwuWG6AsTzV7KsViTku81sswjDfAxWS_YBw1JyB0jcrtPyODsg==
x-cache-hits
79624
feed-card-placeholder.20240104-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20240104-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40eb4494f963b2f531935eb893e7c70b1bd4d8883ca07fde4edb042c4af11387

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
fMi2KLEulvb_uusjzoVCBQ4IFfzO1Ulw
content-encoding
gzip
via
1.1 varnish
date
Sun, 07 Jan 2024 06:26:23 GMT
x-amz-request-id
M57S5QXV1PXKNBKX
age
242276
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
ggjGtwnj1WksZd82CjsC2OlYj84BWk5S+tBzDE5CScYqv90iHnaDESPly8ER+qLbIODyRfi/LQo=
x-served-by
cache-fra-etou8220108-FRA
last-modified
Thu, 04 Jan 2024 11:08:27 GMT
server
AmazonS3
x-timer
S1704608784.757822,VS0,VE0
etag
"4f50a068fa248996321f367dcf8c7f52"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
37
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
346712
userx.20240104-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20240104-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
682eea5c87bf67e804007deb37d6cc3e5eb7086374828b2af3edd3f3dda92da3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
gXOZGBIlMChbQZN6H7nE1LNB2AO93v3U
content-encoding
gzip
via
1.1 varnish
date
Sun, 07 Jan 2024 06:26:23 GMT
x-amz-request-id
F1ZD2VYC8QFH971Y
age
242302
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
gx4ng7+bTsAm4ODLdQe3sI+AzSKHBAMrUNH90IQJaZNVMTTJ9oG0UduFtSy3T3jsv9r7vhnmOPY=
x-served-by
cache-fra-etou8220108-FRA
last-modified
Thu, 04 Jan 2024 11:08:01 GMT
server
AmazonS3
x-timer
S1704608784.769444,VS0,VE0
etag
"68f394774f9800b001f1f78014cbbc4d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
26
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
77525
distance-from-article.20240104-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20240104-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e260c30045f1b05617f23476acdda8b93536de9e6446b757d7334250297c489

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
Qjywn6cL5rejK9hcls5CfyNwwPETx_4o
content-encoding
gzip
via
1.1 varnish
date
Sun, 07 Jan 2024 06:26:23 GMT
x-amz-request-id
A7D32QHR9ZV52T20
age
242270
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
2bB+XuiJm2PXVLITkoL2Y91LwGtlTENsoT/YOiRvkb1OkkGDql/3fRyTaYfvHLqbSaVl4ZJAUD0=
x-served-by
cache-fra-etou8220108-FRA
last-modified
Thu, 04 Jan 2024 11:08:34 GMT
server
AmazonS3
x-timer
S1704608784.769859,VS0,VE0
etag
"c5488a1b33b1d8b5475b133202fefc5b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
38
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
367201
article-detection.20240104-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20240104-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/postmedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65505f215e9d6c8317be522c00e041b7da5b7a22e8fb8a8d7485a76b691b16f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
rtc13dlxVVo9rGRt2uFsgEX7ziYl68I4
content-encoding
gzip
via
1.1 varnish
date
Sun, 07 Jan 2024 06:26:23 GMT
x-amz-request-id
NAVHYEWK7F97QFN8
age
242263
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
Q1TIy38Of8/Ub7Xy/mSpZbGkaz9ja6BvZnrLmWtJlt0wGjAyXfQ2Yxbt/ySYmJzeiHyyQAS9q9M=
x-served-by
cache-fra-etou8220108-FRA
last-modified
Thu, 04 Jan 2024 11:08:40 GMT
server
AmazonS3
x-timer
S1704608784.770311,VS0,VE0
etag
"d1831c6c3ea7334404ec31ce08af0eaa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
90
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
366967
abtests
am-trc-events.taboola.com/postmedia-winnipegsun/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/postmedia-winnipegsun/log/3/abtests?route=AM:AM:V&tvi48=11593&tvi50=12238&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1704608783786%7D&tim=07%3A26%3A23.786&id=7553&llvl=2&ri=d5efca3b3834d9bff8efa96032f2d789&sd=v2_19bb594092d7999cacf53ee58fb67ec0_846f3d71-dcdb-443c-aa57-faee8c51737e-tuctc93c98f_1704608783_1704608783_CIi3jgYQxIdjGOG355TOMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=846f3d71-dcdb-443c-aa57-faee8c51737e-tuctc93c98f&pi=/&wi=6264304718396964311&pt=home&vi=1704608783329&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://winnipegsun.com
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pubs-generic
trc.taboola.com/postmedia-winnipegsun/log/3/ 		0
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/postmedia-winnipegsun/log/3/pubs-generic?route=AM:AM:V&tvi48=11593&tvi50=12238&lti=deflated&ri=d5efca3b3834d9bff8efa96032f2d789&sd=v2_19bb594092d7999cacf53ee58fb67ec0_846f3d71-dcdb-443c-aa57-faee8c51737e-tuctc93c98f_1704608783_1704608783_CIi3jgYQxIdjGOG355TOMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=846f3d71-dcdb-443c-aa57-faee8c51737e-tuctc93c98f&pi=/&wi=6264304718396964311&pt=home&vi=1704608783329&d=%7B%22data%22%3A%22%5C%22true%5C%22%22%2C%22type%22%3A%22DEDUP_DEBUG%22%2C%22eventTime%22%3A1704608783758%7D&tim=07%3A26%3A23.759&id=380&llvl=2&cv=20240104-7-RELEASE&
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7395
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220108-FRA
pragma
no-cache
server
nginx
x-timer
S1704608784.787945,VS0,VE8
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
am-trc-events.taboola.com/postmedia-winnipegsun/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/postmedia-winnipegsun/log/2/debug?tim=07%3A26%3A23.759&type=warn&msg=Duplicated%20items%20monitoring%20enabled&llvl=2&id=6181&cv=20240104-7-RELEASE&lt=deflated&pcs=%5Bdata-feed-main-container-id%3D%22taboola-below-homepage-thumbnails%22%5D&vi=1704608783329
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12432
abtests
am-trc-events.taboola.com/postmedia-winnipegsun/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/postmedia-winnipegsun/log/3/abtests?route=AM:AM:V&tvi48=11593&tvi50=12238&lti=deflated&ri=d5efca3b3834d9bff8efa96032f2d789&sd=v2_19bb594092d7999cacf53ee58fb67ec0_846f3d71-dcdb-443c-aa57-faee8c51737e-tuctc93c98f_1704608783_1704608783_CIi3jgYQxIdjGOG355TOMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=846f3d71-dcdb-443c-aa57-faee8c51737e-tuctc93c98f&pi=/&wi=6264304718396964311&pt=home&vi=1704608783329&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1704608783765%7D&tim=07%3A26%3A23.765&id=7281&llvl=2&cv=20240104-7-RELEASE&
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/postmedia-winnipegsun/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/postmedia-winnipegsun/log/2/debug?tim=07%3A26%3A23.769&type=usage&msg=responsive-utils-event-1704608783769&llvl=2&id=96&cv=20240104-7-RELEASE&lt=deflated&file=responsive-utils&method=&position=&extraData=%7B%22isTriggeredByResize%22%3Afalse%2C%22mode%22%3A%22thumbs-feed-01-delta%22%2C%22publisher%22%3A%22postmedia-winnipegsun%22%2C%22eventName%22%3A%22event-pre_fixing_responsive_widget%22%2C%22id%22%3A%22%22%7D
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12432
debug
am-trc-events.taboola.com/postmedia-winnipegsun/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/postmedia-winnipegsun/log/2/debug?tim=07%3A26%3A23.773&type=usage&msg=responsive-utils-event-1704608783773&llvl=2&id=8031&cv=20240104-7-RELEASE&lt=deflated&file=responsive-utils&method=&position=&extraData=%7B%22isTriggeredByResize%22%3Afalse%2C%22mode%22%3A%22organic-thumbs-feed-01-c-delta%22%2C%22publisher%22%3A%22postmedia-winnipegsun%22%2C%22eventName%22%3A%22event-pre_fixing_responsive_widget%22%2C%22id%22%3A%22%22%7D
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12432
debug
am-trc-events.taboola.com/postmedia-winnipegsun/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/postmedia-winnipegsun/log/2/debug?tim=07%3A26%3A23.776&type=usage&msg=responsive-utils-event-1704608783776&llvl=2&id=8679&cv=20240104-7-RELEASE&lt=deflated&file=responsive-utils&method=&position=&extraData=%7B%22isTriggeredByResize%22%3Afalse%2C%22mode%22%3A%22thumbs-feed-01-delta%22%2C%22publisher%22%3A%22postmedia-winnipegsun%22%2C%22eventName%22%3A%22event-pre_fixing_responsive_widget%22%2C%22id%22%3A%22%22%7D
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12432
debug
am-trc-events.taboola.com/postmedia-winnipegsun/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/postmedia-winnipegsun/log/2/debug?tim=07%3A26%3A23.779&type=usage&msg=responsive-utils-event-1704608783779&llvl=2&id=4125&cv=20240104-7-RELEASE&lt=deflated&file=responsive-utils&method=&position=&extraData=%7B%22isTriggeredByResize%22%3Afalse%2C%22mode%22%3A%22thumbnails-b%22%2C%22publisher%22%3A%22postmedia-winnipegsun%22%2C%22eventName%22%3A%22event-pre_fixing_responsive_widget%22%2C%22id%22%3A%22%22%7D
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12432
debug
am-trc-events.taboola.com/postmedia-winnipegsun/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/postmedia-winnipegsun/log/2/debug?tim=07%3A26%3A23.785&type=usage&msg=responsive-utils-event-1704608783785&llvl=2&id=7525&cv=20240104-7-RELEASE&lt=deflated&file=responsive-utils&method=&position=&extraData=%7B%22isTriggeredByResize%22%3Afalse%2C%22mode%22%3A%22thumbs-feed-01-delta%22%2C%22publisher%22%3A%22postmedia-winnipegsun%22%2C%22eventName%22%3A%22event-pre_fixing_responsive_widget%22%2C%22id%22%3A%22%22%7D
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12432
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Sun, 07 Jan 2024 06:26:23 GMT
x-amz-request-id
Y1PG8J215N22T8P1
age
69
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by
cache-fra-etou8220108-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1704608784.789811,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
65
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
42
debug
am-trc-events.taboola.com/postmedia-winnipegsun/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/postmedia-winnipegsun/log/2/debug?tim=07%3A26%3A23.794&type=usage&msg=responsive-utils-event-1704608783794&llvl=2&id=4967&cv=20240104-7-RELEASE&lt=deflated&file=responsive-utils&method=&position=&extraData=%7B%22mode%22%3A%22thumbs-feed-01-delta%22%2C%22publisher%22%3A%22postmedia-winnipegsun%22%2C%22eventName%22%3A%22event-checking_overflowing_cards%22%2C%22id%22%3A%22%22%7D
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12415
debug
am-trc-events.taboola.com/postmedia-winnipegsun/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/postmedia-winnipegsun/log/2/debug?tim=07%3A26%3A23.794&type=usage&msg=responsive-utils-event-1704608783794&llvl=2&id=9441&cv=20240104-7-RELEASE&lt=deflated&file=responsive-utils&method=&position=&extraData=%7B%22mode%22%3A%22organic-thumbs-feed-01-c-delta%22%2C%22publisher%22%3A%22postmedia-winnipegsun%22%2C%22eventName%22%3A%22event-checking_responsive_widget%22%2C%22id%22%3A%22%22%7D
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12415
debug
am-trc-events.taboola.com/postmedia-winnipegsun/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/postmedia-winnipegsun/log/2/debug?tim=07%3A26%3A23.795&type=usage&msg=responsive-utils-event-1704608783795&llvl=2&id=2516&cv=20240104-7-RELEASE&lt=deflated&file=responsive-utils&method=&position=&extraData=%7B%22mode%22%3A%22thumbnails-b%22%2C%22publisher%22%3A%22postmedia-winnipegsun%22%2C%22eventName%22%3A%22event-checking_responsive_widget%22%2C%22id%22%3A%22%22%7D
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12415
debug
am-trc-events.taboola.com/postmedia-winnipegsun/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/postmedia-winnipegsun/log/2/debug?tim=07%3A26%3A23.795&type=usage&msg=responsive-utils-event-1704608783795&llvl=2&id=6522&cv=20240104-7-RELEASE&lt=deflated&file=responsive-utils&method=&position=&extraData=%7B%22hasCta%22%3Afalse%2C%22isBroken%22%3Afalse%2C%22mode%22%3A%22thumbnails-b%22%2C%22publisher%22%3A%22postmedia-winnipegsun%22%2C%22eventName%22%3A%22event-placement_rendered_ok%22%2C%22id%22%3A%22%22%7D
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12415
a61c0f8822a91ade98c2da0755649e2d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a61c0f8822a91ade98c2da0755649e2d.png
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
47836c412b04d4589b999ea5612b6be26558eebf5559c8366c50e377c49b9987

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a61c0f8822a91ade98c2da0755649e2d.png
age
2074242
edge-cache-tag
419041160562095497600555399528646970256,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
419041160562095497600555399528646970256,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
181
req-referer
https://www.t-online.de/
content-length
80680
x-request-id
b2c05d519b4b449cd4b0717e06eb77dd
x-served-by
cache-iad-kcgs7200090-IAD, cache-iad-kcgs7200105-IAD, cache-ewr18166-EWR, cache-iad-kjyo7100154-IAD, cache-fra-etou8220108-FRA
last-modified
Thu, 14 Dec 2023 06:09:50 GMT
server
nginx
surrogate-reporting
width=1200,height=600,bytes=153893,owidth=1200,oheight=800,obytes=1940560,ef=(1,13,17,23,30)
x-timer
S1704608784.801853,VS0,VE1
etag
"5049a9b949ed57e429da8d82adb9cc23"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 27, 1
0803-kw-a2-ev-chargi-td.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/07/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/07/0803-kw-a2-ev-chargi-td.jpg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
48a4768f3ed8d46a3a1ffa18b3ba862fc57b102b2e11f3ed1894db58702c6084

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/07/0803-kw-a2-ev-chargi-td.jpg
age
150150
edge-cache-tag
311117128348703897326702456985554581959,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
311117128348703897326702456985554581959,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
546
req-referer
https://winnipegsun.com/
content-length
13682
x-request-id
bdb11cccdd0218aa39f85f9074281116
x-served-by
cache-iad-kiad7000165-IAD, cache-iad-kiad7000107-IAD, cache-lga21982-LGA, cache-iad-kjyo7100077-IAD, cache-fra-etou8220108-FRA
last-modified
Fri, 05 Jan 2024 12:14:45 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=17722,owidth=1000,oheight=750,obytes=88272,ef=(1,13,17,23,30)
x-timer
S1704608784.801854,VS0,VE1
etag
"b6379fb8582b2416e579ed31b945c805"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 62, 1
ws20231215cp01-wp.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/12/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/12/ws20231215cp01-wp.jpg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
83da54309f98d3c5f1d808775bcc76894b369896eb611f015bb9295caa3f11b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/12/ws20231215cp01-wp.jpg
age
239508
edge-cache-tag
361890908823114611263156533139508651385,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
361890908823114611263156533139508651385,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
402
req-referer
https://winnipegsun.com/
content-length
10674
x-request-id
0c1f32c04597f7746dbb7df8e21c97d2
x-served-by
cache-iad-kiad7000072-IAD, cache-iad-kjyo7100154-IAD, cache-lga21954-LGA, cache-iad-kjyo7100103-IAD, cache-fra-etou8220108-FRA
last-modified
Thu, 04 Jan 2024 11:43:27 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=14897,owidth=1000,oheight=750,obytes=101165,ef=(1,13,17,23,30)
x-timer
S1704608784.801708,VS0,VE1
etag
"f2f25c92ffb4b967664fe1b1cbb8dadd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 79, 1
9bdd1e6ffc7e7781f63a24272458fba4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9bdd1e6ffc7e7781f63a24272458fba4.jpg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f1bae7aed8994abd3673afcabec628b719e13a663ae74c3983bcb9871278f7b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9bdd1e6ffc7e7781f63a24272458fba4.jpg
age
2484763
edge-cache-tag
630770987720074874774246095262411355979,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
630770987720074874774246095262411355979,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
252
req-referer
https://www.all-in.de/
content-length
58192
x-request-id
9f5db1e39676edba18b478e292803f19
x-served-by
cache-iad-kiad7000031-IAD, cache-iad-kjyo7100086-IAD, cache-lga21931-LGA, cache-iad-kjyo7100041-IAD, cache-fra-etou8220108-FRA
last-modified
Sat, 09 Dec 2023 12:13:40 GMT
server
nginx
surrogate-reporting
width=1000,height=500,bytes=102478,owidth=1000,oheight=560,obytes=654097
x-timer
S1704608784.802740,VS0,VE1
etag
"ce2e51f827a9c69b429e35b7c8f6649d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 1
9b016b37b373d2c5ace656007286d808.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9b016b37b373d2c5ace656007286d808.png
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8385b7b115dd9fbde5c38f1360f89433d58c7c8f77cdc04f47ef1aa06f23ae12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9b016b37b373d2c5ace656007286d808.png
age
2134908
edge-cache-tag
617432193339658094146871219776323875287,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
617432193339658094146871219776323875287,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
98
req-referer
https://alltagtipps.de/
content-length
8326
x-request-id
64f7760e669d8f5c1123ee4881ea30d3
x-served-by
cache-iad-kiad7000040-IAD, cache-iad-kjyo7100149-IAD, cache-lga21950-LGA, cache-iad-kjyo7100132-IAD, cache-fra-etou8220108-FRA
last-modified
Wed, 22 Nov 2023 16:39:20 GMT
server
nginx
surrogate-reporting
width=600,height=333,bytes=15240,owidth=600,oheight=400,obytes=340603
x-timer
S1704608784.810503,VS0,VE0
etag
"659213001d79f4176c4ab68a2461d8a9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 5
fe24e8629e290ce9b3d6ac72a28e8f6b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe24e8629e290ce9b3d6ac72a28e8f6b.png
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
67bde924c2ba91c9abf3ac879b16c36e199b36c6ebaab53ab93939adbb116944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe24e8629e290ce9b3d6ac72a28e8f6b.png
age
2051560
edge-cache-tag
435776900227622974766778611345994819325,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
435776900227622974766778611345994819325,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1137
req-referer
https://ads.taboola.com/
content-length
11196
x-request-id
57f55c6b7bf74f489c6635da94384e46
x-served-by
cache-iad-kiad7000139-IAD, cache-iad-kiad7000125-IAD, cache-lax-kwhp1940081-LAX, cache-iad-kjyo7100112-IAD, cache-fra-etou8220108-FRA
last-modified
Thu, 30 Nov 2023 17:16:00 GMT
server
nginx
surrogate-reporting
width=724,height=402,bytes=49651,owidth=724,oheight=423,obytes=436614
x-timer
S1704608784.813672,VS0,VE0
etag
"bcb71bbcd2eef15a397ee48a6b1a90cb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 3
311b9779a1e29aab87f199b929ea8ca3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/311b9779a1e29aab87f199b929ea8ca3.jpg
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
08220341e23b4d8e971fbfb1c1088066557e5316733aa7ed6988097179e53aac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Jan 2024 06:26:23 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/311b9779a1e29aab87f199b929ea8ca3.jpg
age
1436905
edge-cache-tag
562234935572477284303829250283617372234,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
562234935572477284303829250283617372234,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
269
req-referer
https://www.t-online.de/
content-length
36962
x-request-id
a696f9ed14ae663ae917787865306458
x-served-by
cache-iad-kcgs7200076-IAD, cache-iad-kjyo7100173-IAD, cache-lga21958-LGA, cache-iad-kjyo7100142-IAD, cache-fra-etou8220108-FRA
last-modified
Thu, 21 Dec 2023 11:39:29 GMT
server
nginx
surrogate-reporting
width=1350,height=675,bytes=105534,owidth=1350,oheight=900,obytes=199819,ef=(1,13,17,23,30)
x-timer
S1704608784.813806,VS0,VE0
etag
"2058613678eb4501dabc720104f5d448"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 2
supply-feature
am-trc-events.taboola.com/postmedia-winnipegsun/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/postmedia-winnipegsun/log/3/supply-feature?route=AM:AM:V&tvi48=11593&tvi50=12238&lti=deflated&ri=d5efca3b3834d9bff8efa96032f2d789&sd=v2_19bb594092d7999cacf53ee58fb67ec0_846f3d71-dcdb-443c-aa57-faee8c51737e-tuctc93c98f_1704608783_1704608783_CIi3jgYQxIdjGOG355TOMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=846f3d71-dcdb-443c-aa57-faee8c51737e-tuctc93c98f&pi=/&wi=6264304718396964311&pt=home&vi=1704608783329&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2235%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=07%3A26%3A23.815&id=3867&llvl=2&cv=20240104-7-RELEASE&
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ping.gif
placement-prd.jwpltx.com/v1/placement/ 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://placement-prd.jwpltx.com/v1/placement/ping.gif?h=120760337&e=pll&n=4426917840501128&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&plv=0.13.0&sa=1704608783152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:15:2b26:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
jEvYOAQ5JtRIqQxZ6-2hAfAyKBvVk-2CQ0eDP1DnVOsrXWhGidGT2A==
x-cache
Miss from cloudfront
ca852450ddef2c05d8cb.js
fem.gprod.postmedia.digital/v93.0/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/chunks/ca852450ddef2c05d8cb.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b1631a16b9a272828ad99cdb2ff9beb5ca3f1bcfe33741fc51fb9fb1e764e227

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:00:45 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1702321262
age
1592738
x-guploader-uploadid
ABPtcPq-042AN-UsRAkBmejoHDJkptEFdDpXNBHNnoW4wnP7GwNPcnolJ4HJ5ikmAt5gtT88aMnp66O78Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1109
last-modified
Mon, 11 Dec 2023 19:02:01 GMT
server
UploadServer
etag
W/"b8c89500a3911a44ff74904e79f8d535"
vary
Accept-Encoding
x-goog-generation
1702321321293267
x-goog-hash
crc32c=5hc1ug==, md5=uMiVAKORGkT/dJBOefjVNQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3199
accept-ranges
none
ads
securepubads.g.doubleclick.net/gampad/ 		509 KB
73 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2929501274548485&correlator=1894170884172264&eid=31080299%2C31080302%2C95320409&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&iu_parts=3081%2CSMCO_ENUR_WSUN_EN_WEB%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x90%7C970x90%7C728x90%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&fluid=0%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704608783900&lmt=1704608701&adxs=200%2C797%2C768%2C797%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200&adys=154%2C1600%2C2150%2C2952%2C3834%2C4634%2C5595%2C5360%2C5910%2C5701%2C6225%2C6042%2C6639%2C6383%2C6907%2C6724&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwinnipegsun.com%2F&vis=1&psz=1600x90%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x-1%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600&ga_vid=1979784327.1704608784&ga_sid=1704608784&ga_hid=1646486093&ga_fc=false&a3p=EhsKDDMzYWNyb3NzLmNvbRiguueUzjFIAFICCG8SOwoKcHViY2lkLm9yZxIkN2ViNzU3ZTctMmQ0Mi00ZDM0LTg2YzktMWZkN2M5NmYwMTY2GOm455TOMUgA&dlt=1704608782952&idt=238&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dadb354a2-ad25-11ee-b4f1-0aa85974baeb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%26hb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.02%26hb_adid%3D267694a6b7e62566%26hb_bidder%3Drubicon%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dadb354a3-ad25-11ee-b4f1-0aa85974baeb%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cslot%3Dinfeed%26loc%3D2%26amznbid%3D2%26amznp%3D2%26id%3Dadb354a4-ad25-11ee-b4f1-0aa85974baeb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dadb354a5-ad25-11ee-b4f1-0aa85974baeb%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%7Cslot%3Dinfeed%26loc%3D3%26amznbid%3D2%26amznp%3D2%26id%3Dadb354a6-ad25-11ee-b4f1-0aa85974baeb%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dadb354a7-ad25-11ee-b4f1-0aa85974baeb%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cslot%3Dinfeed%26loc%3D4%26amznbid%3D2%26amznp%3D2%26id%3Dadb354a8-ad25-11ee-b4f1-0aa85974baeb%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.02%26hb_adid%3D268376edb48e96ab%26hb_bidder%3Drubicon%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dadb354a9-ad25-11ee-b4f1-0aa85974baeb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cslot%3Dinfeed%26loc%3D5%26amznbid%3D2%26amznp%3D2%26id%3Dadb354aa-ad25-11ee-b4f1-0aa85974baeb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dadb354ab-ad25-11ee-b4f1-0aa85974baeb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cslot%3Dinfeed%26loc%3D6%26amznbid%3D2%26amznp%3D2%26id%3Dadb354ac-ad25-11ee-b4f1-0aa85974baeb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dadb37bbd-ad25-11ee-b4f1-0aa85974baeb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cslot%3Dinfeed%26loc%3D7%26amznbid%3D2%26amznp%3D2%26id%3Dadb37bbe-ad25-11ee-b4f1-0aa85974baeb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dadb37bbf-ad25-11ee-b4f1-0aa85974baeb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cslot%3Dinfeed%26loc%3D8%26amznbid%3D2%26amznp%3D2%26id%3Dadb37bc0-ad25-11ee-b4f1-0aa85974baeb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dadb37bc1-ad25-11ee-b4f1-0aa85974baeb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40&cust_params=permutive%3D96400%252Crts%26prmtvvid%3D45d3747e-00d1-44a0-b2d0-5f64d662168a%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26no_pol%3Dtrue%26page%3Dindex%26pr%3Dwsun%26sensitive%3Dn%26negative%3Dn%26et%3Dsm%26ck%3Dindex%26imp%3Dindex%26fr%3Dtrue%26adt%3Dmedium%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D%26prmtvsdk%3Dweb&adks=1150761611%2C1709555420%2C3564692604%2C385013267%2C3564692603%2C36349611%2C3564692602%2C36349610%2C3564692601%2C36349613%2C3564692600%2C36349612%2C3564692551%2C36349615%2C3564692550%2C36349614&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
598b56e3c30a1aa614c82197105f3eea6128e900fac62f3fdd5390e06033912b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74228
x-xss-protection
0
google-lineitem-id
6404573011,-1,-2,-1,-2,-1,-2,6320689129,-2,6320689129,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138455016757,-1,-2,-1,-2,-1,-2,138435367038,-2,138435367041,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://winnipegsun.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
802be92df7b2e3bde3f91d6dd67398cf250b1b5a73b592b8232b4f53fd7d62ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12174
x-xss-protection
0
container.html
4572733f42e83b7bee2dd86ba051458d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 04E6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4572733f42e83b7bee2dd86ba051458d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 06:26:23 GMT
expires
Mon, 06 Jan 2025 06:26:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://winnipegsun.com
Connection
keep-alive
Date
Sun, 07 Jan 2024 06:26:23 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

Date
Sun, 07 Jan 2024 06:26:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://winnipegsun.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 07 Jan 2024 06:26:24 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
d5e0ebd25ef5b81f754f8cf66f1b12bdcb56bf14c71a0016074972caf80e185e

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
signinprompt
edge-auth.microsoft.com/v0.5/ Frame 5467 		472 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=ce754272-8433-4822-bceb-556a4f63775d&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/js/ms_auth_client.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
7cdb4ffce5d27b8a93b13f4892b44e3f7852f2492f98ef8f552695df5a83647c
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-FiuqDT91U5b4nJ7T7V/DYIiCAknJ7RkFhulX1SY6kpNEYVjEJVOZGfT/SFVjgssd/kElaVdDfMVV+C96IxffHH4EzoUYh32XoVZPh6ktC0/d5pcZ4Y+FxYrpZmV8nJ1zyv1T8tiy8Pp5T5MJc6/ETbAYps1zqR2IKwr0SOCl4Lc=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
script-src 'strict-dynamic' 'nonce-FiuqDT91U5b4nJ7T7V/DYIiCAknJ7RkFhulX1SY6kpNEYVjEJVOZGfT/SFVjgssd/kElaVdDfMVV+C96IxffHH4EzoUYh32XoVZPh6ktC0/d5pcZ4Y+FxYrpZmV8nJ1zyv1T8tiy8Pp5T5MJc6/ETbAYps1zqR2IKwr0SOCl4Lc=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
content-type
text/html; charset=utf-8
date
Sun, 07 Jan 2024 06:26:23 GMT
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 0F01A7FAF24E485084F17B7DB4745165 Ref B: AMS231032601029 Ref C: 2024-01-07T06:26:24Z
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=RpxZ9l1H1l
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53074eb539662d6dd23262b633cb65fbaaacfe73306052110039e1ff3f6b5b57
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
date
Sun, 07 Jan 2024 06:26:24 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 07 Jan 2024 05:55:51 GMT
server
cloudflare
age
1833
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
841a21049d419bb0-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
0vjuaa8mzv
expires
Sun, 07 Jan 2024 06:56:24 GMT
vf-v2.js
cdn.viafoura.net/ 		860 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:5000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2196688d207f9a82188db611ae912978d9c8216c2b4315784871bce6d42846d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
YlbS_G4WAW7t_ds3W.YeUbIaDvXXT1Jm
content-encoding
br
via
1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
date
Sun, 07 Jan 2024 06:21:50 GMT
x-amz-cf-pop
PRG50-C1
age
285
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:26 GMT
server
AmazonS3
etag
W/"70684489be37a1b0f601e0e4dcb4baad"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
GzQoxy8thZTgyq_hy1G_TirSqV0kiZj-uT86wVojWeMgTicO5weNCg==
st
imprammp.taboola.com/ Frame BD34 		577 B
506 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CtACLAZE5U--xUeSzRGIyp98i48kmysAAABgYID-AIkZVsaVa7VyqxaLyVq0Gi3WCtNu4dY4ZpOZzebZWIa7ISAxw8q4cq1WbtViMVmLVqPFWmHaLdwax2wys9k8G8twNwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve5ptzsNL5_ndbdr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxUFhPka_3WVzmU3-AAAAAAACAAAAgARAwgFBCQCZrogT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQudmLK9RFS3IiBbtFGAEAAACA-ldYPjJJJ6hYVPn__--3AnAFACCAUTyTGyWL7qDEWxgAAAAAMUYhIW4cSpfAYxboYfH7zQ67xu92mf________9_M_9n_tEIRY1epwm6mplR8wsIALDmFxAAgM24AQB4IwAn5GCg6XT4XPd63dNudxpePs_rbtf43X7RIWjFYLA6ATE7AAAAAHf-____8RiFhLhxKF0C6wGJ5cTiWo4Gy8nIt1wuNw6PzbVZuVzDmcW2W3kM28M4KPjWQKgY2EdEWGa_7yDku12Gh89lEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEZDBAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIBkezmWfkW6xFHpPFLRptNm6Fw7Vbyxwul3HjWuw2u5Vb9PqYPs7NxjmceZFggMpeJE-LdCJyrWweh2fiGW5GI-fEZjOubA7nbLCZzCwj33A5EUs0J4t0IrvsG8uJxbUcDZaTkW-5XG4cHptrs3K5hjOLbbfyGPbF0WzmGfkWa5HHZHGLRpuNW-Fw7dYyh8tl3LgWu81u5Ra9PqaPc7NxDmf-xm4wmg2Gu-Fm39gNRrPBcDfc7DtMpmfqczaKT5LVx-dxVqtRn81pULgMFu9PYlpMu7ODb3NRPnVOY7KoM_r9fr_f7_f7_X6_Qes5mA0K3-wctSmzt7S0ml4YxAaDIpYILtKJ4O85vV0mp8Ote9rtTsPL53ndLWKJ0nSRTvRFv9tlePhc_opYIjhdpBOh3-2yqP-oAQdzyWo1VwzmksFmlQAAAAAAAAAALME0000AAAAAnAxquZhNBut0MJvBYDZZLRcAxjCxLmAQAAAAAACAXVbvR_Og2r3XxRp7rAL-ntPbZXI63Lqn3e40vHye193KADA6d5ht9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8oarvQAzeKnV9BTCab4f4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAvzg!&cmcv=&pix=undefined&cb=1704608784081&uv=3372&tms=1704608784081&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vC!ufwfrtb_vA!unf_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=f0e8e55e-5112-4541-a47a-c162fff3c287&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
117a77eaff0bf7c2b6dfe9bc495853cd3d58966589fcd937f9cf81fababa9206

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sun, 07 Jan 2024 06:26:24 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220108-FRA
x-timer
S1704608784.081870,VS0,VE9
sync
am-match.taboola.com/ Frame FBF3 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8CtACLAZE5U--xUeSzRGIyp98i48kmysAAABgYID-AIkZVsaVa7VyqxaLyVq0Gi3WCtNu4dY4ZpOZzebZWIa7ISAxw8q4cq1WbtViMVmLVqPFWmHaLdwax2wys9k8G8twNwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve5ptzsNL5_ndbdr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxUFhPka_3WVzmU3-AAAAAAACAAAAgARAwgFBCQCZrogT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQudmLK9RFS3IiBbtFGAEAAACA-ldYPjJJJ6hYVPn__--3AnAFACCAUTyTGyWL7qDEWxgAAAAAMUYhIW4cSpfAYxboYfH7zQ67xu92mf________9_M_9n_tEIRY1epwm6mplR8wsIALDmFxAAgM24AQB4IwAn5GCg6XT4XPd63dNudxpePs_rbtf43X7RIWjFYLA6ATE7AAAAAHf-____8RiFhLhxKF0C6wGJ5cTiWo4Gy8nIt1wuNw6PzbVZuVzDmcW2W3kM28M4KPjWQKgY2EdEWGa_7yDku12Gh89lEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEZDBAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIBkezmWfkW6xFHpPFLRptNm6Fw7Vbyxwul3HjWuw2u5Vb9PqYPs7NxjmceZFggMpeJE-LdCJyrWweh2fiGW5GI-fEZjOubA7nbLCZzCwj33A5EUs0J4t0IrvsG8uJxbUcDZaTkW-5XG4cHptrs3K5hjOLbbfyGPbF0WzmGfkWa5HHZHGLRpuNW-Fw7dYyh8tl3LgWu81u5Ra9PqaPc7NxDmf-xm4wmg2Gu-Fm39gNRrPBcDfc7DtMpmfqczaKT5LVx-dxVqtRn81pULgMFu9PYlpMu7ODb3NRPnVOY7KoM_r9fr_f7_f7_X6_Qes5mA0K3-wctSmzt7S0ml4YxAaDIpYILtKJ4O85vV0mp8Ote9rtTsPL53ndLWKJ0nSRTvRFv9tlePhc_opYIjhdpBOh3-2yqP-oAQdzyWo1VwzmksFmlQAAAAAAAAAALME0000AAAAAnAxquZhNBut0MJvBYDZZLRcAxjCxLmAQAAAAAACAXVbvR_Og2r3XxRp7rAL-ntPbZXI63Lqn3e40vHye193KADA6d5ht9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8oarvQAzeKnV9BTCab4f4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAvzg!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
117a77eaff0bf7c2b6dfe9bc495853cd3d58966589fcd937f9cf81fababa9206

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 07 Jan 2024 06:26:24 GMT
machineid
3401
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CtACLAZE5U--xUeSzRGIyp98i48kmysAAABgYID-AIkZVsaVa7VyqxaLyVq0Gi3WCtNu4dY4ZpOZzebZWIa7ISAxw8q4cq1WbtViMVmLVqPFWmHaLdwax2wys9k8G8twNwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve5ptzsNL5_ndbdr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxUFhPka_3WVzmU3-AAAAAAACAAAAgARAwgFBCQCZrogT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQudmLK9RFS3IiBbtFGAEAAACA-ldYPjJJJ6hYVPn__--3AnAFACCAUTyTGyWL7qDEWxgAAAAAMUYhIW4cSpfAYxboYfH7zQ67xu92mf________9_M_9n_tEIRY1epwm6mplR8wsIALDmFxAAgM24AQB4IwAn5GCg6XT4XPd63dNudxpePs_rbtf43X7RIWjFYLA6ATE7AAAAAHf-____8RiFhLhxKF0C6wGJ5cTiWo4Gy8nIt1wuNw6PzbVZuVzDmcW2W3kM28M4KPjWQKgY2EdEWGa_7yDku12Gh89lEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEZDBAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIBkezmWfkW6xFHpPFLRptNm6Fw7Vbyxwul3HjWuw2u5Vb9PqYPs7NxjmceZFggMpeJE-LdCJyrWweh2fiGW5GI-fEZjOubA7nbLCZzCwj33A5EUs0J4t0IrvsG8uJxbUcDZaTkW-5XG4cHptrs3K5hjOLbbfyGPbF0WzmGfkWa5HHZHGLRpuNW-Fw7dYyh8tl3LgWu81u5Ra9PqaPc7NxDmf-xm4wmg2Gu-Fm39gNRrPBcDfc7DtMpmfqczaKT5LVx-dxVqtRn81pULgMFu9PYlpMu7ODb3NRPnVOY7KoM_r9fr_f7_f7_X6_Qes5mA0K3-wctSmzt7S0ml4YxAaDIpYILtKJ4O85vV0mp8Ote9rtTsPL53ndLWKJ0nSRTvRFv9tlePhc_opYIjhdpBOh3-2yqP-oAQdzyWo1VwzmksFmlQAAAAAAAAAALME0000AAAAAnAxquZhNBut0MJvBYDZZLRcAxjCxLmAQAAAAAACAXVbvR_Og2r3XxRp7rAL-ntPbZXI63Lqn3e40vHye193KADA6d5ht9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8oarvQAzeKnV9BTCab4f4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAvzg!&cmcv=&pix=31589837&cb=1704608784081&uv=3372&tms=1704608784081&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vC!ufwfrtb_vA!unf_vA&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1704608782803.2!ts:1704608784081&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-length
0
server
nginx
gtm.js
www.googletagmanager.com/ 		451 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3932db1047516ed9ebf3bf5e95e30cc1e9429bace40c39386908d2639985a1af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128229
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 06:26:24 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 02:10:02 GMT
content-encoding
gzip
via
1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
15385
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
fGkmwFqtKtHrD61TK9urQ4Sj-UkBqF90uM1EmO3KQ7ZN97-ICjFBCg==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 		325 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6841d7c15644d3ea1f34a63596f54c7eed39540848bdca3e106ee3ba518f6382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-fra-eddf8230115-FRA
date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
168
x-timer
S1704608784.126038,VS0,VE0
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
HIT, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
116158
x-cache-hits
14, 2
gtm.js
www.googletagmanager.com/ 		155 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17ed6e35b987f1cb2d4eca7413e1911f740b4e28bd2ca7fd594c73ea5163f01f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50884
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 06:26:24 GMT
generic
match.adsrvr.org/track/cmf/ Frame FBF3 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8CtACLAZE5U--xUeSzRGIyp98i48kmysAAABgYID-AIkZVsaVa7VyqxaLyVq0Gi3WCtNu4dY4ZpOZzebZWIa7ISAxw8q4cq1WbtViMVmLVqPFWmHaLdwax2wys9k8G8twNwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve5ptzsNL5_ndbdr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxUFhPka_3WVzmU3-AAAAAAACAAAAgARAwgFBCQCZrogT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQudmLK9RFS3IiBbtFGAEAAACA-ldYPjJJJ6hYVPn__--3AnAFACCAUTyTGyWL7qDEWxgAAAAAMUYhIW4cSpfAYxboYfH7zQ67xu92mf________9_M_9n_tEIRY1epwm6mplR8wsIALDmFxAAgM24AQB4IwAn5GCg6XT4XPd63dNudxpePs_rbtf43X7RIWjFYLA6ATE7AAAAAHf-____8RiFhLhxKF0C6wGJ5cTiWo4Gy8nIt1wuNw6PzbVZuVzDmcW2W3kM28M4KPjWQKgY2EdEWGa_7yDku12Gh89lEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEZDBAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIBkezmWfkW6xFHpPFLRptNm6Fw7Vbyxwul3HjWuw2u5Vb9PqYPs7NxjmceZFggMpeJE-LdCJyrWweh2fiGW5GI-fEZjOubA7nbLCZzCwj33A5EUs0J4t0IrvsG8uJxbUcDZaTkW-5XG4cHptrs3K5hjOLbbfyGPbF0WzmGfkWa5HHZHGLRpuNW-Fw7dYyh8tl3LgWu81u5Ra9PqaPc7NxDmf-xm4wmg2Gu-Fm39gNRrPBcDfc7DtMpmfqczaKT5LVx-dxVqtRn81pULgMFu9PYlpMu7ODb3NRPnVOY7KoM_r9fr_f7_f7_X6_Qes5mA0K3-wctSmzt7S0ml4YxAaDIpYILtKJ4O85vV0mp8Ote9rtTsPL53ndLWKJ0nSRTvRFv9tlePhc_opYIjhdpBOh3-2yqP-oAQdzyWo1VwzmksFmlQAAAAAAAAAALME0000AAAAAnAxquZhNBut0MJvBYDZZLRcAxjCxLmAQAAAAAACAXVbvR_Og2r3XxRp7rAL-ntPbZXI63Lqn3e40vHye193KADA6d5ht9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8oarvQAzeKnV9BTCab4f4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAvzg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
server
Kestrel
content-length
70
content-type
image/gif
846f3d71-dcdb-443c-aa57-faee8c51737e-tuctc93c98f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame FBF3 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/846f3d71-dcdb-443c-aa57-faee8c51737e-tuctc93c98f?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8CtACLAZE5U--xUeSzRGIyp98i48kmysAAABgYID-AIkZVsaVa7VyqxaLyVq0Gi3WCtNu4dY4ZpOZzebZWIa7ISAxw8q4cq1WbtViMVmLVqPFWmHaLdwax2wys9k8G8twNwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve5ptzsNL5_ndbdr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxUFhPka_3WVzmU3-AAAAAAACAAAAgARAwgFBCQCZrogT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQudmLK9RFS3IiBbtFGAEAAACA-ldYPjJJJ6hYVPn__--3AnAFACCAUTyTGyWL7qDEWxgAAAAAMUYhIW4cSpfAYxboYfH7zQ67xu92mf________9_M_9n_tEIRY1epwm6mplR8wsIALDmFxAAgM24AQB4IwAn5GCg6XT4XPd63dNudxpePs_rbtf43X7RIWjFYLA6ATE7AAAAAHf-____8RiFhLhxKF0C6wGJ5cTiWo4Gy8nIt1wuNw6PzbVZuVzDmcW2W3kM28M4KPjWQKgY2EdEWGa_7yDku12Gh89lEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEZDBAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIBkezmWfkW6xFHpPFLRptNm6Fw7Vbyxwul3HjWuw2u5Vb9PqYPs7NxjmceZFggMpeJE-LdCJyrWweh2fiGW5GI-fEZjOubA7nbLCZzCwj33A5EUs0J4t0IrvsG8uJxbUcDZaTkW-5XG4cHptrs3K5hjOLbbfyGPbF0WzmGfkWa5HHZHGLRpuNW-Fw7dYyh8tl3LgWu81u5Ra9PqaPc7NxDmf-xm4wmg2Gu-Fm39gNRrPBcDfc7DtMpmfqczaKT5LVx-dxVqtRn81pULgMFu9PYlpMu7ODb3NRPnVOY7KoM_r9fr_f7_f7_X6_Qes5mA0K3-wctSmzt7S0ml4YxAaDIpYILtKJ4O85vV0mp8Ote9rtTsPL53ndLWKJ0nSRTvRFv9tlePhc_opYIjhdpBOh3-2yqP-oAQdzyWo1VwzmksFmlQAAAAAAAAAALME0000AAAAAnAxquZhNBut0MJvBYDZZLRcAxjCxLmAQAAAAAACAXVbvR_Og2r3XxRp7rAL-ntPbZXI63Lqn3e40vHye193KADA6d5ht9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8oarvQAzeKnV9BTCab4f4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAvzg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c0d2:1e6b:33e4:3d3e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.html
eus.rubiconproject.com/ Frame 19CF 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8CtACLAZE5U--xUeSzRGIyp98i48kmysAAABgYID-AIkZVsaVa7VyqxaLyVq0Gi3WCtNu4dY4ZpOZzebZWIa7ISAxw8q4cq1WbtViMVmLVqPFWmHaLdwax2wys9k8G8twNwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve5ptzsNL5_ndbdr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxUFhPka_3WVzmU3-AAAAAAACAAAAgARAwgFBCQCZrogT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQudmLK9RFS3IiBbtFGAEAAACA-ldYPjJJJ6hYVPn__--3AnAFACCAUTyTGyWL7qDEWxgAAAAAMUYhIW4cSpfAYxboYfH7zQ67xu92mf________9_M_9n_tEIRY1epwm6mplR8wsIALDmFxAAgM24AQB4IwAn5GCg6XT4XPd63dNudxpePs_rbtf43X7RIWjFYLA6ATE7AAAAAHf-____8RiFhLhxKF0C6wGJ5cTiWo4Gy8nIt1wuNw6PzbVZuVzDmcW2W3kM28M4KPjWQKgY2EdEWGa_7yDku12Gh89lEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEZDBAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIBkezmWfkW6xFHpPFLRptNm6Fw7Vbyxwul3HjWuw2u5Vb9PqYPs7NxjmceZFggMpeJE-LdCJyrWweh2fiGW5GI-fEZjOubA7nbLCZzCwj33A5EUs0J4t0IrvsG8uJxbUcDZaTkW-5XG4cHptrs3K5hjOLbbfyGPbF0WzmGfkWa5HHZHGLRpuNW-Fw7dYyh8tl3LgWu81u5Ra9PqaPc7NxDmf-xm4wmg2Gu-Fm39gNRrPBcDfc7DtMpmfqczaKT5LVx-dxVqtRn81pULgMFu9PYlpMu7ODb3NRPnVOY7KoM_r9fr_f7_f7_X6_Qes5mA0K3-wctSmzt7S0ml4YxAaDIpYILtKJ4O85vV0mp8Ote9rtTsPL53ndLWKJ0nSRTvRFv9tlePhc_opYIjhdpBOh3-2yqP-oAQdzyWo1VwzmksFmlQAAAAAAAAAALME0000AAAAAnAxquZhNBut0MJvBYDZZLRcAxjCxLmAQAAAAAACAXVbvR_Og2r3XxRp7rAL-ntPbZXI63Lqn3e40vHye193KADA6d5ht9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8oarvQAzeKnV9BTCab4f4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAvzg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Jan 2024 06:26:24 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame BD34 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CtACLAZE5U--xUeSzRGIyp98i48kmysAAABgYID-AIkZVsaVa7VyqxaLyVq0Gi3WCtNu4dY4ZpOZzebZWIa7ISAxw8q4cq1WbtViMVmLVqPFWmHaLdwax2wys9k8G8twNwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve5ptzsNL5_ndbdr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxUFhPka_3WVzmU3-AAAAAAACAAAAgARAwgFBCQCZrogT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQudmLK9RFS3IiBbtFGAEAAACA-ldYPjJJJ6hYVPn__--3AnAFACCAUTyTGyWL7qDEWxgAAAAAMUYhIW4cSpfAYxboYfH7zQ67xu92mf________9_M_9n_tEIRY1epwm6mplR8wsIALDmFxAAgM24AQB4IwAn5GCg6XT4XPd63dNudxpePs_rbtf43X7RIWjFYLA6ATE7AAAAAHf-____8RiFhLhxKF0C6wGJ5cTiWo4Gy8nIt1wuNw6PzbVZuVzDmcW2W3kM28M4KPjWQKgY2EdEWGa_7yDku12Gh89lEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEZDBAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIBkezmWfkW6xFHpPFLRptNm6Fw7Vbyxwul3HjWuw2u5Vb9PqYPs7NxjmceZFggMpeJE-LdCJyrWweh2fiGW5GI-fEZjOubA7nbLCZzCwj33A5EUs0J4t0IrvsG8uJxbUcDZaTkW-5XG4cHptrs3K5hjOLbbfyGPbF0WzmGfkWa5HHZHGLRpuNW-Fw7dYyh8tl3LgWu81u5Ra9PqaPc7NxDmf-xm4wmg2Gu-Fm39gNRrPBcDfc7DtMpmfqczaKT5LVx-dxVqtRn81pULgMFu9PYlpMu7ODb3NRPnVOY7KoM_r9fr_f7_f7_X6_Qes5mA0K3-wctSmzt7S0ml4YxAaDIpYILtKJ4O85vV0mp8Ote9rtTsPL53ndLWKJ0nSRTvRFv9tlePhc_opYIjhdpBOh3-2yqP-oAQdzyWo1VwzmksFmlQAAAAAAAAAALME0000AAAAAnAxquZhNBut0MJvBYDZZLRcAxjCxLmAQAAAAAACAXVbvR_Og2r3XxRp7rAL-ntPbZXI63Lqn3e40vHye193KADA6d5ht9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8oarvQAzeKnV9BTCab4f4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAvzg!&cmcv=&pix=undefined&cb=1704608784081&uv=3372&tms=1704608784081&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vC!ufwfrtb_vA!unf_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=f0e8e55e-5112-4541-a47a-c162fff3c287&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
server
Kestrel
content-length
70
content-type
image/gif
846f3d71-dcdb-443c-aa57-faee8c51737e-tuctc93c98f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame BD34 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/846f3d71-dcdb-443c-aa57-faee8c51737e-tuctc93c98f?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CtACLAZE5U--xUeSzRGIyp98i48kmysAAABgYID-AIkZVsaVa7VyqxaLyVq0Gi3WCtNu4dY4ZpOZzebZWIa7ISAxw8q4cq1WbtViMVmLVqPFWmHaLdwax2wys9k8G8twNwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve5ptzsNL5_ndbdr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxUFhPka_3WVzmU3-AAAAAAACAAAAgARAwgFBCQCZrogT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQudmLK9RFS3IiBbtFGAEAAACA-ldYPjJJJ6hYVPn__--3AnAFACCAUTyTGyWL7qDEWxgAAAAAMUYhIW4cSpfAYxboYfH7zQ67xu92mf________9_M_9n_tEIRY1epwm6mplR8wsIALDmFxAAgM24AQB4IwAn5GCg6XT4XPd63dNudxpePs_rbtf43X7RIWjFYLA6ATE7AAAAAHf-____8RiFhLhxKF0C6wGJ5cTiWo4Gy8nIt1wuNw6PzbVZuVzDmcW2W3kM28M4KPjWQKgY2EdEWGa_7yDku12Gh89lEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEZDBAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIBkezmWfkW6xFHpPFLRptNm6Fw7Vbyxwul3HjWuw2u5Vb9PqYPs7NxjmceZFggMpeJE-LdCJyrWweh2fiGW5GI-fEZjOubA7nbLCZzCwj33A5EUs0J4t0IrvsG8uJxbUcDZaTkW-5XG4cHptrs3K5hjOLbbfyGPbF0WzmGfkWa5HHZHGLRpuNW-Fw7dYyh8tl3LgWu81u5Ra9PqaPc7NxDmf-xm4wmg2Gu-Fm39gNRrPBcDfc7DtMpmfqczaKT5LVx-dxVqtRn81pULgMFu9PYlpMu7ODb3NRPnVOY7KoM_r9fr_f7_f7_X6_Qes5mA0K3-wctSmzt7S0ml4YxAaDIpYILtKJ4O85vV0mp8Ote9rtTsPL53ndLWKJ0nSRTvRFv9tlePhc_opYIjhdpBOh3-2yqP-oAQdzyWo1VwzmksFmlQAAAAAAAAAALME0000AAAAAnAxquZhNBut0MJvBYDZZLRcAxjCxLmAQAAAAAACAXVbvR_Og2r3XxRp7rAL-ntPbZXI63Lqn3e40vHye193KADA6d5ht9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8oarvQAzeKnV9BTCab4f4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAvzg!&cmcv=&pix=undefined&cb=1704608784081&uv=3372&tms=1704608784081&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vC!ufwfrtb_vA!unf_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=f0e8e55e-5112-4541-a47a-c162fff3c287&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c0d2:1e6b:33e4:3d3e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.html
eus.rubiconproject.com/ Frame 1A03 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8CtACLAZE5U--xUeSzRGIyp98i48kmysAAABgYID-AIkZVsaVa7VyqxaLyVq0Gi3WCtNu4dY4ZpOZzebZWIa7ISAxw8q4cq1WbtViMVmLVqPFWmHaLdwax2wys9k8G8twNwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve5ptzsNL5_ndbdr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxUFhPka_3WVzmU3-AAAAAAACAAAAgARAwgFBCQCZrogT__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQudmLK9RFS3IiBbtFGAEAAACA-ldYPjJJJ6hYVPn__--3AnAFACCAUTyTGyWL7qDEWxgAAAAAMUYhIW4cSpfAYxboYfH7zQ67xu92mf________9_M_9n_tEIRY1epwm6mplR8wsIALDmFxAAgM24AQB4IwAn5GCg6XT4XPd63dNudxpePs_rbtf43X7RIWjFYLA6ATE7AAAAAHf-____8RiFhLhxKF0C6wGJ5cTiWo4Gy8nIt1wuNw6PzbVZuVzDmcW2W3kM28M4KPjWQKgY2EdEWGa_7yDku12Gh89lEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEZDBAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIBkezmWfkW6xFHpPFLRptNm6Fw7Vbyxwul3HjWuw2u5Vb9PqYPs7NxjmceZFggMpeJE-LdCJyrWweh2fiGW5GI-fEZjOubA7nbLCZzCwj33A5EUs0J4t0IrvsG8uJxbUcDZaTkW-5XG4cHptrs3K5hjOLbbfyGPbF0WzmGfkWa5HHZHGLRpuNW-Fw7dYyh8tl3LgWu81u5Ra9PqaPc7NxDmf-xm4wmg2Gu-Fm39gNRrPBcDfc7DtMpmfqczaKT5LVx-dxVqtRn81pULgMFu9PYlpMu7ODb3NRPnVOY7KoM_r9fr_f7_f7_X6_Qes5mA0K3-wctSmzt7S0ml4YxAaDIpYILtKJ4O85vV0mp8Ote9rtTsPL53ndLWKJ0nSRTvRFv9tlePhc_opYIjhdpBOh3-2yqP-oAQdzyWo1VwzmksFmlQAAAAAAAAAALME0000AAAAAnAxquZhNBut0MJvBYDZZLRcAxjCxLmAQAAAAAACAXVbvR_Og2r3XxRp7rAL-ntPbZXI63Lqn3e40vHye193KADA6d5ht9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8oarvQAzeKnV9BTCab4f4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAvzg!&cmcv=&pix=undefined&cb=1704608784081&uv=3372&tms=1704608784081&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!ufm_vC!ufwfrtb_vA!unf_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=f0e8e55e-5112-4541-a47a-c162fff3c287&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Jan 2024 06:26:24 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ms_auth_server_button.min.js
edge-auth.microsoft.com/v0.5/js/ Frame 5467 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=ce754272-8433-4822-bceb-556a4f63775d&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
7c8f24757683d5fece3f8af5853e19b1432c3d9110c3f6307b1ea434807eb4c7
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-SRvGp0sQPdnceL4BezsZaBXKGkvOyzLdmnPXmQqc9NN11v7td+wQLX8ErhhU1/UoQfn6xUiR1X+fJ+n2mz87GH7B7nzOtAN9FZvstRwsJCjQ8Oxvrs3IedhK3pPJ0fK5Bygg/Anly6BKz8Prr/05qqCF2+J6oWlTiYeAfiDXR8k=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=ce754272-8433-4822-bceb-556a4f63775d&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-SRvGp0sQPdnceL4BezsZaBXKGkvOyzLdmnPXmQqc9NN11v7td+wQLX8ErhhU1/UoQfn6xUiR1X+fJ+n2mz87GH7B7nzOtAN9FZvstRwsJCjQ8Oxvrs3IedhK3pPJ0fK5Bygg/Anly6BKz8Prr/05qqCF2+J6oWlTiYeAfiDXR8k=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
date
Sun, 07 Jan 2024 06:26:23 GMT
last-modified
Tue, 02 Jan 1601 01:21:08 GMT
x-msedge-ref
Ref A: 13498A9745E34FF2960FD586C373BCB5 Ref B: AMS231032601029 Ref C: 2024-01-07T06:26:24Z
etag
"d47ff7f29d"
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
26781
tinypass.min.js
cdn.tinypass.com/api/ 		388 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js?version=2
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=RpxZ9l1H1l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec18ebaedb655fd8c94eb9c8160e218920dbe41c7059171f06c03d0dedd5010a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
x-amz-version-id
0QIZetJ_7irXXHtLgdmNhkMj0U1YDIAl
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
XJ9DZBMAVRQ7THZK
age
5969
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ZzjpeA125M/HXDfYVO0lFXlYTdjpId4Va7BFxe1qulSedMvGkqhsBcj7r4JHSTHbWQMZUsP5YnU=
last-modified
Tue, 19 Dec 2023 11:23:13 GMT
server
cloudflare
etag
W/"f8312bff3c7ba81de4b41efef3dbdb77"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
841a2104cd599bb0-FRA
expires
Sun, 07 Jan 2024 10:26:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E2B6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
25700
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 23:18:04 GMT
expires
Sun, 05 Jan 2025 23:18:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A562 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
43d9254e4ef8acfb0c24b679c9ae6da14c1f626514625f303ced87691563bf57
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FDX4kspaplv6QDe6Bz-MaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-FDX4kspaplv6QDe6Bz-MaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 06:26:24 GMT
expires
Sun, 07 Jan 2024 06:26:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame 1A03 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
094400fb43c70285180192f21c9f677821824153b56f4d886169102c35ecb443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:26:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Jan 2024 22:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56421
Connection
keep-alive
Content-Length
13174
Expires
Sun, 07 Jan 2024 22:06:45 GMT
usync.js
eus.rubiconproject.com/ Frame 19CF 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
094400fb43c70285180192f21c9f677821824153b56f4d886169102c35ecb443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:26:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Jan 2024 22:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56421
Connection
keep-alive
Content-Length
13174
Expires
Sun, 07 Jan 2024 22:06:45 GMT
gtm.js
www.googletagmanager.com/ 		190 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MDBQXCK&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bce9076aa5369f22d4d136a70997c5015474a65fcf6f504406cb1ac7e05d8947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70618
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 06:26:24 GMT
gtm.js
www.googletagmanager.com/ 		308 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e223baedd1ddb6da2598777ca1e661cc440017d1194c312d7d21e80d073ebc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93814
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 06:26:24 GMT
v2
api.viafoura.co/v2/winnipegsun.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/winnipegsun.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4847:e5f9:63eb:8cb4:6f23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d003813c402ae4182766d136a7a45dc504ac3bff70afab6adcfd4db4af9378f1

Request headers

Accept
application/json, text/plain, */*
Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-04a025c034321ff59
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://winnipegsun.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sun, 07 Jan 2024 06:26:24 GMT
v2
api.viafoura.co/v2/winnipegsun.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/winnipegsun.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4847:e5f9:63eb:8cb4:6f23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://winnipegsun.com
access-control-max-age
1728000
cache-control
max-age=0
date
Sun, 07 Jan 2024 06:26:24 GMT
expires
Sun, 07 Jan 2024 06:26:24 GMT
server
nginx/1.18.0 (Ubuntu)
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
2006
date
Sun, 07 Jan 2024 06:26:24 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
547
x-fastly-trace-id
1833849319
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230071-FRA
x-timer
S1704608784.234690,VS0,VE0
gtm.js
www.googletagmanager.com/ 		232 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
91231d0c86356c523c67b8126811ce888acb4daefc72e9ce532f17b511651cb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68891
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 06:26:24 GMT
identify
identity.mparticle.com/v1/ 		176 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e89476c9529265ffa9f119f86b8ff3b0f18c1164057eace80557316e6cad8ce4
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 varnish
x-mp-max-age
86400
strict-transport-security
max-age=900
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
x-served-by
cache-fra-eddf8230071-FRA
server
Kestrel
x-timer
S1704608784.241452,VS0,VE118
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-fastly-trace-id
1833849355
accept-ranges
bytes
x-cache-hits
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame E2B6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 14:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
56079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 Jan 2025 14:51:45 GMT
khaos.json
token.rubiconproject.com/ Frame 1A03 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
khaos.json
token.rubiconproject.com/ Frame 19CF 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
js
www.googletagmanager.com/gtag/ 		264 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
22cc186a5b2bdc2910eb4ab7c34ae1ebe40a2f9bdf8c1a77ca3ca1946ffd4ebf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91280
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jan 2024 06:26:24 GMT
ribn.min.js
assets.ribn.com/production/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/production/ribn.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
age
1008
x-cache
Hit from cloudfront
last-modified
Wed, 28 Oct 2020 14:49:59 GMT
server
cloudflare
etag
W/"6b213f30955b664fd78dc9e388b17e54"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
841a21059e7b695e-FRA
x-amz-cf-id
uat5-xHj5diXORCiaydJuH7tU4NtQp6I6J78HdSLzuXyE8vEzikglQ==
expires
Sun, 07 Jan 2024 10:26:24 GMT
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
age
90
x-cache
Hit from cloudfront
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
cloudflare
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
841a2105ae7c695e-FRA
x-amz-cf-id
mLntfVk1B0fTkuTiAjpMQKLIleTYIRsW8krBqK8ugG-namavXHEYdA==
expires
Sun, 07 Jan 2024 10:26:24 GMT
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:181::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:26:24 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Dec 2023 11:02:02 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6055
Expires
Sun, 07 Jan 2024 07:26:24 GMT
execute
c2.piano.io/xbuilder/experience/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=RpxZ9l1H1l
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe17b37622e7fe2c01ce34f2cb3355a89a5e911d561c4e7eddd7feb303327336
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
kk43dl83h1
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://winnipegsun.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
841a2105bc5c9067-FRA
metric
edge-auth.microsoft.com/ Frame 5467 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/metric
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-Jm6qhdC9YLf3+NdoB3A1ZbU3xb/ZtHhEbKkpQddiXZ5o90khJpUR/bAHVrweDgJ0ewuC0MbF7gVFYOtGOWREIYfJQ+r7GunaXykrJDgnDenioR9omoL2qInqDgXdAOP+zb+DHhY2j9LzbfyUviIQz4Q1xyfCKV7ek3hOllY8ELQ=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=ce754272-8433-4822-bceb-556a4f63775d&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-Jm6qhdC9YLf3+NdoB3A1ZbU3xb/ZtHhEbKkpQddiXZ5o90khJpUR/bAHVrweDgJ0ewuC0MbF7gVFYOtGOWREIYfJQ+r7GunaXykrJDgnDenioR9omoL2qInqDgXdAOP+zb+DHhY2j9LzbfyUviIQz4Q1xyfCKV7ek3hOllY8ELQ=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Sun, 07 Jan 2024 06:26:23 GMT
x-msedge-ref
Ref A: 580AE570AD544B89B8BCDE0ADBF31350 Ref B: AMS231032601029 Ref C: 2024-01-07T06:26:24Z
content-length
0
x-cache
CONFIG_NOCACHE
sodar
pagead2.googlesyndication.com/pagead/ Frame A562 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=2929501274548485&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
metric
edge-auth.microsoft.com/ Frame 5467 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/metric
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-9fPYF7RLce6z+BrCaAgCg29gGoDBsu7UiDezS5d/UNF7P8Q5AeqKrGdgOA0yUS0K3Xp1XYriSC0lTw3ow0/i6bLKLAzQU7SbPgsUl5IeycPNsKE4i8tl33n2elYkD7+e1dS+1ZeLXyQIcLcoBWxiVLz7u/DwcnEuoaBOSWOEcm4=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=ce754272-8433-4822-bceb-556a4f63775d&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-9fPYF7RLce6z+BrCaAgCg29gGoDBsu7UiDezS5d/UNF7P8Q5AeqKrGdgOA0yUS0K3Xp1XYriSC0lTw3ow0/i6bLKLAzQU7SbPgsUl5IeycPNsKE4i8tl33n2elYkD7+e1dS+1ZeLXyQIcLcoBWxiVLz7u/DwcnEuoaBOSWOEcm4=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Sun, 07 Jan 2024 06:26:23 GMT
x-msedge-ref
Ref A: 013E70D166D7438FB99F5037652FF676 Ref B: AMS231032601029 Ref C: 2024-01-07T06:26:24Z
content-length
0
x-cache
CONFIG_NOCACHE
js
www.googletagmanager.com/gtag/ 		264 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c69ca7e031070cda64d5e456d8cac935d264b4cf7a2c72fb8fbffd619250a0ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jan 2024 06:26:24 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 05:22:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3839
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 07 Jan 2024 07:22:25 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		156 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7f6e2585f4bb89f9d5c4bf0bfdf2d8637fd97a0818ca76fe281eb7229e8fbf6

Request headers

Referer
https://winnipegsun.com/
Origin
https://winnipegsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-response-time
1ms
date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 07 Jan 2024 06:26:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
8
accept-ranges
bytes
cf-ray
841a2108edada06c-SIN
alt-svc
h3=":443"; ma=86400
content-length
45824
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 07 Jan 2024 06:26:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54372
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
U4KeRM/M0xGi5LDRlTBBEfo0cJ7oZv7XdIvGaaScNiiOEi+rEm26Pl/ieEw0JkjJkO3KwETUZ1OzFThpqdYNGg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.min.js
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-52.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
XfYprRTzfIx5sUT1DKibUZklTDJ88StC
content-encoding
gzip
via
1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
date
Sun, 07 Jan 2024 01:43:59 GMT
last-modified
Thu, 24 Aug 2023 11:20:32 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
17017
x-amz-server-side-encryption
AES256
etag
W/"10ba0dba424c8954df3533bfd881e874"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
LBuOQLv3yijNdl8VTe-HyszdwOAVnd2zPH6ZBHzCIUidsyp4CQ8COA==
p.js
cdn.parsely.com/keys/winnipegsun.com/ 		58 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/winnipegsun.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.97.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-97-61.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
d9fa1c1935338f74fa45f1c573bff4103e6ff9be56e7accb16c81bcb5d6102b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
public
date
Sat, 06 Jan 2024 07:26:45 GMT
content-encoding
gzip
via
1.1 c76f57c516237f120f723cde4dab446e.cloudfront.net (CloudFront)
last-modified
Fri, 06 Oct 2023 19:46:20 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
82778
etag
W/"6520640c-e752"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
GiBTqXsLCkAphycW8Ww7qQhFkFB-pJnwNVHdHIHNCiLZ2_yqjMO1zg==
expires
Sun, 07 Jan 2024 07:26:45 GMT
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je4130v880952817z879194588&_p=1704608784086&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1979784327.1704608784&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1704608784&sct=1&seg=0&dl=https%3A%2F%2Fwinnipegsun.com%2F&dt=Home%20%7C%20Winnipeg%20Sun%20Home%20Page%20%7C%20Winnipeg%20Sun&en=page_view&_fv=1&_ss=1&tfd=1526
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winnipegsun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-72QH41ZTMR&cid=1979784327.1704608784&gtm=45je4130v880952817z879194588&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winnipegsun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-72QH41ZTMR&cid=1979784327.1704608784&gtm=45je4130v880952817z879194588&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=338990221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		231 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFGNKKG&l=mpartical
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6fd31ed27680a3dc00e1b484cb5733f47b746bf1ba34aaa2fbce86e81e04c7b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75169
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 06:26:24 GMT
cx.js
cdn.cxense.com/ 		111 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:181::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
baa1e321fd815ef7c8bec6e9daa2ef002aadb656cc27cfdf6661dfdac33e0cda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:26:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 12:22:49 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37123
Expires
Sun, 07 Jan 2024 07:26:24 GMT
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230110-FRA
date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1704608784.407033,VS0,VE1
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=45je4130v880952819z8854753396&_p=1704608784089&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1979784327.1704608784&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Fwinnipegsun.com%2F&sid=1704608784&sct=1&seg=0&dt=Home%20%7C%20Winnipeg%20Sun%20Home%20Page%20%7C%20Winnipeg%20Sun&en=page_view&_fv=1&_ss=1&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=15.1.1&ep.fem_version=v93.0&ep.brand=Winnipeg%20Sun&ep.timestamp=2024-01-07T07%3A26%3A24.388%2B01%3A00&ep.ga_client_id=1979784327.1704608784&ep.main_category=index&ep.metered_content=false&up.client_id=1979784327.1704608784&tfd=1591
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winnipegsun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H792QCFZPV&cid=1979784327.1704608784&gtm=45je4130v880952819z8854753396&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winnipegsun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H792QCFZPV&cid=1979784327.1704608784&gtm=45je4130v880952819z8854753396&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2029684442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
969 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-41.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:40:39 GMT
via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront), 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2, FRA56-P5
age
81945
x-amzn-requestid
ec497b4f-2e50-40db-bfd6-22ce019c4189
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
RG2OxE7_CYcElyg=
content-length
555
x-amz-cf-id
l9vg65CWot9LN8EaQcrQEHP_V8Q5pAgFsjac0rRMzi8Joizpo6U7uw==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-101.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
date
Sun, 07 Jan 2024 03:39:24 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
10021
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
5m011SdUfu4PSUsKfPE7gody9K-5ccm34268lxvv-jNrWg_P7L9y0A==
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1646486093&t=pageview&_s=1&dl=https%3A%2F%2Fwinnipegsun.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Winnipeg%20Sun%20Home%20Page%20%7C%20Winnipeg%20Sun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=620928916&gjid=1187530627&cid=1979784327.1704608784&tid=UA-213173459-5&_gid=579331233.1704608784&_r=1&_slc=1&gtm=45He4130n81P3Q4QHWv854753396&cd2=2024-01-07T07%3A26%3A24.276%2B01%3A00&cd7=anonymous&cd17=0&cd23=Winnipeg%20Sun&cd24=Cheetah&cd25=15.1.1&cd26=v93.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=55&cd31=index&cd52=index&cd65=false&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=1979784327.1704608784&z=280393533
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winnipegsun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1646486093&t=pageview&_s=1&dl=https%3A%2F%2Fwinnipegsun.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Winnipeg%20Sun%20Home%20Page%20%7C%20Winnipeg%20Sun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=124934286&gjid=976813860&cid=1979784327.1704608784&tid=UA-138335866-18&_gid=579331233.1704608784&_r=1&_slc=1&gtm=45He4130n81P3Q4QHWv854753396&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1773858772
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
744a341ddafd3ea9fe360fb10f0bd636cb67affef8eb38ba770c09bd3c7c942b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winnipegsun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1704608784410&plid=2ca053df-7ced-4cb7-acba-748267e0016e&idsite=winnipegsun.com&url=https%3A%2F%2Fwinnipegsun.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Fwinnipegsun.com%2F&sref=&sts=1704608784407&slts=0&title=Home+%7C+Winnipeg+Sun+Home+Page+%7C+Winnipeg+Sun&date=Sun+Jan+07+2024+07%3A26%3A24+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=7555a410-31eb-4cea-a521-169eaf065199&u=pid%3Dabae0300-96ee-4023-8e98-c14406e16034
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:26:24 GMT
Cache-Control
no-cache
Last-Modified
Sunday, 07-Jan-2024 06:26:24 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
1685973801652415
connect.facebook.net/signals/config/ 		142 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.139&r=stable&domain=winnipegsun.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c3a1e19ae447c458c806cec0f399a8b654602801a1b68e7c0341562c22b90f7e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 07 Jan 2024 06:26:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
HC+v4wch/0TQNZ+IdezI0PIcNXhmusWjXrBdmP7baMUJqKbFfTDNdYm/2c6jEK0nOIzs55m28bmJwLzHjXQCcA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-213173459-5&cid=1979784327.1704608784&jid=620928916&gjid=1187530627&_gid=579331233.1704608784&_u=YCDACAAABAAAACAEK~&z=1857102618
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 07 Jan 2024 06:26:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winnipegsun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		231 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TS0LJHEWKV&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f6d60cc50b81c2ba2999bf8dc12b9715ab59b2ed94828494c015ddc8a079ffe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83756
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jan 2024 06:26:24 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
2006
date
Sun, 07 Jan 2024 06:26:24 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
548
x-fastly-trace-id
1833850389
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230071-FRA
x-timer
S1704608784.432918,VS0,VE0
identify
identity.mparticle.com/v1/ 		176 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4744962f36d06f29d874b35b751664cdca334a6151a75420f9b8eec878051079
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 varnish
x-mp-max-age
86400
strict-transport-security
max-age=900
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
x-served-by
cache-fra-eddf8230071-FRA
server
Kestrel
x-timer
S1704608784.440116,VS0,VE122
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-fastly-trace-id
1833850426
accept-ranges
bytes
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230110-FRA
date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1704608784.436791,VS0,VE1
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-5&cid=1979784327.1704608784&jid=620928916&_u=YCDACAAABAAAACAEK~&z=792508942
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-5&cid=1979784327.1704608784&jid=620928916&_u=YCDACAAABAAAACAEK~&z=792508942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame E2B6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0J2sPw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TS0LJHEWKV&gtm=45je4130v9124576447&_p=1704608784086&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1979784327.1704608784&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwinnipegsun.com%2F&dt=Home%20%7C%20Winnipeg%20Sun%20Home%20Page%20%7C%20Winnipeg%20Sun&sid=1704608784&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1682
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TS0LJHEWKV&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winnipegsun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp1.html
cdn.cxense.com/ Frame FAE3 		456 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:181::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
289
Content-Type
text/html
Date
Sun, 07 Jan 2024 06:26:24 GMT
Expires
Wed, 17 Jan 2024 06:26:24 GMT
Last-Modified
Thu, 30 Nov 2023 11:55:50 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
identify
api.permutive.com/v2.0/ 		50 B
123 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
5a67733ba40e6a78cb31276af489b23c37ee16673db619e0f053a64420032f72

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fwinnipegsun.com%2F&rl=&if=false&ts=1704608784504&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704608784502.747281262&cs_est=true&ler=empty&it=1704608784419&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 07 Jan 2024 06:26:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
cx.js
cdn.cxense.com/ Frame FAE3 		111 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:181::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c024a500b6884e87cb923bdfab0b6303d5130c87bd4e00612ea410613e765faf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:26:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 12:22:49 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37123
Expires
Sun, 07 Jan 2024 07:26:24 GMT
audiences
api.permutive.com/audience-matching/v1/id/bdf31cfe-d5bf-44e2-971f-fb29e9934a0e/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/bdf31cfe-d5bf-44e2-971f-fb29e9934a0e/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
p1.js
p1cluster.cxense.com/ Frame FAE3 		47 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0039.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
d71313aac5755f30eb706d80bc6f78cd9bff32f9efd3ba92c6ffdd4663b0c7ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
last-modified
Fri, 07 Jul 2023 06:26:24 GMT
server
Jetty(9.4.28.v20200408)
etag
3qw25b04te4k32m7urvfkk16zp
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
47
expires
Tue, 07 Jan 2025 06:26:24 GMT
rep.gif
comcluster.cxense.com/Repo/ Frame FAE3 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.44&typ=pgv&rnd=lr3423qpsrq74fs3&sid=1141974193387717452&loc=https%3A%2F%2Fwinnipegsun.com%2F&new=1&arf=0&ltm=1704608784445&ref=&tzo=-60&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lr3423xiqlemug7v&ckp=lr3423qp9zcbwjzh&glb=&cp_userState=anon&cst=3qw25b04te4k32m7urvfkk16zp
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0039.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Sun, 07 Jan 2024 06:26:24 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/ 		103 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lr3423qp9zcbwjzh%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%223qw25b04te4k32m7urvfkk16zp%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%223qw25b04te4k32m7urvfkk16zp%22%7D%5D%2C%22siteId%22%3A%221141974193387717452%22%2C%22location%22%3A%22https%3A%2F%2Fwinnipegsun.com%2F%22%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0039.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
a4c8623fdfb46aeb974a57c767bce725a15a6cbee5bfec6baccf84e81a764ac7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
103
expires
Mon, 26 Jul 1997 05:00:00 GMT
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		42 B
159 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f1688008000482e04eff23c556c39035ee399825bc150c583486a4365e6056ed

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230110-FRA
date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1704608785.577616,VS0,VE232
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
jload
pixel.adsafeprotected.com/ Frame A261 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=401010421&placementId=6404573011&pubCreative=138455016757&pubOrder=3265484082&cb=645629352&custom=index&custom2=1&adsafe_par&impId=adb354a2-ad25-11ee-b4f1-0aa85974baeb
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-86.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c8ecf53e81934ae6fb502ae78b2d79bbcd0293c139111c921e748290878f0350

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D9E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusOVVT5Aj2Vvsqjvp7PkpgI4Ktp482iZQ7T8_fo_FDZyefHv7CJ030vAA_3RUhTYqrRxN1RssxwnO5eYywEP2_HsGJDm-KIPncueaLlGnF1fEdDNVjPkrgikv5PFTnV_HlyQxVXJ4ntIHUM0Xr1DesdYACGD8DfJ9DuLu5yWWLtQrmv9IiWNZ_pH2cxsuHy4-Kf6S-yyLA5kRttXUiXfosWS3PMp3D_Vc9Gvwm1-OgZKGjttNl9HNd5fJCIXt2yYr-nCYhbBukSWz-PtJAcxUbp3GwNqDrHY7AInL4sf9_-heBZhxtBnLYXPNA50MJY44M2gI-HUdvAM4QzvVhs2IhiY4S_SHk3odGSyGDnyhWKGUvvw7tI24glBYi-W5pxA&sai=AMfl-YSJ_qOEFNZ6yEH0NfVz4MnZOcyzOdBJNw-pcki0N037rq2wATptFFoqxDfkhcf869AuPU-lRJmdnMFdHbAUWFqd6ASjOpxLUZ-phrQaJVoLbelYkiF1Y-UgVz4HuvTPJQosTdjPpTO0g--d9PLdq_sY&sig=Cg0ArKJSzGsQ_mAqECZoEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 07 Jan 2024 06:26:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame D9E7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 18:15:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
43835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Jan 2024 18:15:49 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D9E7 		204 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 06:26:24 GMT
1256760516304926371
tpc.googlesyndication.com/simgad/ Frame D9E7 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1256760516304926371
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40e07509e7eb5c484b9a3fc7a73cc3eeb9def2b93d7720565da09df2835609df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sat, 04 Jan 2025 01:27:07 GMT
date
Fri, 05 Jan 2024 01:27:07 GMT
x-content-type-options
nosniff
age
190757
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75958
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 22:00:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je4130v880952817z8880952819&_p=1704608784086&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1979784327.1704608784&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=2&sid=1704608784&sct=1&seg=0&dl=https%3A%2F%2Fwinnipegsun.com%2F&dt=Home%20%7C%20Winnipeg%20Sun%20Home%20Page%20%7C%20Winnipeg%20Sun&en=ad_impression&_c=1&ep.query_id=CPTpsMjSyoMDFbYAVQgd2DwEVw&_et=285&tfd=1812
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winnipegsun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H792QCFZPV&gtm=45je4130v880952819&_p=1704608784089&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1979784327.1704608784&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=2&dl=https%3A%2F%2Fwinnipegsun.com%2F&sid=1704608784&sct=1&seg=0&dt=Home%20%7C%20Winnipeg%20Sun%20Home%20Page%20%7C%20Winnipeg%20Sun&en=ad_impression&_c=1&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=15.1.1&ep.fem_version=v93.0&ep.brand=Winnipeg%20Sun&ep.timestamp=2024-01-07T07%3A26%3A24.388%2B01%3A00&ep.ga_client_id=1979784327.1704608784&ep.query_id=CPTpsMjSyoMDFbYAVQgd2DwEVw&_et=223&tfd=1815
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H792QCFZPV&l=gtm_data_layer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winnipegsun.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame D9E7 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce2f96096b7119f81e22aa763586562cf71b1116f442da082805dfbb62d88bea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
googima.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/googima.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IIqOV7lO.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80c9671594b35dca109b7ecf4d7ca12db35663ba90b6e591fee421a3d3a6816a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 varnish
age
24796
x-cache
HIT
content-length
22454
x-served-by
cache-fra-eddf8230088-FRA
last-modified
Mon, 13 Nov 2023 20:12:26 GMT
server
AmazonS3
x-timer
S1704608785.657115,VS0,VE0
etag
"016fdad688d9003e0b0c4157e803cf37"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
1142
bidding.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		448 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IIqOV7lO.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3587ccc786d72c7d352e3cd589f1c34a6d5f99944560a6c2e7f6f69f0a69b9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 varnish
age
1432
x-cache
HIT
content-length
144290
x-served-by
cache-fra-eddf8230088-FRA
last-modified
Thu, 14 Dec 2023 13:42:51 GMT
server
AmazonS3
x-timer
S1704608785.657218,VS0,VE0
etag
"20b62ce1e7993cc814efa737c197c766"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, immutable
accept-ranges
bytes
x-cache-hits
12
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IIqOV7lO.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3c5ff38a6b645121ae055d1bb18885c2f185331f58f6229443c2f031684216f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 varnish
age
382
x-cache
HIT
content-length
19890
x-served-by
cache-fra-eddf8230088-FRA
last-modified
Thu, 14 Dec 2023 19:59:18 GMT
server
AmazonS3
x-timer
S1704608785.657324,VS0,VE0
etag
"1a96e7c0d0040b922d2458e3bc2cfe7f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
119
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		318 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IIqOV7lO.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3626395a3596984e23ef3c2e882eee1fe93e4830f6c6b90ba9aad5028d2b6c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 varnish
age
4564498
x-cache
HIT
content-length
85284
x-served-by
cache-fra-eddf8230088-FRA
last-modified
Mon, 13 Nov 2023 20:12:20 GMT
server
AmazonS3
x-timer
S1704608785.657551,VS0,VE0
etag
"95e4ba794923b67ae5be72627198a8b3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
50708
07SVOpp3
cdn.jwplayer.com/v2/playlists/ 		58 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/07SVOpp3
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IIqOV7lO.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:a000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
eba5ac83e3afb2956ec58bbfc47d4505449858f1c6251e1ca284af00a915f47b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
9143
x-amz-cf-id
o03Dp3y1AdrJiWmbwSwp_W7_XtiC1FPjyZoPcLmC3fBfwccZ498HqQ==
expires
Sun, 07 Jan 2024 06:29:24
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		413 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IIqOV7lO.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6a936bf89e1100e04af426880bbbbcdf995f6501eb58a5e7ca3382b0ce74ac3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 varnish
age
2871505
x-cache
HIT
content-length
126154
x-served-by
cache-fra-eddf8230088-FRA
last-modified
Fri, 10 Nov 2023 21:07:29 GMT
server
AmazonS3
x-timer
S1704608785.738688,VS0,VE0
etag
"c735ce7c150fe5e0fdf3e61f12fd8527"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
46867
main.19.8.466.js
static.adsafeprotected.com/ Frame A261 		213 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.466.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=401010421&placementId=6404573011&pubCreative=138455016757&pubOrder=3265484082&cb=645629352&custom=index&custom2=1&adsafe_par&impId=adb354a2-ad25-11ee-b4f1-0aa85974baeb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 20:53:12 GMT
x-amz-version-id
xzgJjX2ySahBlQ72zDUgnxljnut_sNmJ
content-encoding
gzip
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2107992
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 13 Dec 2023 19:37:51 GMT
server
AmazonS3
etag
W/"eac384b0904b6f5677cb58a4d4e104c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
aXYsBmlL0pbHmKbMGiu3ap1BLnhmo4oqOegn81r3RFr5wViJFi67kA==
EP4j6LNJEeu2Q2J+7u8ONQ.json
entitlements.jwplayer.com/ 		69 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/EP4j6LNJEeu2Q2J+7u8ONQ.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IIqOV7lO.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67A5) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
last-modified
Sun, 07 Jan 2024 04:10:48 GMT
server
ECAcc (frb/67A5)
age
8136
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=19260
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IIqOV7lO.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Sun, 07 Jan 2024 06:26:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D9E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvazFraTVlzUTkxRgxwJFL4W4Ta5q1gaoiLFeYL8auri772Q9TlbIYwIytTXb6dxobtGTlug9Vb3fhiFei5MZEhsof1lV2YA6CaEwLn4KtEAh3OW3xZRXPZMBWaWkhOBQ1bpJ6qiZq6OvNVCXEaf77yEOC9l8vOX0jgnhP_sITmazSV-1Hf3bh265s0Aj4Z6JA6JSFdulPrGmrIs8YEj5bb-iPlz15PiNPIyPPd18hDC0qXePbgUqnd4dCtAIAAPVQpjsamsKa7BGNdtIuH4qX0-dhGFTc_xbFDTOXMF1L9INR2NEJWQEzocyKiitxL6gnsWgL7QPvn7xQAT1tuwPHPc3CPSEkZQ_4Dn7KcE1BMoTNO9xTXjU_-eKgUNjdO_0Hs&sai=AMfl-YQfzm9V-s9nXpfNGCROZvkCyRaks70bXFYtUy3Mq7Y5QuvsPp5MeyGN2HIgvmY9zu5OCmqm8-yAmRxbd8UK8GZc0AQEPp-1CrEPYD-1weYsmPY4jkJ0rp51cpMNuWx7RtAW1FQpqqkvtq-JRyF7qK8x&sig=Cg0ArKJSzL3PO3kBSb6wEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 07 Jan 2024 06:26:24 GMT
thirdpartycookie
api.viafoura.co/v2/winnipegsun.com/ 		45 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/winnipegsun.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4847:e5f9:63eb:8cb4:6f23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-instance-id
i-020a06b7687399669
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://winnipegsun.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sun, 07 Jan 2024 06:26:24 GMT
VFcsuNm3.srt
assets-jpcust.jwpsrv.com/tracks/
Redirect Chain
  • https://cdn.jwplayer.com/tracks/VFcsuNm3.srt
  • https://assets-jpcust.jwpsrv.com/tracks/VFcsuNm3.srt
6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/tracks/VFcsuNm3.srt
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7910353dc14ef39185d225826bbfa8715da1083a5888ada16b6c694d9d5f9f04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
86
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
2653
x-served-by
cache-iad-kcgs7200087-IAD, cache-fra-eddf8230110-FRA
last-modified
Fri, 05 Jan 2024 19:24:29 GMT
server
nginx
x-timer
S1704608785.997628,VS0,VE88
etag
"6f9c31e697906ad68cd24ffd58c06003"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
3338, 1

Redirect headers

date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/tracks/VFcsuNm3.srt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
rN-QLsB1a8RmcYkX72wSn0wPjFihE4UgQN3hwrO9UAHdVYjctFjPNA==
polyfills.webvtt.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/polyfills.webvtt.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IIqOV7lO.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f955bad4911e135ef8894618754dbed63059322adf7404c619734960cce6adc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 varnish
age
2010475
x-cache
HIT
content-length
4510
x-served-by
cache-fra-eddf8230088-FRA
last-modified
Mon, 13 Nov 2023 20:12:22 GMT
server
AmazonS3
x-timer
S1704608785.815029,VS0,VE0
etag
"4ecf1daa69f7252ad15b34ff4485ec7a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
11745
STu5EiL5-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/STu5EiL5-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/STu5EiL5-120.vtt
5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/STu5EiL5-120.vtt
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
69501ba38b0599e05100b90f1191b95a786db15c98f47a6cf2b2404f34b09330

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
125
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
895
x-served-by
cache-iad-kiad7000150-IAD, cache-fra-eddf8230110-FRA
last-modified
Fri, 05 Jan 2024 18:21:41 GMT
server
nginx
x-timer
S1704608785.997624,VS0,VE104
etag
"8a57f4eb317348a834f67d77c2100d66"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
3, 1

Redirect headers

date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/STu5EiL5-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
mzOx1R5Rs7kbWoZWaoqnfA6B-Rv_LyCe3OofzdGAsm1Vuqc793zRDg==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.cast.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IIqOV7lO.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e11545f37f9b79411db316051568e9232e4306b7b86a1fc28195596d21a8839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 varnish
age
2690130
x-cache
HIT
content-length
10035
x-served-by
cache-fra-eddf8230088-FRA
last-modified
Mon, 13 Nov 2023 20:12:23 GMT
server
AmazonS3
x-timer
S1704608785.832632,VS0,VE0
etag
"11ee85ad71debb9f00a186341c5562fb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
29843
related.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		103 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/related.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IIqOV7lO.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9d9f5036d0bd2be56f58b96153837812b097932175127c8b0261eb0ba7b58de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 varnish
age
2768118
x-cache
HIT
content-length
25137
x-served-by
cache-fra-eddf8230088-FRA
last-modified
Mon, 13 Nov 2023 20:12:25 GMT
server
AmazonS3
x-timer
S1704608785.832734,VS0,VE0
etag
"e6b820b0a7ae68bd30c9a97e44e1ea55"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
42864
STu5EiL5.m3u8
cdn.jwplayer.com/manifests/ 		2 KB
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/manifests/STu5EiL5.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:a000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
690656a5eea4be59a32d99de9b46c809a76608a0aebc8f2bdf6ced32832ae5bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
425
x-amz-cf-id
5pJNRtt3MvRY6Xu6F2NtYJHuk1ifSSyXA7GNSe78-gNFvsWaTsnKEg==
wLe9WzmE-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/STu5EiL5/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-720.jpg
154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-720.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1701c89c93077f0ea8d2bdd661d0aabae3b3899d20e434d7b46e3388695ff8a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
329
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
157578
x-served-by
cache-iad-kiad7000177-IAD, cache-fra-eddf8230088-FRA
last-modified
Fri, 05 Jan 2024 18:59:46 GMT
server
nginx
x-timer
S1704608785.973605,VS0,VE87
etag
"2da3d26e3db8793aefc2188ce1c6cb6e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
57, 1

Redirect headers

date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-720.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
tdUQ1mu4-yRcksLUT7xFEPinRQt353U9FWmBen4Z05ugaA_wYSHErQ==
wLe9WzmE-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/STu5EiL5/poster.jpg?width=640
  • https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-640.jpg
122 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-640.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4d95533a8783c038f3e18ac83f353d337b2e928696f27e25b4fa816eb3f12d35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
582
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
124092
x-served-by
cache-iad-kiad7000179-IAD, cache-fra-eddf8230088-FRA
last-modified
Fri, 05 Jan 2024 18:59:47 GMT
server
nginx
x-timer
S1704608785.978432,VS0,VE98
etag
"63724d265fd5e43b0a138744a72d78bb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1291, 1

Redirect headers

date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/wLe9WzmE-640.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
IdIJU3GGD5R7S0EH99HiW_R7YUhcixSG_zrnrd0ja4mRPo0bjmGGAg==
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1208493401&e=e&n=6287039476954026&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=31LQei3c&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=1vbq7p81ghmu&i=0&id=STu5EiL5&lid=rvof4q92rc0n&lsa=read&mt=0&pbd=1&pbr=1&pgi=1hsh6v6dz0i5&ph=1&pid=IIqOV7lO&pii=0&pl=282&plc=20&pli=74f7sn1sxycd&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Home%20%7C%20Winnipeg%20Sun%20Home%20Page%20%7C%20Winnipeg%20Sun&pu=https%3A%2F%2Fwinnipegsun.com%2F&pv=8.30.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=WOKE%20WATCH%3A%20Elite%20opinion%20in%20Canada%20needs%20to%20come%20crashing%20down&tv=3.43.2&vb=1&vi=1&vl=90&wd=501&ab=1&bpv=7.5.0&cae=0&cb=1&cdid=leadVideoIFrameHeadline&cme=0&dd=1&fed=07SVOpp3&flc=0&fv=&ga=0&lng=en-CA&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FSTu5EiL5.m3u8&pbc=0&pd=2&pdr=&plng=en-CA&plt=1050&pni=1&po=0&pogt=%20Winnipeg%20Sun&rf=%2F%2Fcdn.jwplayer.com%2Fv2%2Fplaylists%2FX7vv3zNc%3Frelated_media_id%3DMEDIAID&sn=%7B%22controlbar%22%3A%7B%22background%22%3A%22rgba(0%2C0%2C0%2C0)%22%2C%22icons%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22iconsActive%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23FFFFFF%22%7D%2C%22menus%22%3A%7B%22background%22%3A%22%23333333%22%2C%22text%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22textActive%22%3A%22%23FFFFFF%22%7D%2C%22timeslider%22%3A%7B%22progress%22%3A%22%23F2F2F2%22%2C%22rail%22%3A%22rgba(255%2C255%2C255%2C0.3)%22%7D%2C%22tooltips%22%3A%7B%22background%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23000000%22%7D%7D&sp=0&st=180&sa=1704608784836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:a400:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
lBLPQIKMhBv-UvxB98QTYpa5kTW0xgbh5BxJzHwd38cokM3mATQ9Kw==
x-cache
Miss from cloudfront
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
27bceb3c5b27158d518eff9fc7ae2d23bc5c93e6e410260986200f8c96cfaf33

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.6.0
Content-Type
application/json
access-control-allow-origin
https://winnipegsun.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
Expires
0
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1031524
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e8488122605c35e9ade51a7a9f3de1290d817a6bce9b424776fd14d92ef1b9c

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbWJDT9nxKyGRgz3lMBpJCWvOXpTs2NuWrbeAW6KIDKOPQSUwYZN8KFQIvwxe%2FEMD7VmlQyDSXyJ1dODFiND59wQQ6hhxkkuC14Op2WX%2FOhcPa36JJ%2B01%2FKAuk%2BZ8hNufXJJhWIW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
841a21094c4b35fe-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
ping.gif
prd.jwpltx.com/v1/clienta/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=399656727&e=abq&n=6304627541067043&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=31LQei3c&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=1vbq7p81ghmu&i=0&id=STu5EiL5&lid=rvof4q92rc0n&lsa=read&mt=0&pbd=1&pbr=1&pgi=1hsh6v6dz0i5&ph=1&pid=IIqOV7lO&pii=0&pl=282&plc=20&pli=74f7sn1sxycd&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Home%20%7C%20Winnipeg%20Sun%20Home%20Page%20%7C%20Winnipeg%20Sun&pu=https%3A%2F%2Fwinnipegsun.com%2F&pv=8.30.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=WOKE%20WATCH%3A%20Elite%20opinion%20in%20Canada%20needs%20to%20come%20crashing%20down&tv=3.43.2&vb=1&vi=1&vl=90&wd=501&ab=1&abid=y3a4ckna4txb&apid=y3a4ckna4txb&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&flpy=USD&vpb=%7B%22pubmatic.id%22%3A%225353010%22%2C%22pubmatic.pubid%22%3A%22160305%22%2C%22rubicon.pubid%22%3A%2214648%22%2C%22rubicon.siteId%22%3A%22505096%22%2C%22rubicon.zoneId%22%3A%223013920%22%2C%22indexexchange.id%22%3A%221031524%22%7D&vto=3000&bpv=7.5.0&rtp=%7B%7D&tpi=&sa=1704608784839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:a400:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
WvawxTdfCxLP7ZEdeuBvQ-x5Cm6OHCF0LcUL9RdQAWAUK6qVn_h9Vw==
x-cache
Miss from cloudfront
bulk
trc.taboola.com/postmedia-winnipegsun/log/3/ 		0
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/postmedia-winnipegsun/log/3/bulk?tvi48=11593&tvi50=12238&route=AM%3AAM%3AV&lti=deflated&bulkSize=5
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
11
date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7220
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220108-FRA
pragma
no-cache
server
nginx
x-timer
S1704608785.852612,VS0,VE11
content-type
image/gif
access-control-allow-origin
https://winnipegsun.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
a61c0f8822a91ade98c2da0755649e2d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a61c0f8822a91ade98c2da0755649e2d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
47836c412b04d4589b999ea5612b6be26558eebf5559c8366c50e377c49b9987

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a61c0f8822a91ade98c2da0755649e2d.png
age
2074243
edge-cache-tag
419041160562095497600555399528646970256,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
419041160562095497600555399528646970256,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
181
req-referer
https://www.t-online.de/
content-length
80680
x-request-id
b2c05d519b4b449cd4b0717e06eb77dd
x-served-by
cache-iad-kcgs7200090-IAD, cache-iad-kcgs7200105-IAD, cache-ewr18166-EWR, cache-iad-kjyo7100154-IAD, cache-fra-etou8220108-FRA
last-modified
Thu, 14 Dec 2023 06:09:50 GMT
server
nginx
surrogate-reporting
width=1200,height=600,bytes=153893,owidth=1200,oheight=800,obytes=1940560,ef=(1,13,17,23,30)
x-timer
S1704608785.853846,VS0,VE0
etag
"5049a9b949ed57e429da8d82adb9cc23"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 27, 2
0803-kw-a2-ev-chargi-td.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/07/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/07/0803-kw-a2-ev-chargi-td.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
48a4768f3ed8d46a3a1ffa18b3ba862fc57b102b2e11f3ed1894db58702c6084

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/07/0803-kw-a2-ev-chargi-td.jpg
age
150151
edge-cache-tag
311117128348703897326702456985554581959,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
311117128348703897326702456985554581959,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
546
req-referer
https://winnipegsun.com/
content-length
13682
x-request-id
bdb11cccdd0218aa39f85f9074281116
x-served-by
cache-iad-kiad7000165-IAD, cache-iad-kiad7000107-IAD, cache-lga21982-LGA, cache-iad-kjyo7100077-IAD, cache-fra-etou8220108-FRA
last-modified
Fri, 05 Jan 2024 12:14:45 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=17722,owidth=1000,oheight=750,obytes=88272,ef=(1,13,17,23,30)
x-timer
S1704608785.853830,VS0,VE0
etag
"b6379fb8582b2416e579ed31b945c805"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 62, 2
ws20231215cp01-wp.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/12/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/12/ws20231215cp01-wp.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
83da54309f98d3c5f1d808775bcc76894b369896eb611f015bb9295caa3f11b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smartcdn.gprod.postmedia.digital/winnipegsun/wp-content/uploads/2023/12/ws20231215cp01-wp.jpg
age
239509
edge-cache-tag
361890908823114611263156533139508651385,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag
361890908823114611263156533139508651385,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
402
req-referer
https://winnipegsun.com/
content-length
10674
x-request-id
0c1f32c04597f7746dbb7df8e21c97d2
x-served-by
cache-iad-kiad7000072-IAD, cache-iad-kjyo7100154-IAD, cache-lga21954-LGA, cache-iad-kjyo7100103-IAD, cache-fra-etou8220108-FRA
last-modified
Thu, 04 Jan 2024 11:43:27 GMT
server
nginx
surrogate-reporting
width=380,height=212,bytes=14897,owidth=1000,oheight=750,obytes=101165,ef=(1,13,17,23,30)
x-timer
S1704608785.853947,VS0,VE0
etag
"f2f25c92ffb4b967664fe1b1cbb8dadd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 79, 2
9bdd1e6ffc7e7781f63a24272458fba4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9bdd1e6ffc7e7781f63a24272458fba4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f1bae7aed8994abd3673afcabec628b719e13a663ae74c3983bcb9871278f7b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9bdd1e6ffc7e7781f63a24272458fba4.jpg
age
2484764
edge-cache-tag
630770987720074874774246095262411355979,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
630770987720074874774246095262411355979,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
252
req-referer
https://www.all-in.de/
content-length
58192
x-request-id
9f5db1e39676edba18b478e292803f19
x-served-by
cache-iad-kiad7000031-IAD, cache-iad-kjyo7100086-IAD, cache-lga21931-LGA, cache-iad-kjyo7100041-IAD, cache-fra-etou8220108-FRA
last-modified
Sat, 09 Dec 2023 12:13:40 GMT
server
nginx
surrogate-reporting
width=1000,height=500,bytes=102478,owidth=1000,oheight=560,obytes=654097
x-timer
S1704608785.858216,VS0,VE0
etag
"ce2e51f827a9c69b429e35b7c8f6649d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 2
9b016b37b373d2c5ace656007286d808.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9b016b37b373d2c5ace656007286d808.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8385b7b115dd9fbde5c38f1360f89433d58c7c8f77cdc04f47ef1aa06f23ae12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9b016b37b373d2c5ace656007286d808.png
age
2134909
edge-cache-tag
617432193339658094146871219776323875287,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
617432193339658094146871219776323875287,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
98
req-referer
https://alltagtipps.de/
content-length
8326
x-request-id
64f7760e669d8f5c1123ee4881ea30d3
x-served-by
cache-iad-kiad7000040-IAD, cache-iad-kjyo7100149-IAD, cache-lga21950-LGA, cache-iad-kjyo7100132-IAD, cache-fra-etou8220108-FRA
last-modified
Wed, 22 Nov 2023 16:39:20 GMT
server
nginx
surrogate-reporting
width=600,height=333,bytes=15240,owidth=600,oheight=400,obytes=340603
x-timer
S1704608785.858187,VS0,VE0
etag
"659213001d79f4176c4ab68a2461d8a9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 6
fe24e8629e290ce9b3d6ac72a28e8f6b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe24e8629e290ce9b3d6ac72a28e8f6b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
67bde924c2ba91c9abf3ac879b16c36e199b36c6ebaab53ab93939adbb116944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe24e8629e290ce9b3d6ac72a28e8f6b.png
age
2051561
edge-cache-tag
435776900227622974766778611345994819325,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
435776900227622974766778611345994819325,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1137
req-referer
https://ads.taboola.com/
content-length
11196
x-request-id
57f55c6b7bf74f489c6635da94384e46
x-served-by
cache-iad-kiad7000139-IAD, cache-iad-kiad7000125-IAD, cache-lax-kwhp1940081-LAX, cache-iad-kjyo7100112-IAD, cache-fra-etou8220108-FRA
last-modified
Thu, 30 Nov 2023 17:16:00 GMT
server
nginx
surrogate-reporting
width=724,height=402,bytes=49651,owidth=724,oheight=423,obytes=436614
x-timer
S1704608785.858179,VS0,VE0
etag
"bcb71bbcd2eef15a397ee48a6b1a90cb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 4
311b9779a1e29aab87f199b929ea8ca3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/311b9779a1e29aab87f199b929ea8ca3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
08220341e23b4d8e971fbfb1c1088066557e5316733aa7ed6988097179e53aac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/311b9779a1e29aab87f199b929ea8ca3.jpg
age
1436906
edge-cache-tag
562234935572477284303829250283617372234,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
562234935572477284303829250283617372234,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
269
req-referer
https://www.t-online.de/
content-length
36962
x-request-id
a696f9ed14ae663ae917787865306458
x-served-by
cache-iad-kcgs7200076-IAD, cache-iad-kjyo7100173-IAD, cache-lga21958-LGA, cache-iad-kjyo7100142-IAD, cache-fra-etou8220108-FRA
last-modified
Thu, 21 Dec 2023 11:39:29 GMT
server
nginx
surrogate-reporting
width=1350,height=675,bytes=105534,owidth=1350,oheight=900,obytes=199819,ef=(1,13,17,23,30)
x-timer
S1704608785.868809,VS0,VE0
etag
"2058613678eb4501dabc720104f5d448"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 3
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sun, 07 Jan 2024 06:26:24 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
8994
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-etou8220108-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1704608785.858169,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
78
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
902
bridge3.609.1_en_ca.html
imasdk.googleapis.com/js/core/ Frame 1A7A 		750 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en_ca.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e7efb6ae6f9571dd815db7eee285ce5288648414d2ce024f97135625180c6af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
131749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245974
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 17:50:35 GMT
expires
Sat, 04 Jan 2025 17:50:35 GMT
last-modified
Mon, 18 Dec 2023 19:42:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 07 Jan 2024 06:26:24 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E7FD 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 05:36:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2997
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 07 Jan 2024 06:36:27 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IIqOV7lO.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 07 Jan 2024 06:26:24 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 5391 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: winnipegsun.com
URL: https://winnipegsun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
9353834
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
zesAZ9i40bVt_Uu7FAss1j9c0H8B0UVgd4hHI92HwCDEYil6j4rllw==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=728x90&pubId=4811995650&chanId=401010421&placementId=6404573011&pubCreative=138455016757&pubOrder=3265484082&cb=645629352&custom=index&custom2=1&adsafe_par&impId=adb354a2-ad25-11ee-b4f1-0aa85974baeb&adsafe_url=https%3A%2F%2Fwinnipegsun.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:9a857cea-546a-b478-3280-9253f66c9516,c:ATxvf,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-765c58974b-krmrl,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:169,mot:0,app:0,maw:0,fm:u0EIK8s+11%7C12%7C13%7C14%7C151%7C161%7C17%7C18%7C19%7C1a%7C1b*.928934%7C1b1%7C1c%7C1d,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:186,oid:ae6c1cc6-ad25-11ee-b227-3a4b66358311,v:19.8.466,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-86.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:24 GMT
server
nginx
x-server-name
app06.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
intl-messageformat.1ffa056616fa00afbfc0.js
cdn.viafoura.net/chunks/defaultVendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/defaultVendors~languages/intl-messageformat.1ffa056616fa00afbfc0.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:5000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42716b1e53a7779105575276cedc2e75677bc64e77b0a712bc0d48e2479abd98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
HO9xTEwUA9XX7mdUyeB5zFlGyaHcZJoU
content-encoding
br
via
1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
2038665
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:07:47 GMT
server
AmazonS3
etag
W/"1c693504509bdbb60c6776720954c7c1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
YGjI-QE4LCP0l9hCOOiShVu7AFK0E8v9-4iNXVL25vAf6RYCgPC5_Q==
intl-messageformat.bba378369051b3ea02d6.js
cdn.viafoura.net/chunks/languages/ 		135 B
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.bba378369051b3ea02d6.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:5000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af979786c73f4c25357e6528bb264f3dffae203ec6ff1adced8b57c3532f6d4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:44 GMT
x-amz-version-id
UzLWjcfYom6uexWyVPi6r3Nw71PzbVar
via
1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
2038660
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Thu, 14 Dec 2023 16:07:56 GMT
server
AmazonS3
etag
"41f960d448b03a594d459a897779ddf6"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
WqW2LZP2bsG8DpsCz6TDsjW2ThZPMBrpxa8o-IjD6gpRYIgChcgSFw==
en-us-base-json.22dd055f6ebc67a95f1d.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.22dd055f6ebc67a95f1d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:5000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2d2f5d052658ef5589fe450a8654dbeb88d97511ce36f21f1c3bb3b38fa3c24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:41:27 GMT
x-amz-version-id
eMLa6OOnuDbIY213u_T07FIUE3Zk08lX
content-encoding
br
via
1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
297898
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:01 GMT
server
AmazonS3
etag
W/"dfb5516fd649a383d34843bb4b99126e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
TRg_Uk4daCdzl5ks3WX8miybWWKCZ59KY0dXzLWSERnoFJrVHW9xtQ==
ping.gif
prd.jwpltx.com/v1/clienta/ 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=735013155&e=abr&n=2470400856491133&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=31LQei3c&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=1vbq7p81ghmu&i=0&id=STu5EiL5&lid=rvof4q92rc0n&lsa=read&mt=0&pbd=1&pbr=1&pgi=1hsh6v6dz0i5&ph=1&pid=IIqOV7lO&pii=0&pl=282&plc=20&pli=74f7sn1sxycd&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Home%20%7C%20Winnipeg%20Sun%20Home%20Page%20%7C%20Winnipeg%20Sun&pu=https%3A%2F%2Fwinnipegsun.com%2F&pv=8.30.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=WOKE%20WATCH%3A%20Elite%20opinion%20in%20Canada%20needs%20to%20come%20crashing%20down&tv=3.43.2&vb=1&vi=1&vl=90&wd=501&ab=1&abid=y3a4ckna4txb&apid=y3a4ckna4txb&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&flpy=USD&vpb=%7B%22pubmatic.id%22%3A%225353010%22%2C%22pubmatic.pubid%22%3A%22160305%22%2C%22pubmatic.result%22%3A0%2C%22pubmatic.code%22%3A0%2C%22pubmatic.timeForBidResponse%22%3A31%2C%22rubicon.pubid%22%3A%2214648%22%2C%22rubicon.siteId%22%3A%22505096%22%2C%22rubicon.result%22%3A0%2C%22rubicon.code%22%3A0%2C%22rubicon.timeForBidResponse%22%3A97%2C%22rubicon.zoneId%22%3A%223013920%22%2C%22indexexchange.id%22%3A%221031524%22%2C%22indexexchange.result%22%3A0%2C%22indexexchange.code%22%3A0%2C%22indexexchange.timeForBidResponse%22%3A125%7D&vto=3000&sa=1704608784968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:a400:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
tvr4KgRrQLeqDSiMIl9uiw3tff7CE2ApCD23CeVJ3n6KteljqXE6MQ==
x-cache
Miss from cloudfront
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9a857cea-546a-b478-3280-9253f66c9516&tv=%7Bc:ATxvX,pingTime:0,time:229,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:185%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:229,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:185,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B58~100%5D,as:%5B58~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u0EIK8s+11%7C12%7C13%7C14%7C151%7C161%7C17%7C18%7C19%7C1a%7C1b*.928934%7C1b1%7C1c%7C1d,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:186%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e51:f02f:11ff:9181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:25 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9a857cea-546a-b478-3280-9253f66c9516&tv=%7Bc:ATxwe,pingTime:-2,time:246,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:137,beZ:138,mfA:307,cmA:308,inA:308,inZ:310,prA:310,prZ:320,si:324,poA:324,poZ:332,cmZ:332,mfZ:332,loA:369,loZ:370,ltA:384,ltZ:384,mdA:138,mdZ:180%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:185%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:246,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:185,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B75~100%5D,as:%5B75~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u0EIK8s+11%7C12%7C13%7C14%7C151%7C161%7C17%7C18%7C19%7C1a%7C1b*.928934%7C1b1%7C1c%7C1d,idMap:1b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:186,slid:%5Bgoogle_ads_iframe_/3081/SMCO_ENUR_WSUN_EN_WEB/index_0,google_ads_iframe_/3081/SMCO_ENUR_WSUN_EN_WEB/index_0__container__,ad-1,ad__inner-1,main-content%5D,sinceFw:60,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e51:f02f:11ff:9181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:25 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Sun, 07 Jan 2024 06:26:24 GMT
cast_sender.js
www.gstatic.com/eureka/clank/120/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 16:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 07 Jan 2024 16:35:36 GMT
LoginRadiusV2.js
auth.lrcontent.com/v2/ 		211 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
x-amz-cf-pop
FRA56-C1
age
3047
cf-polished
origSize=1336927
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Mon, 04 Dec 2023 07:20:21 GMT
server
cloudflare
etag
W/"34dedade3a8f1aa4aa0db4d3bf475de7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
841a210a487c5d67-FRA
x-amz-cf-id
Wiy7pv9-5PipjGPQsFslOsOXatN9welp3t5Fm7Xcg2uH7k2HN2haRQ==
expires
Sun, 07 Jan 2024 10:26:25 GMT
ingest
i.viafoura.co/v3/winnipegsun.com/ 		67 B
392 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/winnipegsun.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.215.232.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-232-18.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://winnipegsun.com
date
Sun, 07 Jan 2024 06:26:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=2929501274548485&bg=!cnGlcT7NAAY3kmNgF5I7ADQBe5WfOAflQYDxw2VPKT8kW8G1OXgA3pfgUagJHjqU31gANTTmoLOSzcFKHAkNrXiAc9SMAgAAAK9SAAAAAmgBB5kCwH407lnudDa9J5uybrwURZtt-JNZn5xeoLbIJPVaofvHAFHLyYMdKtvSPPvF8vpBtmdiBdEOlp4vX6WpABGqajHzuP-6AnwoCsXMyP5ww1otXH-z2v6KZTJdTvcVqDi0_CbCDnesucxo6xh0v62NltrdaXDMdCxV_Fd8a0T_VHCs9yh2RvnSLkvw7tLVJ-3Z_23ztHnFhyZtXNTIWtQ9fdRMk_4im7x7l4G_zK75fKWct8mNwFbUJJvaGi6JhLdJQ18VrWQ1gYPpBHwMDxmKDmNosFP_nssxkizY0HntAmnN3o8FOH5tZ9pO6Qiae9isou_MModZCHOjddicPH8S5RHTj68XLV7tEYGinLO15HT9uUt6sRCKxMUweE3fmfmru8-04WCtf36zBJP-RBTbPXs5NzKGF77Bucy26a8mYKCqcgmpICIltzsQVxIeUxqEHhgStDNwbgO1NQKOacJLr62sF0cGCVDF2NeZ0rWDv6iIwiBSHxPij5bOP9mdYPEcBmyFrB50MUF_-CRZy1q_eOmTyk0paB0NN2PaWnk0kldldrGIkdf0WIBBLCfATKcpuZz2xP5_suxWmBfEj2ZPqjWUKhd9M2HziP1v6bvD6c2cs7PezFEJoF3JWDttKisk2L6Vue2jUc2uRDvR33fdnAeBABoJKEAugJzf6jH7IZT1THyI977v7CyUih8PUQAk-yL0w-hJXjCOXDuj-EmE_lzZtcIMj1k0zoHpxTpd46vzOAsHYVPT_rOR3hm1kGnyxlIv0PsIAE0jsCmgP6NAVdIJZN7tXbbuKlnnJPP_DLmkR__xolzEykKgd2XjeQU13ni61PGI23CAsBaGoPB8XfpcOOpaD4YSjZUzLsKBUGx1poqWouV7CQOpMadHQXpdjOjyC7mJNGr877OrIR3rxtOsEvBxJvWJ83y95GTyPW8f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
manifest-audio_eng=112002-video_eng=252460.m3u8
videos-cloudfront-usp.jwpsrv.com/659aecd0_fecf2440825bb09a0822f742695b20e4f78283eb/site/ReDAXyY4/media/STu5EiL5/version/STu5EiL5/manifest.ism/ 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/659aecd0_fecf2440825bb09a0822f742695b20e4f78283eb/site/ReDAXyY4/media/STu5EiL5/version/STu5EiL5/manifest.ism/manifest-audio_eng=112002-video_eng=252460.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:7200:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
943eb39b3a32568f7de4516bbca7468ea1dedb7035ecae46793ac120000306e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 19:19:22 GMT
via
1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
126423
x-cache
Hit from cloudfront
content-length
5569
server
Apache
etag
"usp-0796C118"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
ovM6YDL63MYIB8RXTD0Wq2WXUzEaRkQdxFVlhLOvvf7pn8xmK6hAIA==
svod-module-js.af0a0ec7f140c97a1728.js
cdn.viafoura.net/chunks/vuex_store/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.af0a0ec7f140c97a1728.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2127:5000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a633cd18a8ef38d694ec323dfd22731854e161f2ebee27b2eb9870a7df78980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:49 GMT
x-amz-version-id
oVcFYRVQ6xZnBh6.ADJboKZ1fI_ywaEX
content-encoding
gzip
via
1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
age
2038657
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:02 GMT
server
AmazonS3
etag
W/"29fcd3e8ac2266d59e9874ce666e077c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
EjdXYPgoE84kl7wsnHIJIDI7xsG8FbQxwF1K_RYssnm4I8LceWVNdg==
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://winnipegsun.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
841a210aae368ffb-FRA
date
Sun, 07 Jan 2024 06:26:25 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca8e011c30e88f7508e3aa362170192447703c3054a19d3df50335a6d9576640

Request headers

Referer
https://winnipegsun.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
cache-control
max-age=86400
cf-ray
841a210ade468ffb-FRA
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9a857cea-546a-b478-3280-9253f66c9516&tv=%7Bc:ATxxb,time:305,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:305,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:185,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B134~100%5D,as:%5B134~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u0EIK8s+11%7C12%7C13%7C14%7C151%7C161%7C17%7C18%7C19%7C1a%7C1b*.928934%7C1b1%7C1c%7C1d,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:186,sis:247%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e51:f02f:11ff:9181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:25 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
manifest-audio_eng=112002-video_eng=252460-1.ts
videos-cloudfront-usp.jwpsrv.com/659aecd0_fecf2440825bb09a0822f742695b20e4f78283eb/site/ReDAXyY4/media/STu5EiL5/version/STu5EiL5/manifest.ism/ 		165 KB
166 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/659aecd0_fecf2440825bb09a0822f742695b20e4f78283eb/site/ReDAXyY4/media/STu5EiL5/version/STu5EiL5/manifest.ism/manifest-audio_eng=112002-video_eng=252460-1.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:7200:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
6fe49d51ba3a4a525251a6e61b55f554ba48588d066498125b77622ff0ee1f2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 19:19:38 GMT
via
1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
x-usp-info1
t=1970-01-01T00:00:00Z lookahead=2
x-amz-cf-pop
PRG50-C1
age
126406
x-cache
Hit from cloudfront
content-length
168824
server
Apache
etag
"usp-6B934F16"
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
link
<manifest-audio_eng=112002-video_eng=252460-2.ts>; rel="next"
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
Dh6d4_-EfpxqC7tmxNhATbXGgNHP814pnODi5VQJSGTj9sa1TgocnA==
STu5EiL5-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/STu5EiL5-120.jpg
  • https://assets-jpcust.jwpsrv.com/strips/STu5EiL5-120.jpg
268 KB
265 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/strips/STu5EiL5-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
653828ea9a6e1142cb0c28acf47724b942f99bdc22bab0b7585a6c3969ff9af5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
579
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
271045
x-served-by
cache-iad-kcgs7200129-IAD, cache-fra-eddf8230088-FRA
last-modified
Fri, 05 Jan 2024 18:21:40 GMT
server
nginx
x-timer
S1704608785.226731,VS0,VE90
etag
"8a26eb54dced52046a9c16fdf5f1237d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1516, 1

Redirect headers

date
Sun, 07 Jan 2024 06:26:25 GMT
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/STu5EiL5-120.jpg
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
FzQ5jsPzNCILQtPaLR8ibuo_nxkzxuTI327MM7wcOOWVccHCMm4o8Q==
3e572061-e297-4d13-9571-13497e3e7b2f
https://winnipegsun.com/ 		366 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://winnipegsun.com/3e572061-e297-4d13-9571-13497e3e7b2f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
943030a2bb4a69de7b031fefa25844e7cfd27154a2ba1f4b05d180a55273ab21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
374591
Content-Type
text/javascript
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://winnipegsun.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:26:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://winnipegsun.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://winnipegsun.com
Connection
keep-alive
Date
Sun, 07 Jan 2024 06:26:25 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
manifest-audio_eng=112002-video_eng=523841.m3u8
videos-cloudfront-usp.jwpsrv.com/659aecd0_fecf2440825bb09a0822f742695b20e4f78283eb/site/ReDAXyY4/media/STu5EiL5/version/STu5EiL5/manifest.ism/ 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/659aecd0_fecf2440825bb09a0822f742695b20e4f78283eb/site/ReDAXyY4/media/STu5EiL5/version/STu5EiL5/manifest.ism/manifest-audio_eng=112002-video_eng=523841.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:7200:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
11abeb54fb190d0409f658a6f21b75d20e5cb5d76675be8cb235a491c97bce08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 18:25:38 GMT
via
1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
129647
x-cache
Hit from cloudfront
content-length
5569
last-modified
Sun, 09 Jun 1974 07:21:45 GMT
server
Apache
etag
"usp-B154C14C"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
yHeS1dzeutRmYwVL_pSom01vnZOva8xCfFcVAnwQFScIsdd4XarG_w==
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9a857cea-546a-b478-3280-9253f66c9516&tv=%7Bc:ATxAO,pingTime:-10,time:530,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEyOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1704608785270%7C%7C70e00caf71b3587310197df721872dc0%7C%7C746ded226cc656dc46dc973a01bf1b48%7C%7C386683adb055f65be4d107a5f18e4977%7C%7C33474d0fa411cd70075383e9da29d93e%7C%7Cb860bc2d19c32e4e5de977946eb03386%7C%7Cc14002a8638f2c4a54eb76ef1976d8c2%7C%7Cf0ce9b3779544745fdbc910f441e473f%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e51:f02f:11ff:9181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:25 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
lqbjtgex-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/Iv67Shyx/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/lqbjtgex-120.jpg
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/lqbjtgex-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef37e77a3a1ab3029e8cd3c39f4e0442ee7f60beab66f35a96ecda15b4b1534e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
224
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
5358
x-served-by
cache-iad-kiad7000160-IAD, cache-fra-eddf8230088-FRA
last-modified
Fri, 05 Jan 2024 01:46:47 GMT
server
nginx
x-timer
S1704608786.508472,VS0,VE87
etag
"972658246d5f92623a19ee3f0a7c9db4"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
7, 1

Redirect headers

date
Sun, 07 Jan 2024 06:26:25 GMT
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/lqbjtgex-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
bd1-smuaiyHl5Wvpu07A7JULvmnD09kA1_MqzlP1KLHtGiCjkA3BXw==
cx-overlay.js
tags.catapultx.com/cxo/ 		127 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/cx-overlay.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/cx-bootstrapper-init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9fba1b0797e04bb4e94dffcf9068f89e75b4fa5569dc9efcb5aa72275435457b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
150
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZriGms1J4rRtb6MHmLAp1fCRDGl8kW7FuZncyprNwCe%2B%2FU2CRpIi5cz69ek8MF0gr65XLz7SP0pyH%2FgGIlDeDTLKEll41Kzc1yojUVLAJpekfJaiZ%2FBc%2BYNZ8Wy2RqAnfQIczbrnzPq2Zgt%2F3SRtuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841a210cf8b319b1-FRA
p-fc3a8e1a.system.js
tags.catapultx.com/cxo/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/p-fc3a8e1a.system.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/cx-overlay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3e72ffa59a0684c988173f4ea0d75435f8ff50995c92974aa316288efe96a539

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
149
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwW4rhsjqR3l3%2BNpfZGJ%2BmEIHY295pnDGwyNSJGfYN9RSx%2F8SGTgDiP0nTjiDuP3Qm5G8NejyT4hHHBwgPl1BsRAOkt50T7RfofhvSzqKdTMRCM4rbrSmQs08XtSmK2P6BDDjDV3aL1ZU2bkooTYKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841a210d38da19b1-FRA
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 08 Jan 2024 06:26:25 GMT
p-31c577a7.system.js
tags.catapultx.com/cxo/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/p-31c577a7.system.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/cx-overlay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a87dab54792ca3697212f10ca3a1504a38c2c6d609612d0e3954824d2726a172

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
149
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3678qHyh79I6e0NgfftWGaPXu6Or4Estog30Ar7GnPUqave%2FSMs3LCkHZ9MbyeTLo%2Bzffb7pPzA9cfho1bh37rZY6GYVEJ72WLdyg8WiNCSn4ss0UuXN2POwjUIYLt8spFyGyEg6iyrQ%2BO7jQCNJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841a210d68ee19b1-FRA
p-cb52e3b0.system.entry.js
tags.catapultx.com/cxo/ 		553 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/cx-overlay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4da325f33603cea1c0fb888724333710a30f485bd6bacd5bb5c3cf094c1048f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:55:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
123
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWr8Yl23F%2B4r0USUouSNtvZck5TRP7vrFrRkqbsxEwfNafmwd9maachbmktvuBsGCgaV3rNPmcC8cry3fzeP1uMZdJsupVvwk6fBjkKZbPs5wCggTRQivfH6tQaSrz1ZU0H5%2ByRqHbb%2FmHicfRqtig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841a210d88ff19b1-FRA
syncframe
gum.criteo.com/ Frame C3D0 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=winnipegsun.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 06:26:25 GMT
server
Kestrel
server-processing-duration-in-ticks
341491
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 08 Jan 2024 06:26:25 GMT
player-event
events.qortex.ai/api/v1/ 		0
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVxrnHYETA%2Fu0gWn5EnY4RvZ28Gni331TnE9pAgorLU3%2FgL%2FO37Nm8i3nuj0V8Fb8rSnSxbTmLV%2B30ygRd5F6UjyEHKN%2FG9r6Xqj93PR2ZAuq3yWiv0p4HM5HAVLwLXR2dyvrMADfinwH1Xi04I%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841a210ea8a41911-FRA
content-length
0
winnipegsun.com
demand.qortex.ai/api/v1/group/configs/mWG1MKwnUqyMj5mnvTfg/ 		19 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/group/configs/mWG1MKwnUqyMj5mnvTfg/winnipegsun.com
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57668c87735cf9673eaad2759e78e2348dc7801ce0d3cdabc3f367d0cd8953ae

Request headers

Accept
application/json, text/plain, */*
Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Erc6CZpq5CXyJ2aZ5ReYo1MXSoi1qPSTlrgWu8%2BqNk%2Fnh%2FqaPwOA%2F35daydNQ7kTCMYj3YnLvPFhSwPYWZ9jStMkV2aKltpIkh27g1y2sEboW6j3ZW3EedBdMgO91VfNEAQT0m%2FkVUBOfNJySE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
841a210df85e1911-FRA
player-event
events.qortex.ai/api/v1/ 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPjnnThzhonK2euh4aoVFS6LI6LiDr6PkSD5bbSNO1OJ%2BAvCOmCVP3JdUeNK0Dn8RlCjpqgtbiDXcKpIdxiN1YGgrIJEt58iMmx0dZxIF0S1nJ4aOXhWZ898xL6G3c%2F9pd4CwewEf0crRstcrnE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841a210ea8a61911-FRA
content-length
0
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
841a210df85c1911-FRA
date
Sun, 07 Jan 2024 06:26:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFHcqpw4fYBo9oOU5vaKZJO%2FLb74DHHuzg5PiOTwf8JPu5yex16A8%2BKqIUjx3LT435GyJ5qBcbA6dwpUJHl6cQkfmV9mHqJZzaFi1ix0TEjKJlQF1Ynu1NpyN9eoSiyrGpyj%2F5VL34Dt5x6anxk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
841a210e08601911-FRA
date
Sun, 07 Jan 2024 06:26:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNkqzML8dJ5Cj2mptFx1V%2BbKTXMQzZ4xMuoJ6FZpdSuhVFE97HLSIEQuGYkpMj4qBQnjF01waazph%2Bpxhbu57rqKymXxdNwsC0dwMzazLIHjwWoikUDppQOXznxBSPOli8DHN8ivsrxS8YMguCA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
sid
mug.criteo.com/ Frame C3D0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=winnipegsun.com&sn=ChromeSyncframe&so=0&topUrl=winnipegsun.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=d34ul3xtelN3SmJ6eHI4MldDT214NUNkM3JZMXdHYXJlQUZaRElJREdmNU12aHVhcG1kSnM4YkQvTldaR1JKVUNFa3FxeERFWFNHS0RYTVZQK05icHp3aHNaa2VReGw1WjVBS2psdGFveDM2ajhCMkE1QUVJVjI1UjFpWV...
438 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=d34ul3xtelN3SmJ6eHI4MldDT214NUNkM3JZMXdHYXJlQUZaRElJREdmNU12aHVhcG1kSnM4YkQvTldaR1JKVUNFa3FxeERFWFNHS0RYTVZQK05icHp3aHNaa2VReGw1WjVBS2psdGFveDM2ajhCMkE1QUVJVjI1UjFpWVJZNmhnZ3o2V1k4ME9sQjBYbm1JVjlJMkNOb3hNb0VuVkxmb1FEd25kOHZEQy9sSlg3QlB3aGVmaDEwV29wTGZUSTRQQVg1WlpSdjJGNEUxZHNGTjJqWmpaYUxpdEtVYTBvUFB6aVpObXdVUlhqV3d3ekpwQUowSlRLKzFqSUU3SlZodVpvMzFWcVhIR3k2UEJoSU9CeUNQZjFBaWRNb0dObXg1Y3FyVlZmNENFWVRTZWlEdz18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0e1c97d3798201e2701e41c3d32e46b7a94cdf1fc3e70d8ad496326e20fa966a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1566232
expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=d34ul3xtelN3SmJ6eHI4MldDT214NUNkM3JZMXdHYXJlQUZaRElJREdmNU12aHVhcG1kSnM4YkQvTldaR1JKVUNFa3FxeERFWFNHS0RYTVZQK05icHp3aHNaa2VReGw1WjVBS2psdGFveDM2ajhCMkE1QUVJVjI1UjFpWVJZNmhnZ3o2V1k4ME9sQjBYbm1JVjlJMkNOb3hNb0VuVkxmb1FEd25kOHZEQy9sSlg3QlB3aGVmaDEwV29wTGZUSTRQQVg1WlpSdjJGNEUxZHNGTjJqWmpaYUxpdEtVYTBvUFB6aVpObXdVUlhqV3d3ekpwQUowSlRLKzFqSUU3SlZodVpvMzFWcVhIR3k2UEJoSU9CeUNQZjFBaWRNb0dObXg1Y3FyVlZmNENFWVRTZWlEdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
304172
content-length
0
expires
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Sun, 07 Jan 2024 06:26:25 GMT
x-amz-request-id
9T8G4R1J257WC6ZV
age
933
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by
cache-fra-etou8220108-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1704608786.755543,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
26
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
3045
/
pips.taboola.com/ 		4 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220035-FRA
date
Sun, 07 Jan 2024 06:26:25 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://winnipegsun.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=846f3d71-dcdb-443c-aa57-faee8c51737e-tuctc93c98f&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 06:26:26 GMT
cache-control
no-store
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame D9E7 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHINAadbhxXOjGva-ZYEWDHEnu2R-pirrfwcrABumtLUEpAIQamGbqfcH7EbMJufy6hpO8yQ42ZJsL554kaoIVnVoDtfNf7wSSBIPoVWKMWENQZVlPhlNxYoFqfG18b5tMacZ3wzm_-Xb0Wv32pcQxcA&sig=Cg0ArKJSzFfqQAvHl-cREAE&id=lidar2&mcvt=1000&p=109,436,199,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1150761611&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704608784597&rpt=189&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
841a210f48f41911-FRA
date
Sun, 07 Jan 2024 06:26:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjBn4HU1WxpjlsYWKjOyb8lEzoVdEaIggadaMQP5Al7mIBWenR7Mboe51ucA9Sn98R0r6tf9jmAy0WJdhll8yRPNvoBujs%2FCgFv4MmuQ6iRjEJ8kkDHpjf9nzkBRaQh%2FYcyRvsVoKv%2Fn38FOJXs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161089/5500/ 		212 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161089/5500/pwt.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4dcf78b31f69c1674cb5a75cd5fd5744538b50eaf34076396d9cf54acebee6e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:43:34 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=39671
accept-ranges
bytes
content-length
65407
expires
Sun, 07 Jan 2024 17:27:36 GMT
player-event
events.qortex.ai/api/v1/ 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llJ%2Bzo%2F%2Frh9MrKtKvNRw4%2B1Pp8MueCZ0WA7t%2BSoWEUgrIT9iyiN1wOSYgF%2BZ1G6cXczsbPQtGZdVSClf3w2ZYjxePND1xvnu6phv7M5dGdAqEuQbeOpEWbNVBOoZ28eF5a70XF99cB0Q9F7a5Wc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841a210ff95f1911-FRA
content-length
0
user-sync
sync.adkernel.com/ Frame 5F3C 		0
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=202263&r=https%3A%2F%2Fdemand.qortex.ai%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwinnipegsun.com%7C%7BUID%7D
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sun, 07 Jan 2024 06:26:25 GMT
Server
nginx
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
841a210f59001911-FRA
date
Sun, 07 Jan 2024 06:26:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOHjio786wOuDtz9h%2BcEnRHtwfjC3v%2F%2FiYOa9MK%2Bp26xjgcOu6nQFqwR20cvuwjfTQbe2lcQ%2BeIhFH2pkBC7jr4C%2F%2FTUOqKD7uda8tt%2B4QJtVaj%2BdRrEgUChL%2BvODbgVK30hrjj4K3EqS%2BkYhK8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meLz3453b67wmtCTz7bKuAQSD01ZILCcgFc7ccojHhhlP2knBHQnEdlgiWP5D%2Fjxq2g%2FeClwOsB4zf2A%2FvNK62%2FH0spViyeWgziUD8mCez72VbzNm1a2NtKX2A3NQTM7qOhFQDem4qHLnowUTxQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841a210ff9651911-FRA
content-length
0
ingest.php
events.newsroom.bi/ 		50 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.93 Sartrouville, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy05.cl11.ovh.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Jan 2024 06:26:25 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
e0a4db8779dc244a772e.js
sdk.mrf.io/statics/ 		50 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/e0a4db8779dc244a772e.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c615104d3516e49abe78a9102737c6aa04056c6a8090e5746a38921d3b3811ab

Request headers

Referer
https://winnipegsun.com/
Origin
https://winnipegsun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:26 GMT
content-encoding
gzip
via
1.1 e3572bc2867545c7e2bf0953e1795990.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
LHR61-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
78
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 22 Dec 2023 09:40:45 GMT
server
cloudflare
etag
W/"44ac276b251e58c5c7f65bad76e76963"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
841a210fed7ba06c-SIN
x-amz-cf-id
34U0OA6kzrAUBGiazpPXb_aSFjgShdHjNwrNyRSXaq0K4_loom2DWw==
dw-check.html
experiences.mrf.io/marfeelpass/statics/ Frame F4E8 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
287099
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400, s-maxage=2592000
cf-cache-status
HIT
cf-ray
841a2112cfd45c31-SIN
content-encoding
gzip
content-type
text/html
date
Sun, 07 Jan 2024 06:26:26 GMT
last-modified
Thu, 23 Nov 2023 12:08:24 GMT
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-envoy-upstream-service-time
2
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2D82 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=115939
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 07 Jan 2024 06:26:25 GMT
expires
Mon, 08 Jan 2024 14:38:44 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 373A 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Jan 2024 06:26:25 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame AF32 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
265
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
841a21108e994d54-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 07 Jan 2024 06:26:26 GMT
expires
Sun, 07 Jan 2024 10:26:26 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9a857cea-546a-b478-3280-9253f66c9516&tv=%7Bc:ATxMu,pingTime:1,time:1254,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:185%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1254,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:185,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1083~100%5D,as:%5B1083~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:523,fm:u0EIK8s+11%7C12%7C13%7C14%7C151%7C161%7C17%7C18%7C19%7C1a%7C1b*.928934%7C1b1%7C1c%7C1d,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:186,sis:247%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e51:f02f:11ff:9181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:26 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9a857cea-546a-b478-3280-9253f66c9516&tv=%7Bc:ATxMu,pingTime:1,time:1254,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:185%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1254,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:185,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1083~100%5D,as:%5B1083~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:523,fm:u0EIK8s+11%7C12%7C13%7C14%7C151%7C161%7C17%7C18%7C19%7C1a%7C1b*.928934%7C1b1%7C1c%7C1d,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:186,sis:247,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e51:f02f:11ff:9181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:26 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9a857cea-546a-b478-3280-9253f66c9516&tv=%7Bc:ATxMu,pingTime:1,time:1254,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:185%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1254,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:185,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1083~100%5D,as:%5B1083~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:523,fm:u0EIK8s+11%7C12%7C13%7C14%7C151%7C161%7C17%7C18%7C19%7C1a%7C1b*.928934%7C1b1%7C1c%7C1d,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:186,sis:247,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e51:f02f:11ff:9181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:26 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usync.js
eus.rubiconproject.com/ Frame 373A 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
094400fb43c70285180192f21c9f677821824153b56f4d886169102c35ecb443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:26:26 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Jan 2024 22:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56419
Connection
keep-alive
Content-Length
13174
Expires
Sun, 07 Jan 2024 22:06:45 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2D82 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6927295&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:26 GMT
content-length
0
khaos.json
token.rubiconproject.com/ Frame 373A 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
usermatch
ssum-sec.casalemedia.com/ Frame 885E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9553b4e8db5791a2f32c943e1f76a47002861284b1f8b2a8f2cb8cb04ae0cb99

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
841a2110cb314d79-FRA
content-encoding
br
content-type
text/html
date
Sun, 07 Jan 2024 06:26:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUtCtgM6ZOtWlL0cW4i%2FyK1RHFG8PrZef%2Bso3Z6XME1KDDMo%2Fbkm4tk84XfqrGeSOgKWvv6wBCHvOH%2BeKL3BlxzYBPySinNuuQ2AOjjnCpMhaSTsxmwSRCrXWquIrPWvSPpskS7x4OXpyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
841a2110afc935fe-FRA
content-length
0
date
Sun, 07 Jan 2024 06:26:26 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5er3oQL2Zchd%2BK26%2FvCTfVTSzaR4nMsmYQXBHo9LnkAdA4h5xkFvhBe9DrOK0HvDekd754Ub91864pYSl1IX2LJrWO0AbPmkty%2Bdqz0l6C0pS2qXZXA0d1g0JwQfXe5drYijOc3hEuxBw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
501709.gif
idsync.rlcdn.com/ Frame 885E
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZpEEgic-eONetSKbJENWgAA%263355&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZpEEgic-eONetSKbJENWgAA%263355&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=e7ce200d7da24c20a9349c3bf6bcfada
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e7ce200d-7da2-4c20-a934-9c3bf6bcfada
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=df621624-649e-411c-adfe-b13a1e92b5e4%3A1704608786.648362&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Ddf621624-649e-411c-adfe-b13a1e92...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831972779480&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Ddf621624-649e-411c-ad...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=df621624-649e-411c-adfe-b13a1e92b5e4%3A1704608786.648362&_=1704608786.6513498
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=df621624-649e-411c-adfe-b13a1e92b5e4%3A1704608786.648362&_=1704608786.6513498
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Sun, 07 Jan 2024 06:26:26 GMT
via
1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
PRG50-C1
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=df621624-649e-411c-adfe-b13a1e92b5e4%3A1704608786.648362&_=1704608786.6513498
content-length
445
x-amz-cf-id
0T7pCePpsrwOb-5aSsoYi1NjCIhKXn-m3_PpCg_Q3UqOrBHAlzHEZg==
crum
dsum-sec.casalemedia.com/ Frame 885E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZpEEgic-eONetSKbJENWgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKVXrqHLjPGnsd__w4M16PA&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKVXrqHLjPGnsd__w4M16PA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGDCd%2BjntRV16ZjkJT2R8iWqalsKA3s20ylQJRBIH%2Blep9ghBfPR1bL1Xp91MI%2FHRERv9tzlFTEcQSStqyzfWMui3x5w2Cl5LEkwm4milM8em9FqSC5YjtPRnhmGx9UMGJObXqpuQD2RXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841a21117b7f4d79-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKVXrqHLjPGnsd__w4M16PA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 885E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 885E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZpEEgic_eONetSKbJENWgAADRsAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZpEEgic_eONetSKbJENWgAADRsAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZpEEgic_eONetSKbJENWgAADRsAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Jan 2024 06:26:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1K27SD2J15RM9XF78AQR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 07 Jan 2024 06:26:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RQXMB1Q7R8FHYG0J1ZAH
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZpEEgic_eONetSKbJENWgAADRsAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 885E
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433831972779480
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433831972779480
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1njMJXunU7EMP7T8SaqM3ZQWLPupHprFVvFT6GxOBpNadvqF%2BYSCbrunUoLHzKfIEfdZTQWLuMvbuYOhjlZz1v0f1GrDiVBZe6YplOwfNuP9TYM%2Fm5%2F98q8vnX9GDS6H2y5wLVKaOFd3Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841a21116b7a4d79-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433831972779480
Date
Sun, 07 Jan 2024 06:26:26 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 885E
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=98EED889713B4A26BFF68FE2347D4A34
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=98EED889713B4A26BFF68FE2347D4A34
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2Bmy2HowmvjRv21wT7aOWhh7X8oCJIQL8EA%2BgRwAg5ihBe8yFbMnToSSNpA%2FUkRdlAtuG9RoDLUeqZzUxqSBg0szh5CH2w%2FiHkILXZoDeoWkguJgXjnybHvrxAGPeLX7m5tfkkJU%2FSLwTw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841a21114b644d79-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 07 Jan 2024 06:26:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=98EED889713B4A26BFF68FE2347D4A34
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 06 Jan 2024 06:26:26 GMT
rum
dsum-sec.casalemedia.com/ Frame 885E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZZpEEgAMrvtw1wBH
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZpEEgAMrvtw1wBH&_test=ZZpEEgAMrvtw1wBH
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZpEEgAMrvtw1wBH&_test=ZZpEEgAMrvtw1wBH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BQaIEGwH5RQR%2B431Nh6dQ%2FL3OBTMS4qJjTiKqXhhTOPHda5ZsrVdgAcR3m7jdprpGUFgQQeItUwbyMLVIzj64M85jS25KZx6m1%2FIFGibae9UZLn6v8zty%2FBSSqjqldNDcWyQEV1jtxagA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841a2111cbae4d79-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-etou8220032-FRA
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704608786.202923,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZpEEgAMrvtw1wBH&_test=ZZpEEgAMrvtw1wBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 885E
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=288b093f-9c0c-46b8-88be-ef7b87da6119&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=288b093f-9c0c-46b8-88be-ef7b87da6119&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aK7Cq3S0mZaWTqyGBDgrVA%2BBGj5Lf7hNeyoCv2QvOMRJldqf6R9A9lelT%2B8qsPKvUJmODQda4gei3ZpZKIH9muFodHgg1cD8PMFqqpCtQtDtbw6pgUtpHRX%2Bmf8C5bzZztpnFc%2Bc4Bj%2FVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
841a21114b674d79-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=288b093f-9c0c-46b8-88be-ef7b87da6119&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sun, 07 Jan 2024 06:26:26 GMT
server
_
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 885E 		43 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZZpEEgic-eONetSKbJENWgAA%263355
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:26 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
15041
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
841a21110ecc4d54-FRA
content-length
43
expires
Mon, 08 Jan 2024 06:26:26 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
633116bcd431cf4975c6d018b1feac6c8dd4140f0483cc4f7dd5cc5afb65c55f

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:26 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
rfv.php
compassdata.mrf.io/ 		27 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://compassdata.mrf.io/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.92 Sartrouville, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy06.cl11.ovh.mrf.io
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryMi5O9rcBkpur8Pku

Response headers

date
Sun, 07 Jan 2024 06:26:26 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
42
multimedia.php
events.newsroom.bi/ 		12 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/e0a4db8779dc244a772e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.93 Sartrouville, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy05.cl11.ovh.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Jan 2024 06:26:26 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
sdk-runtime-config.js
buy.tinypass.com/api/v3/anon/assets/ 		266 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=RpxZ9l1H1l
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c82de4905dd2f340bd43be56a28f402e34e809a854b38d6a25874fb39f29330
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:27 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
M3kov6spEKR
wn
prod-dash-10-0-133-120
last-modified
Sun, 07 Jan 2024 01:15:03 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.010
cache-control
public, max-age=14400
cf-ray
841a21198a862be4-FRA
expires
Sun, 07 Jan 2024 10:26:27 GMT
p
sb.scorecardresearch.com/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=19&c2=10276888&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1704608788607&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20120.0.6099.129&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1704608783605&ns_ts=1704608783605&ns_ap_cfg=1110101-110-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1704608783605&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fwinnipegsun.com%2F&c8=Home%20%7C%20Winnipeg%20Sun%20Home%20Page%20%7C%20Winnipeg%20Sun&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:28 GMT
via
1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
WURi53KiFnvzpUiNpoeHFT3phQQdEy7Q62EE0CPdtBp3CxPmD_hGBg==
envelope
lexicon.33across.com/v1/ 		49 B
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0&src=pbjs&ver=8.23.0&coppa=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:28 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://winnipegsun.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
async_usersync.html
acdn.adnxs.com/dmp/ Frame F782 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 07 Jan 2024 06:26:28 GMT
ETag
"623de86a-cf34"
Expires
Mon, 08 Jan 2024 06:26:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 788D 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2012%2C2034%2C2033%2C2055%2C172%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C459%2C70%2C97%2C55%2C77%2C2023%2C2022%2C3012%2C262%2C461%2C244%2C201%2C2039%2C246%2C4%2C203%2C326%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.88.129 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0f7afe8a3a99c33052ff8f87b816b50e01acbd0d1c18d079457168bc8da4ef4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
8365
content-type
text/html; charset=UTF-8
date
Sun, 07 Jan 2024 06:26:28 GMT
expires
Tue, 09 Jan 2024 06:26:28 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 05DE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=115936
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 07 Jan 2024 06:26:28 GMT
expires
Mon, 08 Jan 2024 14:38:44 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 98ED 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
267
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
841a21228fac4d54-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 07 Jan 2024 06:26:28 GMT
expires
Sun, 07 Jan 2024 10:26:28 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 251C 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Jan 2024 06:26:28 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
postmedia-d.openx.net/w/1.0/ Frame 7042 		199 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/pd
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://winnipegsun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Sun, 07 Jan 2024 06:26:28 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.js
eus.rubiconproject.com/ Frame 251C 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
094400fb43c70285180192f21c9f677821824153b56f4d886169102c35ecb443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:26:28 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Jan 2024 22:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56417
Connection
keep-alive
Content-Length
13174
Expires
Sun, 07 Jan 2024 22:06:45 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 79D8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83db9da006a6813500cca99ad6edb2f66f8f4c32379d84ccc75cc9ecdf036659

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
841a2122bad04d79-FRA
content-encoding
br
content-type
text/html
date
Sun, 07 Jan 2024 06:26:28 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ghzMntHFlrNO1%2BNsJyUZHO7V00%2BUv0xmyR46q1UITP1nCVtOLk2EAVGgFn5IAVBc0kG1Yy8m4%2Fh%2BUYqM3kkpetiumUb47NPUc4HArPV4UqByGSGJbUaY71RMDFhN6dCoyayV9%2F%2F6%2B5QHg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame 251C 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
bounce
ib.adnxs.com/ Frame F782
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:28 GMT
an-x-request-uuid
7ef0e8f7-2215-412d-bcab-f946a2a9299a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.10.203; 80.255.10.203; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:28 GMT
an-x-request-uuid
80e460c4-2751-4052-bd19-62e9af4660fd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.10.203; 80.255.10.203; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 79D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZpEEgic_eONetSKbJENWgAADRsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENPjAIpV82zR8-Uo3xrb1xQ&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENPjAIpV82zR8-Uo3xrb1xQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjSvpXXzwiPSVFjrvHbLnChsRnVhtJGm8ikNk8QxasVGs0zlt7DpUhN%2BiYh1OBGIHC9aBq%2FDDf8MpeS3Px8EAAslvjIom0CMT92RpHPNPDBUFAlKqcy%2FgZFPtvq%2FbG2hfo%2Fya%2Bfe%2BzD0nA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841a2122fae74d79-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENPjAIpV82zR8-Uo3xrb1xQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
live_intent_sync
x.dlx.addthis.com/e/ Frame 79D8
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZpEEgic-eONetSKbJENWgAA%263355&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3264084337486377254
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=e7ce200d-7da2-4c20-a934-9c3bf6bcfada
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=e7ce200d-7da2-4c20-a934-9c3bf6bcfada&rd=Y
43 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=e7ce200d-7da2-4c20-a934-9c3bf6bcfada&rd=Y
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sun, 07 Jan 2024 06:26:29 GMT
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:29 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=e7ce200d-7da2-4c20-a934-9c3bf6bcfada&rd=Y
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:29 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Sun, 07 Jan 2024 06:26:29 GMT
crum
dsum-sec.casalemedia.com/ Frame 79D8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4783785104606883176
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4783785104606883176
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q14%2B8Ru1rpO5jnM6ECElYk7oXZsuppclonamlDgEe09zvTGezsLze3CpqzxA0ofuQ%2FIMb55%2FUgbhoh%2Fee%2B1XD0eR9n9H2IGBL11Ez3PyUf4DAhza%2Fc5fDyTlBC4WmWV1QGbtNmVQ%2FIDC4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841a2122fae54d79-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:28 GMT
an-x-request-uuid
174f3c5b-58aa-42ad-8105-7eee997d7765
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4783785104606883176
x-proxy-origin
80.255.10.203; 80.255.10.203; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZZpEEgic_eONetSKbJENWgAADRsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 79D8 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZZpEEgic_eONetSKbJENWgAADRsAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c0d2:1e6b:33e4:3d3e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 79D8
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XnCyI9mAHI10z8YOO%2FuO57mYl7EoGbYqXm8lHXGcxRvkRRdkLwbsXFQEGI88JnEiTnn0QeAs2L6%2FqiyCFQvkCOg00lUUW9PuJaw2dds%2Fs0Dr89eYffum4rXjgpAziDgRVpEM0u%2Bb5OZIIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841a21233b064d79-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Sun, 07 Jan 2024 06:26:28 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
ix
ad4m.at/ad/sim/ Frame 79D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 79D8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3950935734914934088&expiration=1705818389
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3950935734914934088&expiration=1705818389
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQwVIaRZ%2Bs9cXGm9m77%2B8fsQ1HPIfZbyxn7F%2FUwfbE6vSkmT8%2FwvbC3qrpJdpMj%2FbL44lXvMgYX37E7tHib%2FnXUb2NswRq0QGsYGkohofVr6mKF3Zo1iRauIgJM9bQLg6XUz%2B2KSF8MaLw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841a21237b1d4d79-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3950935734914934088&expiration=1705818389
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 79D8
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=2f03f508-bcd5-48b6-be23-950620713a27
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=2f03f508-bcd5-48b6-be23-950620713a27
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tk08%2FvEQXUteNacZdHeipT2TVuCnMirwP9DjVzgzwd7bSQBH%2BnqUN5Pr9qNk2g6wYummTmaWoJ08QhYbOeJLv%2F4FLdtALnpLkaCkzLsQGI8hwJSecL8YTUOkW%2B34b01lruJcbfDnFXYRA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841a21231afa4d79-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=2f03f508-bcd5-48b6-be23-950620713a27
date
Sun, 07 Jan 2024 06:26:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame 79D8 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZZpEEgic-eONetSKbJENWgAA%263355
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwinnipegsun.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:28 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
15043
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
841a2122dfdd4d54-FRA
content-length
43
expires
Mon, 08 Jan 2024 06:26:28 GMT
log
hblg.media.net/ Frame 788D 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=chlog&reqId=578860500079904561704608788955&fs=2&pid=8PRL4E7N3&cid=8CUKB9454&itype=PREBIDNone&bs=2&bi=30000&ccs=8&svr=2023122709_261&gdpr=1&csex=0&usp_status=0&usc=1&lper=100&tr=547.9918913197661
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2012%2C2034%2C2033%2C2055%2C172%2C2030%2C3020%2C251%2C233%2C2027%2C236%2C237%2C459%2C70%2C97%2C55%2C77%2C2023%2C2022%2C3012%2C262%2C461%2C244%2C201%2C2039%2C246%2C4%2C203%2C326%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:29 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 07 Jan 2024 06:26:29 GMT
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.220.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-220-0.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 07 Jan 2024 06:26:29 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.220.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-220-0.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 06:26:29 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
async_usersync
ib.adnxs.com/ Frame F782 		0
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:29 GMT
an-x-request-uuid
d4800f59-69de-44c1-8a56-423e8f6f9170
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.10.203; 80.255.10.203; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9a857cea-546a-b478-3280-9253f66c9516&tv=%7Bc:ATyOC,pingTime:5,time:5230,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:185%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5230,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:185,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5059~100%5D,as:%5B5059~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:182,fm:u0EIK8s+11%7C12%7C13%7C14%7C151%7C161%7C17%7C18%7C19%7C1a%7C1b*.928934%7C1b1%7C1c%7C1d,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:186,sis:247%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6e51:f02f:11ff:9181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winnipegsun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:30 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
player-event
events.qortex.ai/api/v1/ 		0
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://winnipegsun.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBbE0L%2BhNG73yYY%2FTjq00YweK5T6vFOkDuf8Fa2ETG51PMonCHCb1WqHC%2BWybAiNdwZ4dbI9AISSeDrHr%2BeYRjzTT2SxWvcf2UJeamk5OIBX2Ah%2FUucjN%2B9rhNNmZ5KlRsBtlZXiVjyc24ZmQes%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841a212def1d1911-FRA
content-length
0
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://winnipegsun.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
841a212d3eca1911-FRA
date
Sun, 07 Jan 2024 06:26:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmUOlvOxS8thXj%2FYmoADVOQ8KKzkadZ9BP%2Bq8mcEjrEZYwvMC7X7vFNvxpQHHXqtd%2BYdCDtur1nL7zd4NnddRInxYzE3%2BpSXWsrlvc2jtBsKhHDKYNS4T1XGjBPijYn54Gbb8rT9UyP58awaiiw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| documentPictureInPicture function| setNptTechAdblockerCookie object| script object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| jwpServices object| jwplacements object| _comscore object| _taboola object| webpackJsonpFrontEndModules object| tp object| __iasPET object| FrontEndModules object| googletag object| permutive object| apstag object| pbjs object| diagPixSentCodes object| __iasAdRefreshConfig object| ggeac object| google_tag_data object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom object| pbjsChunk object| _pbjsGlobals object| mnet function| _typeof object| TRC object| _tblConsole undefined| msg object| COMSCORE object| ns_p object| BlockAdBlock object| blockAdBlock undefined| google_measure_js_timing function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| __permutive object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| PublisherCommonId function| handleLiveTapResponse number| taboola_view_id object| ms object| webpackChunkdjango_content_services object| htmx function| __spreadArray function| CXBootstrapLoader function| identifyRootURL function| generateDebugLog function| CXBootstrapper object| Sailthru object| Criteo string| iasScores object| _33across object| ns_ object| jwDefaults object| webpackChunkjwplayer function| jwplayer string| nam object| placementData object| cmTag number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| vf object| vfQ object| _cm_wfCounters boolean| femCePnIdReadyTriggered object| dataLayer object| mParticle object| gtm_data_layer object| google_tag_manager object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle function| postscribe object| google_tag_manager_external function| onYouTubeIframeAPIReady object| Ribn boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp string| GoogleAnalyticsObject function| ga function| e function| t object| marfeel function| fbq function| _fbq object| PARSELY function| autotrack function| gtag object| mpartical object| cX function| cxCCE_callQueueExecute object| cxTest object| __connect object| gaplugins object| gaData function| _ga_originalSendHitTask object| PianoESPConfig object| ari undefined| cXJsonpCB1 object| jwpb object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_389755 function| WebVTT object| closure_lm_452729 object| __IntegralASExec object| google_image_requests object| cast object| System function| __extends function| __awaiter function| __generator function| __sc_import_cx_overlay object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| gsapVersions boolean| cxsyncadded-202263 object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass object| owpbjsChunk object| owpbjs object| PWT

85 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChgKBgiiARD1FgoGCNIBEPUWCgYIiwEQ9RY
.winnipegsun.com/ Name: pbjs_sharedId
Value: 7eb757e7-2d42-4d34-86c9-1fd7c96f0166
.winnipegsun.com/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
.winnipegsun.com/ Name: permutive-id
Value: bdf31cfe-d5bf-44e2-971f-fb29e9934a0e
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ Name: pxid
Value: d3467cac-7390-423e-94cc-6c3e5ef93814
winnipegsun.com/ Name: sailthru_pageviews
Value: 1
winnipegsun.com/ Name: __adblocker
Value: false
winnipegsun.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1704608783526,"mac":1689429980}
winnipegsun.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D846f3d71-dcdb-443c-aa57-faee8c51737e-tuctc93c98f
winnipegsun.com/ Name: sailthru_content
Value: 98e8a8ad16a7f68ee3472488d113ce85
winnipegsun.com/ Name: sailthru_visitor
Value: 7909e921-ecd3-4c7d-b378-106a3f7ae875
.rubiconproject.com/ Name: khaos
Value: LR34236W-L-I035
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1YCzcnZ+tI+eQFbWGgM44fR/rFJVNr6iLVMmsjGYmt+gFMnXFULS+MwgljsaUT6sVE/84BBg91bSYbB5SW5XQ3bEZ4ejAm8TEijy0RC4Zd8Ri5j99IjSR+
winnipegsun.com/ Name: x-id
Value: {"data":{"adLight":false,"adLightDisabled":true,"id":"gdpjuu3ikk59smjfodt04rq78rp46pwei","updated":1704608784086,"printSubscriber":false},"exp":604800000,"ts":1704608784086,"mac":-1658132784}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"adLightDisabled":true,"id":"gdpjuu3ikk59smjfodt04rq78rp46pwei","updated":1704608784086,"printSubscriber":false},"exp":604800000,"ts":1704608784090,"mac":-1658132009}
.winnipegsun.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOAWDgTgDsvPgGYRADgECOQgKwAmEAF8gA
.winnipegsun.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lr3423qp9zcbwjzh%22%7D
.winnipegsun.com/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
winnipegsun.com/ Name: __pnahc
Value: 0
.winnipegsun.com/ Name: _gcl_au
Value: 1.1.447783448.1704608784
.piano.io/ Name: __cf_bm
Value: LtOoSE4YgG8hs9AjOdqFz2HhshjyflwOWHc.YU_MTow-1704608784-1-AXxJEh9hiTZhuZg3Jruk5GJsualKLFeFfcC9eUgRLyulrGKhNYZEn+EzFfDvMHrC25rAaSFwCt4CHfRcUoMhN0Y=
.winnipegsun.com/ Name: _ga
Value: GA1.2.1979784327.1704608784
.winnipegsun.com/ Name: _gid
Value: GA1.2.579331233.1704608784
.winnipegsun.com/ Name: _gat_UA-213173459-5
Value: 1
.winnipegsun.com/ Name: _gat_UA-138335866-18
Value: 1
.winnipegsun.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://winnipegsun.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1704608784407%2C%22slts%22:0}
.winnipegsun.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=abae0300-96ee-4023-8e98-c14406e16034%22%2C%22session_count%22:1%2C%22last_session_ts%22:1704608784407}
.winnipegsun.com/ Name: __tbc
Value: %7Bkpex%7DYjksm4kH0cUmtrkB4MhYXKZ6kyDwqzeivZVNlxHdFKrLAljYNG1ZlmCUlm2OTCWM
.winnipegsun.com/ Name: __pat
Value: -18000000
.winnipegsun.com/ Name: __pvi
Value: eyJpZCI6InYtbHIzNDIzcXQ1ZXlzZjFkcCIsImRvbWFpbiI6Ii53aW5uaXBlZ3N1bi5jb20iLCJ0aW1lIjoxNzA0NjA4Nzg0NDI5fQ%3D%3D
.winnipegsun.com/ Name: xbc
Value: %7Bkpex%7DqnoYr4wTBut6QIYdUjWhot0L75sc3xCNBbAmb-h9aez_H_fdHcx2SQusJ5L0d-YNjYiXW2i22iRsuSL2JEb3RA
.winnipegsun.com/ Name: _ga_TS0LJHEWKV
Value: GS1.2.1704608784.1.0.1704608784.0.0.0
.winnipegsun.com/ Name: cX_P
Value: lr3423qp9zcbwjzh
.winnipegsun.com/ Name: _fbp
Value: fb.1.1704608784502.747281262
.cxense.com/ Name: gckp
Value: 1np1teh46tko3peccbc5pyoqj
.winnipegsun.com/ Name: cX_G
Value: cx%3A3c0d6mrscraq23d1rvoiklo22p%3A3mabxxa6i21kg
.winnipegsun.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'72d92faa-351e-4a46-d28f-d25fc445f23b'|'das':'e9aab8f0-e603-47e9-23b8-bcaa9c68c63d'|'csm':'WyItNjI4MzQ2OTc3MDQ0NTUzODAxNSJd'|'sid':'8977F3F9-8A2D-4555-2880-32A329A6C9DA'|'les':1704608784577|'ssd':1704608784203}|'l':1|'-6283469770445538015':{'fst':1704608784381|'ui':'eyIwIjoiZ2RwanV1M2lrazU5c21qZm9kdDA0cnE3OHJwNDZwd2VpIn0='}|'cu':'-6283469770445538015'}
.winnipegsun.com/ Name: __gads
Value: ID=ba0cda727937e639:T=1704608783:RT=1704608783:S=ALNI_MZ06VGOAy5fDbKF_FDEYEqAnVBHVw
.winnipegsun.com/ Name: __gpi
Value: UID=00000d3bebe25d2d:T=1704608783:RT=1704608783:S=ALNI_MbocE0T-soLM-epo0FfwnOrpwjLtA
.winnipegsun.com/ Name: _ga_72QH41ZTMR
Value: GS1.1.1704608784.1.0.1704608784.60.0.0
.winnipegsun.com/ Name: _ga_H792QCFZPV
Value: GS1.1.1704608784.1.0.1704608784.60.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUkEyYvsx7WxVByD98NFeDSFQFcB04V_Xy9Gv4Z3_8_MfvYr3xm7aAZvwuN71No
.viafoura.co/ Name: VfSess
Value: ngpbrumepg4qdp9dishbe19a04
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
winnipegsun.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
winnipegsun.com/ Name: _vfz
Value: winnipegsun%2Ecom.00000000-0000-4000-8000-e5c2592d5bfc.1704608785.1.medium=direct|source=|sharer_uuid=|terms=
.winnipegsun.com/ Name: _vfa
Value: winnipegsun%2Ecom.00000000-0000-4000-8000-e5c2592d5bfc.a45ba2f0-ae4e-4655-95be-be2f8803546f.1704608785.1704608785.1704608785.1
.winnipegsun.com/ Name: _vfb
Value: winnipegsun%2Ecom.00000000-0000-4000-8000-e5c2592d5bfc.2..1704608785....
.viafoura.co/ Name: vfDeviceId
Value: ba33da81-52f8-4608-b406-fb940de08dd5
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 70b5d815-c48f-42ce-ab83-7e299d77a7e5
.winnipegsun.com/ Name: cto_bundle
Value: qO5kvV8lMkJTSlBsQVRqMCUyRkFSUjVBaEFVSjI4UyUyQkN1d3BiNiUyQndtQWp6aWVyVWhaS1RsMFhFZiUyRkU0anZnSldWQ0RTelhCY1NRZWdnRFIzSkNTTVM3OGsxS25QZllXZnJOYTRoVnMyeG1jVDI4NDJzenFnZTE3Z283b3Z6SkZOMmViY1NkREhBMndPUVpNUTBVVXVIQURDQ2Z5Z0pBJTNEJTNE
.winnipegsun.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1704608785%2C%22currentVisitStarted%22%3A1704608785%2C%22sessionId%22%3A%22f2decfe0-f045-4edd-af1f-2edb7d232178%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//winnipegsun.com/%22%2C%22referrer%22%3A%22%22%7D
.winnipegsun.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1704608785%2C%22userId%22%3A%225cabe2e7-e87a-42e3-b280-bfd07eb1d76b%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1704608785%2C%22timesVisited%22%3A1%7D
.winnipegsun.com/ Name: compass_uid
Value: 5cabe2e7-e87a-42e3-b280-bfd07eb1d76b
events.newsroom.bi/ Name: 1528_u
Value: 5cabe2e7-e87a-42e3-b280-bfd07eb1d76b
events.newsroom.bi/ Name: 1528_s
Value: f2decfe0-f045-4edd-af1f-2edb7d232178
events.newsroom.bi/ Name: 1528_lv
Value: null
events.newsroom.bi/ Name: 1528_ut
Value: 0
.casalemedia.com/ Name: CMID
Value: ZZpEEgic-eONetSKbJENWgAA
.casalemedia.com/ Name: CMPS
Value: 3355
.casalemedia.com/ Name: CMPRO
Value: 3355
.simpli.fi/ Name: suid
Value: 98EED889713B4A26BFF68FE2347D4A34
.csync.loopme.me/ Name: viewer_token
Value: 288b093f-9c0c-46b8-88be-ef7b87da6119
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNrQ0NzI3tzSxMBDiM9TNd3SsivJKykgMzXQDAJT6TkUlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNrQ0NzI3tzSxMBDiM9TNd3SsivJKykgMzXQDAJT6TkUlAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZZpEEgAMrvtw1wBH
.liadm.com/ Name: lidid
Value: e7ce200d-7da2-4c20-a934-9c3bf6bcfada
.amazon-adsystem.com/ Name: ad-id
Value: AwE3PUFV3UKxnGeXOFVKNsw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.rezync.com/ Name: zync-uuid
Value: df621624-649e-411c-adfe-b13a1e92b5e4:1704608786.648362
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtobmBiZmBhbmFmaGw2SdgsJc3MyNDMyETXzMQyVdfE0DBZNzElLVU3ydA40TDV0ijJNNXECqFJz8zEwtjMaJYwkkHmxhaL0PgAydyBzmkAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXByxWAIAwEwIvtxMeGdQl2wycUYuXOfJf2kUNOE3sagWVjn7SJOpDd55N80QpVooVuMar8B_oLa3Y5AAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOgyAMANC79FsWCrUFLmNQakI22SLuZ8a7z8-XvBOmj-5bbtoOSMf-1QGWV73VIZ3Q62_TJyQY0Qp5HzxGcSKRgoVrgK6913ebarlPWdkhOzJMUQ0hLiaXVc2MPqNGN49KCcUS2yCBH0zBs4PrD4-JJZ8.ZZpEEg.gxUTCDiomPEvFMnWPfogXkj-lpE
.adnxs.com/ Name: XANDR_PANID
Value: _A679kcRVJ-H4raFBbYd6OuUV__HWFXwWWa5hq5F-jvfaQsIsFPmvEIKgiQz9wVffWQMql0g0bpKZkbL40hx-imL93hAYyDRBv6oqseZ1Fs.
.adnxs.com/ Name: uuid2
Value: 4783785104606883176
.yahoo.com/ Name: A3
Value: d=AQABBBREmmUCEFEXPMYMUhRDFbH414FzffEFEgEBAQGVm2WkZQAAAAAA_eMAAA&S=AQAAAnr3gHa1FAdVRSitMlT766A
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 3950935734914934088
.turn.com/ Name: uid
Value: 3264084337486377254
.addthis.com/ Name: na_id
Value: 2024010706262900011619608734
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 659a44154b6756e8
.addthis.com/ Name: ouid
Value: 659a4415000106f993fc17a5dc2610c7449d7a5704d37f6c4787
.dlx.addthis.com/ Name: na_sc_x
Value: 1

4 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
rendering warning URL: https://cdn.jwplayer.com/libraries/IIqOV7lO.js(Line 9)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 503)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=df621624-649e-411c-adfe-b13a1e92b5e4%3A1704608786.648362&_=1704608786.6513498
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
4572733f42e83b7bee2dd86ba051458d.safeframe.googlesyndication.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad4m.at
ads.pubmatic.com
ads.rubiconproject.com
ak.sail-horizon.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ap.lijit.com
api.fouanalytics.com
api.permutive.com
api.sail-personalize.com
api.viafoura.co
assets-jpcust.jwpsrv.com
assets.ribn.com
auth.lrcontent.com
bidder.criteo.com
btlr.sharethrough.com
buy.tinypass.com
c.amazon-adsystem.com
c1.adform.net
c2.piano.io
c2shb.pubgw.yahoo.com
cdn-ima.33across.com
cdn.adsafeprotected.com
cdn.cxense.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.parsely.com
cdn.permutive.com
cdn.taboola.com
cdn.tinypass.com
cdn.viafoura.net
cds.taboola.com
cm.g.doubleclick.net
comcluster.cxense.com
compassdata.mrf.io
config.aps.amazon-adsystem.com
config.lrcontent.com
connect.facebook.net
contextual.media.net
csync.loopme.me
d.turn.com
dcs-static.gprod.postmedia.digital
demand.qortex.ai
dsum-sec.casalemedia.com
dt.adsafeprotected.com
edge-auth.microsoft.com
entitlements.jwplayer.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
events.newsroom.bi
events.qortex.ai
experience.tinypass.com
experiences.mrf.io
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
gum.criteo.com
hblg.media.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i.viafoura.co
ib.adnxs.com
id.cxense.com
identity.mparticle.com
idsync.rlcdn.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
lexicon.33across.com
live.rezync.com
match.adsrvr.org
micro.rubiconproject.com
mug.criteo.com
onetag-geo.s-onetag.com
p.rfihub.com
p1.parsely.com
p1cluster.cxense.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.adsafeprotected.com
placement-prd.jwpltx.com
postmedia-d.openx.net
postmedia.hub.loginradius.com
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prebid.media.net
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
sdk.mrf.io
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
smartcdn.gprod.postmedia.digital
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.adkernel.com
sync.adotmob.com
tags.catapultx.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
videos-cloudfront-usp.jwpsrv.com
vidstat.taboola.com
winnipegsun.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.npttech.com
x.dlx.addthis.com
104.18.35.167
104.18.38.76
104.76.200.221
104.79.88.129
104.79.89.214
13.107.6.158
13.32.27.33
141.226.224.32
141.226.228.48
142.250.181.226
143.204.98.101
151.101.129.44
151.101.65.44
151.101.66.49
152.199.22.243
167.235.124.61
172.64.151.101
18.185.12.185
18.196.234.143
18.211.201.194
18.245.60.76
18.66.112.41
18.66.112.84
184.30.16.183
184.30.16.195
184.30.211.26
184.30.24.22
185.64.189.112
185.64.190.78
193.0.160.130
2001:4860:4802:32::36
2001:678:cb4:bbbb::13
209.54.182.161
23.37.63.179
2600:1f13:800:7780:6e51:f02f:11ff:9181
2600:1f18:44f0:4847:e5f9:63eb:8cb4:6f23
2600:9000:2127:5000:8:2ae1:d740:93a1
2600:9000:2127:7200:2:cecb:23c0:93a1
2600:9000:2127:a000:1:a3fa:7cc0:93a1
2600:9000:223e:a400:1b:6b7c:c940:93a1
2600:9000:223f:a800:8:48e:53c0:93a1
2600:9000:2250:fc00:15:2b26:f200:93a1
2602:803:c004:200::140
2606:4700:20::681a:13e
2606:4700:20::681a:bd1
2606:4700:20::681a:fe4
2606:4700:3033::6815:325a
2606:4700:3033::ac43:9fa2
2606:4700:3037::ac43:9bd7
2606:4700:4400::6812:2a4f
2606:4700:4400::ac40:9256
2606:4700::6810:5714
2606:4700::6811:7711
2606:4700::6811:c376
2606:4700::6812:4eb
2606:4700::6812:5eb
2606:4700::6812:907e
2606:4700::6812:b07e
2606:4700:e2::ac40:8714
2a00:1450:4001:802::2003
2a00:1450:4001:806::201b
2a00:1450:4001:808::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2006
2a00:1450:400c:c00::9b
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:1700:181::268b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:400::626
2a04:4e42:400::645
2a04:4e42:600::645
2a04:4e42::626
2a05:d018:d29:3605:c0d2:1e6b:33e4:3d3e
3.125.220.0
34.107.254.252
34.111.249.109
34.117.54.29
34.120.63.153
34.149.157.221
34.95.81.168
34.98.64.218
35.186.253.211
35.204.158.49
35.214.246.118
35.241.9.51
35.244.174.68
35.244.193.51
37.157.6.254
37.252.173.215
44.215.232.18
45.137.176.88
52.209.113.22
52.223.40.198
52.28.203.152
54.155.18.159
54.194.182.86
57.128.96.92
57.128.96.93
65.9.90.93
65.9.93.173
65.9.95.3
65.9.95.52
65.9.97.61
69.173.144.137
69.173.144.138
75.2.40.13
77.245.57.72
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
022fe3cbe86edc8e3027b1869cc7e3770c7f6843324f45e5fabdb1f9111ef49e
046db9e8217474f28c809ac99038ce66a7675793d8d4105042610dafa5ae6754
047a80d9edc8b66bfa4e8884099d3ac471f89b7fa1286915e1c97156041364fc
061ba4ceef55d54a157bfe2f5659e78da41231eb3396cbc5704e3a897e9aadca
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08220341e23b4d8e971fbfb1c1088066557e5316733aa7ed6988097179e53aac
094400fb43c70285180192f21c9f677821824153b56f4d886169102c35ecb443
0a633cd18a8ef38d694ec323dfd22731854e161f2ebee27b2eb9870a7df78980
0a9c47485812154ec028c7cc187dd3b208b3c7cc2423105828cd98cbdece59b5
0b3b527853be89c6cf58ed3010f4a3eef43e61bc98ce229a842c8977d2072590
0bc0805d442ae7ead864b82381c168035e8d70535e6f6acea31f4f1caf65ae58
0d8fecb99b8bb7c1400c6f452bb1c0ef5ff024eae93dabc368275ed385f33700
0e1c97d3798201e2701e41c3d32e46b7a94cdf1fc3e70d8ad496326e20fa966a
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f7afe8a3a99c33052ff8f87b816b50e01acbd0d1c18d079457168bc8da4ef4b
102879bcdf1bb8d7079cbf09cd33581139013f7a0b109c64fd2a8f9511f3cbf7
117a77eaff0bf7c2b6dfe9bc495853cd3d58966589fcd937f9cf81fababa9206
1185218883cb5ec765c3292aaaccf15869b99c089b1c938266134666608a6ba1
11abeb54fb190d0409f658a6f21b75d20e5cb5d76675be8cb235a491c97bce08
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
1540cb75cc21eb63cb96d5c7e6e231564b58f84016924c19b4d79f4d06b1199b
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5
1701c89c93077f0ea8d2bdd661d0aabae3b3899d20e434d7b46e3388695ff8a4
17ed6e35b987f1cb2d4eca7413e1911f740b4e28bd2ca7fd594c73ea5163f01f
185113239a6613ca82207e73bb41dcc84ce2274da2732f6ece828c207f2f060c
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1d4d08cb87de13ea144666615403c6c3d417abc97d5f263cf340a7121926ca96
1e11545f37f9b79411db316051568e9232e4306b7b86a1fc28195596d21a8839
1e5d4fe9acb9046e86f17789a5220fdcbbf1d60c158071577bda0bea9a0023a3
1e6494c24a33dbdd3877c44a0aeabfc32e356a8752a7877a1a4af8c08407652c
2196688d207f9a82188db611ae912978d9c8216c2b4315784871bce6d42846d8
22cc186a5b2bdc2910eb4ab7c34ae1ebe40a2f9bdf8c1a77ca3ca1946ffd4ebf
22f2060365e34c12dd716fcfb19b771866ad57259178c974deebb5fa30f31095
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
27bceb3c5b27158d518eff9fc7ae2d23bc5c93e6e410260986200f8c96cfaf33
287b8d490ac3484e0610849ab26216d2764bae2d2e9b2b6e5f8fee2110612052
28fd02f6d92075fa2f5af9243c167f60f3482e80ef1be7a2b7ad2ed04e9707ce
290da9f8b18565ea1199eb581fb2f6b68184437089d273fb198faf81cecafd82
29210ccc2fed107ca5dec3d95e53d8a126855ca6c121bbc1be6ab56b21251763
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2c82de4905dd2f340bd43be56a28f402e34e809a854b38d6a25874fb39f29330
2e260c30045f1b05617f23476acdda8b93536de9e6446b757d7334250297c489
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
30f25e81c256d0985a5bf21776bfae5456e07f49c400790a58b51cc29bc559e3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34ed8105edbfc97fbadb9a12c489607da5bb361fde365244752626ea59e3f297
3932db1047516ed9ebf3bf5e95e30cc1e9429bace40c39386908d2639985a1af
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e72ffa59a0684c988173f4ea0d75435f8ff50995c92974aa316288efe96a539
3f485a3b87ba247e6828438291e17f383e767663c51591d2e9c8d959b809c80d
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e07509e7eb5c484b9a3fc7a73cc3eeb9def2b93d7720565da09df2835609df
40eb4494f963b2f531935eb893e7c70b1bd4d8883ca07fde4edb042c4af11387
41fa01c782917e3f2c7ec4c60602f471ee628280908b71da13d4b127626ac85b
42716b1e53a7779105575276cedc2e75677bc64e77b0a712bc0d48e2479abd98
433a4668c72cce639da0ea37940a202d98e7fd025c61088b11c30ba85c4d396c
43a42702c59bc37d11cb776ffd904de25fe945c6028ef290dabfd0e977a88366
43d9254e4ef8acfb0c24b679c9ae6da14c1f626514625f303ced87691563bf57
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
446e8f9078a8ec0502f5ebea6447d30a3cb1ba842199d85897ea63307174800f
4547f04e548348861313a49cb5b980141808f5a4187f8e94fd7033617adaae9c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4744962f36d06f29d874b35b751664cdca334a6151a75420f9b8eec878051079
47836c412b04d4589b999ea5612b6be26558eebf5559c8366c50e377c49b9987
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a4768f3ed8d46a3a1ffa18b3ba862fc57b102b2e11f3ed1894db58702c6084
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac
4c1cfb7c6e2365e418e97e060ba0fa6fb277fadda1b54d156010a7edf60b1064
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4d83a83adad5bced5b4e76a9628079dccd1a7123c4b1a65aa5bb200ead7b8899
4d95533a8783c038f3e18ac83f353d337b2e928696f27e25b4fa816eb3f12d35
4da325f33603cea1c0fb888724333710a30f485bd6bacd5bb5c3cf094c1048f2
4dcf78b31f69c1674cb5a75cd5fd5744538b50eaf34076396d9cf54acebee6e4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6d60cc50b81c2ba2999bf8dc12b9715ab59b2ed94828494c015ddc8a079ffe
509847dca3152d2a08b3b2d763d70d3cdd007fba1cb253c18803ff52ad8ddc25
53074eb539662d6dd23262b633cb65fbaaacfe73306052110039e1ff3f6b5b57
531dd530899d5c89c1c766c0ca463c5e319a84044ebde699ec95b633807025a5
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57668c87735cf9673eaad2759e78e2348dc7801ce0d3cdabc3f367d0cd8953ae
58580818cd52a439b77c37f518cd45de06b3f6463d207f15d600c8821f88b48f
598b56e3c30a1aa614c82197105f3eea6128e900fac62f3fdd5390e06033912b
5a67733ba40e6a78cb31276af489b23c37ee16673db619e0f053a64420032f72
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5d09cb7ee7ca0b5197e35281a401882b36f2be6a08dc219adcad051d3111b1fe
5d410b4aea9f38a035bdc4323315891f9e798d297e3e3db8d000f6e63f54cb51
5d97df0db980380ab1384810b96b17961d95ec4b39d2acea8b6c2013881f9a6d
5e56c81f63546dd3a9210fad335b9fc5185b3ca550c2e331127088c43aa4836e
5fc86f9fe68da387978786620eae809d86ed9b29fb2f7bd1cdd79c7f02bd66cf
60421046384f50110f339191ecde034223695254e364cba941da9f3922ba8bff
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
633116bcd431cf4975c6d018b1feac6c8dd4140f0483cc4f7dd5cc5afb65c55f
64bd62679fbefcfd46fb16c93bccda65b4716fdb1714a7d0912f14601dc082e2
653828ea9a6e1142cb0c28acf47724b942f99bdc22bab0b7585a6c3969ff9af5
65505f215e9d6c8317be522c00e041b7da5b7a22e8fb8a8d7485a76b691b16f5
67bde924c2ba91c9abf3ac879b16c36e199b36c6ebaab53ab93939adbb116944
682eea5c87bf67e804007deb37d6cc3e5eb7086374828b2af3edd3f3dda92da3
6841d7c15644d3ea1f34a63596f54c7eed39540848bdca3e106ee3ba518f6382
690656a5eea4be59a32d99de9b46c809a76608a0aebc8f2bdf6ced32832ae5bd
69501ba38b0599e05100b90f1191b95a786db15c98f47a6cf2b2404f34b09330
6be53e044a8e84e3c66d8eb5d2f359feba5b32c072ef3456830f32acedb163a0
6bff84e7d1f5c524b06d6b572ca20870ec894706e6f2b96f60e4cd18f238bfb7
6d2f4051fe191229c5734100c6d00251dde89ecca3e0b672164840e622c19082
6f733263ba0d482063be46904102884233d3e14ebc2818968db52579a7bdaf83
6fd31ed27680a3dc00e1b484cb5733f47b746bf1ba34aaa2fbce86e81e04c7b5
6fe49d51ba3a4a525251a6e61b55f554ba48588d066498125b77622ff0ee1f2f
739556c57654d343bad214bd7752c37c95937c73c3aa9fdd731ec14f5f116aed
741085f06adb52932a2e7755207e77e991061730e32f22368bc4ad72893d162a
744a341ddafd3ea9fe360fb10f0bd636cb67affef8eb38ba770c09bd3c7c942b
77a6ea8b801f8c10a2d63c5b3a596116082b2b8971dbee3abcdc7a7e787c1ce0
77f014b24f1d51b9e8feb12df701a957c14c0be286d6c914975afd019d15a79a
7910353dc14ef39185d225826bbfa8715da1083a5888ada16b6c694d9d5f9f04
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79bed4bd2e5b5194e24adf9eb26a4f06ce160d3921c3a688ebc60ea85804a28d
79dee0042597950493e8956e9090ddc47c3decbfd1df6331349296d96ea51c0d
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7a2689a85b4cc1534d8192164ee975eda66817c587a595819586b847f1544a15
7c8f24757683d5fece3f8af5853e19b1432c3d9110c3f6307b1ea434807eb4c7
7cdb4ffce5d27b8a93b13f4892b44e3f7852f2492f98ef8f552695df5a83647c
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce
802be92df7b2e3bde3f91d6dd67398cf250b1b5a73b592b8232b4f53fd7d62ad
80c9671594b35dca109b7ecf4d7ca12db35663ba90b6e591fee421a3d3a6816a
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8281f7090478617d1af70528713404741a5391a534b1510e1229a19e17e1a6bb
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8385b7b115dd9fbde5c38f1360f89433d58c7c8f77cdc04f47ef1aa06f23ae12
83da54309f98d3c5f1d808775bcc76894b369896eb611f015bb9295caa3f11b7
83db9da006a6813500cca99ad6edb2f66f8f4c32379d84ccc75cc9ecdf036659
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
87097db7fe2a77cab6d89f7e2369430f3c6ffef3ea1c7ee01fe160a4c82bb4f5
87b85c256b170188318d0d8c695f43153651f18ee7a4788101b65da65ae0b85d
8923b4f2bb98765736f23c71a08a37e09f44734e5ebff0bd587f4db5ab1c9c8a
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f
8c171ad15f89084c490ea873efc59e1d1b7b78c3a6726d1489b97a0150532741
8d155ad03d6e9930caa878e380b47e792c0c0d09dcec4af546c3132c10abfe07
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e223baedd1ddb6da2598777ca1e661cc440017d1194c312d7d21e80d073ebc6
8e2772ae7e6a9b4178e20a772e489c536fdbbc5c7673facbe2aea97d45219b31
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e7efb6ae6f9571dd815db7eee285ce5288648414d2ce024f97135625180c6af
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e
91231d0c86356c523c67b8126811ce888acb4daefc72e9ce532f17b511651cb0
91bea09bb5b862f1281f09d3cb07fb229cbbbb490af1da3f537d8b3bad09dfab
943030a2bb4a69de7b031fefa25844e7cfd27154a2ba1f4b05d180a55273ab21
943eb39b3a32568f7de4516bbca7468ea1dedb7035ecae46793ac120000306e1
9553b4e8db5791a2f32c943e1f76a47002861284b1f8b2a8f2cb8cb04ae0cb99
959d0d916d267c94ec1d1bfb179a81166bbb5cb22d6a2e90ea35c4b57941cb8a
959f30df28cfb749379a835dc6a7cc6920a614cb156b9c35f1166c80d2154788
96119dffa2a1f0050bd63d37e5d21e7db9cbf492fae9c81384e4c379c06bc350
9d799961163bc310e9b528b76ced3dd459085488c92a0713ce48f2ee67c4a06b
9e8488122605c35e9ade51a7a9f3de1290d817a6bce9b424776fd14d92ef1b9c
9f85a8964e063aa66ae22e30e1e86722714e1fcca4a00ee718a34123620e98a1
9fba1b0797e04bb4e94dffcf9068f89e75b4fa5569dc9efcb5aa72275435457b
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
a075f92744836d04b6d6baea13c646a1376afa236c13827f37e52420050b3a64
a138783cc85058d9aadd75448dd2e916991744cd4553d35639ed8a8648c77c43
a1484a6b3216bdb84d79a659a0ea5497b1cbb55f0dbdb225814024585a52e4db
a211e1a514500a7677cf6057a725432ab9b3601378cfc8ee2bcb66b5843e40f6
a29ec18a5db51ce2cb84e49a132508760d642be072547ff66fbdd634ec71c8f3
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a
a4c8623fdfb46aeb974a57c767bce725a15a6cbee5bfec6baccf84e81a764ac7
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a54755664fa513c9d9525232826b221b2c0930e5f4c7c7e73ec8ec2e86e59d0b
a55c9bd8df8a2f0a4945692f997d7a8ae4cd2d77f9c131272631c4e1540f5e24
a5d38fbf37bd695ae1b1a840b854ccd1c65527be02b3beded533d21700e46ecf
a62b97875f943de76fc2c96ac608b5c9511a8f90e97fe37ec2debe3f69f5e26a
a6a936bf89e1100e04af426880bbbbcdf995f6501eb58a5e7ca3382b0ce74ac3
a80d3185331cc6e5b233f0eb70351ca79171739a05acaaedff50e8a5d0c975e9
a87dab54792ca3697212f10ca3a1504a38c2c6d609612d0e3954824d2726a172
a95739b4b93dbd173f97284d0dfc4f6618dd8e73df7c8ebadd5086dafa1c7fea
ab9c81354f2fc61fc082bbd15b0c46841de6b0029267514307333bdbd80b7177
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af979786c73f4c25357e6528bb264f3dffae203ec6ff1adced8b57c3532f6d4b
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1631a16b9a272828ad99cdb2ff9beb5ca3f1bcfe33741fc51fb9fb1e764e227
b1f7dc33dcbfa83bc6b5c174816fe3dca66f159e2dea223c83cd6b701a9414cf
b2d2f5d052658ef5589fe450a8654dbeb88d97511ce36f21f1c3bb3b38fa3c24
b3587ccc786d72c7d352e3cd589f1c34a6d5f99944560a6c2e7f6f69f0a69b9a
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b7f6e2585f4bb89f9d5c4bf0bfdf2d8637fd97a0818ca76fe281eb7229e8fbf6
ba7e0e72735ea304bac8a43e87c2da1b7ee2d6705e8548a2fde134beb08d7b48
baa1e321fd815ef7c8bec6e9daa2ef002aadb656cc27cfdf6661dfdac33e0cda
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bce9076aa5369f22d4d136a70997c5015474a65fcf6f504406cb1ac7e05d8947
bdd25e561da30f333857283f41e9864751bd9bb6925eee8632a6c2fbc806f428
bde967a30def33227519fcf15da0368d22aa14cd3f74ba20db1459cd22efe966
c024a500b6884e87cb923bdfab0b6303d5130c87bd4e00612ea410613e765faf
c0273dbb77b9f7cde21785e958eb005e95cc8a333ee11046275f926a5e9c9184
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2a7c80301032f20f90d00a75cef91a4af5a7fa04651eaac3281f66466c8e8dd
c3a1e19ae447c458c806cec0f399a8b654602801a1b68e7c0341562c22b90f7e
c615104d3516e49abe78a9102737c6aa04056c6a8090e5746a38921d3b3811ab
c69ca7e031070cda64d5e456d8cac935d264b4cf7a2c72fb8fbffd619250a0ff
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
c8b5f1882448209443d9ca23155ea3787f1ad00822e7f921150fde22082de1f9
c8ecf53e81934ae6fb502ae78b2d79bbcd0293c139111c921e748290878f0350
ca8e011c30e88f7508e3aa362170192447703c3054a19d3df50335a6d9576640
cae693444d5c4b70988da3ee41b0c3809de3f7701f474183ed8a446be6c970a5
ce2f96096b7119f81e22aa763586562cf71b1116f442da082805dfbb62d88bea
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf51d421525c079d656f1b819732424bd915777e22666d20a6b61bd9b727ac7c
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d003813c402ae4182766d136a7a45dc504ac3bff70afab6adcfd4db4af9378f1
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3e061a0e389bc8b910f18f229c015350c78aec0b08ab81ad9d110115dc0b28a
d408d97284f45bc5fdb582ca1421d27e18bb7267574562cbd72bfec9163677ed
d48838c5cb12eedc7ddecf68684fdf8a6692818d80bbfb86437d7f4e2d0ad1c6
d5aa23484da50dbf70acfa054df684250a4afef10b85aba07511058d2dc0225f
d5e0ebd25ef5b81f754f8cf66f1b12bdcb56bf14c71a0016074972caf80e185e
d71313aac5755f30eb706d80bc6f78cd9bff32f9efd3ba92c6ffdd4663b0c7ab
d9fa1c1935338f74fa45f1c573bff4103e6ff9be56e7accb16c81bcb5d6102b7
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de60ce74dc51181fe850f249ae75cc015cbf18c96b9e44f5a40e9cc56b0ba85b
e130b9e1b17b7ec22e7f07051b4627d6d7db556006980f2d33122c64ce01006e
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087
e14452f11348b20745371cd560dbe5459a47642e7d349984554fbecbd1dbc92b
e18409fef0205a95fa67c84acd948547f9d3986a809c1607e9adc0b8f3b0b746
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c5ff38a6b645121ae055d1bb18885c2f185331f58f6229443c2f031684216f
e3f16a99683ec813507fab742f11167db01a3c2ced3fdaa6f1ea859d2f9f4fe2
e6214b2559f67192d41d07d928357497936f068d2953d63646bbfe104b1d68c5
e7bd96688cbb98c39cc3c0dc22f09cbfd22d353d77b651ebc255cfaedfecdbc5
e89476c9529265ffa9f119f86b8ff3b0f18c1164057eace80557316e6cad8ce4
eaa1fe6daa6d6efa271e07a942dd6cd521cf367b0f2a1470512f43dc315ad50c
eb11737c985ffc9753fd5ad38a8682a8d0938b0bc1ecf117bbd3a318f91e35aa
eba5ac83e3afb2956ec58bbfc47d4505449858f1c6251e1ca284af00a915f47b
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec18ebaedb655fd8c94eb9c8160e218920dbe41c7059171f06c03d0dedd5010a
ecb5d10652f1498a0427ec56c8b13db66d7d62252667e2a332b4238a0ed6e4fb
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee68110f05db809ab428cf4ad590220e48aa7f9236f7bcdf5bc2548f22650164
eefc072980a2309b9fed7fbb7fb4c132dfb3e591e7a0ebd8690a4f68e847dbe1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef37e77a3a1ab3029e8cd3c39f4e0442ee7f60beab66f35a96ecda15b4b1534e
f1688008000482e04eff23c556c39035ee399825bc150c583486a4365e6056ed
f1bae7aed8994abd3673afcabec628b719e13a663ae74c3983bcb9871278f7b4
f216049229babc7f2d23a2d882c64607e118757907e7411da267a7f7c78546ff
f3626395a3596984e23ef3c2e882eee1fe93e4830f6c6b90ba9aad5028d2b6c5
f4cf6722a7876d9c95c63ae4830f70dde55c02a52f1085b07d2ec6e4442946c6
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f79d1837a7fcc0b57562cf230275f5e5d8668ae84de517af75d181af4fd419af
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f8859622b014c35916f294efc76fdb684a5681149809636416851b765d4eaf39
f955bad4911e135ef8894618754dbed63059322adf7404c619734960cce6adc0
f9d9f5036d0bd2be56f58b96153837812b097932175127c8b0261eb0ba7b58de
fa68f5aeeba6635ff9a64edec18cc97245f98ba054492c0932bf20deed31d0ef
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbed93a01c598e42100606f2f3d8f9d6a5f489924b63efcf403cac3452dc230a
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
fe17b37622e7fe2c01ce34f2cb3355a89a5e911d561c4e7eddd7feb303327336
feb2160dccd8b0345096a272f9753c529fa2f32b843400805851dc714372d9d5